Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP I keep on getting these pop up


  • This topic is locked This topic is locked
2 replies to this topic

#1 SPAT

SPAT

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:26 PM

Posted 28 July 2015 - 01:31 PM

It says a  Threat has been detected.
 
KSRsearch............
Url: Mal
 
Process: c:/Windows/Explorer.EXE
I have run Avast, Malware, CCleaner, and superspyware, nothing was found
Mod Edit:  Merged topics - Hamluis.
I keep on getting pop ups
It says a  Threat has been detected.
 
Object: http://ksrsearch.com/clk2?d=9AdPtyFVvw6EgU/rC0yPrHyvI.n2dXZyIVVbje9WvVOg.q0isxvtrOZOWv53
Infection: Url: Mal
Process: c:/Windows/Explorer.EXE
 
I have run Avast, Malware, CCleaner, and superspyware, nothing was found.
 
I have also run TDSSkiller and Farbar recovery and following are logs
 
Following is report for TDSSkiller:
 
19:51:27.0623 0x1474  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
19:51:31.0732 0x1474  ============================================================
19:51:31.0732 0x1474  Current date / time: 2015/07/28 19:51:31.0732
19:51:31.0732 0x1474  SystemInfo:
19:51:31.0732 0x1474  
19:51:31.0732 0x1474  OS Version: 6.0.6002 ServicePack: 2.0
19:51:31.0732 0x1474  Product type: Workstation
19:51:31.0732 0x1474  ComputerName: HOME-PC
19:51:31.0733 0x1474  UserName: Home
19:51:31.0733 0x1474  Windows directory: C:\Windows
19:51:31.0733 0x1474  System windows directory: C:\Windows
19:51:31.0733 0x1474  Processor architecture: Intel x86
19:51:31.0733 0x1474  Number of processors: 2
19:51:31.0733 0x1474  Page size: 0x1000
19:51:31.0733 0x1474  Boot type: Normal boot
19:51:31.0733 0x1474  ============================================================
19:51:36.0577 0x1474  KLMD registered as C:\Windows\system32\drivers\73749728.sys
19:51:37.0442 0x1474  System UUID: {F7EC0731-813A-91D3-5827-35F2F92EC3D2}
19:51:38.0869 0x1474  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:51:38.0872 0x1474  ============================================================
19:51:38.0872 0x1474  \Device\Harddisk0\DR0:
19:51:38.0872 0x1474  MBR partitions:
19:51:38.0872 0x1474  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
19:51:38.0872 0x1474  ============================================================
19:51:38.0956 0x1474  C: <-> \Device\Harddisk0\DR0\Partition1
19:51:38.0957 0x1474  ============================================================
19:51:38.0957 0x1474  Initialize success
19:51:38.0957 0x1474  ============================================================
19:51:48.0745 0x0f58  ============================================================
19:51:48.0746 0x0f58  Scan started
19:51:48.0746 0x0f58  Mode: Manual; SigCheck; TDLFS; 
19:51:48.0746 0x0f58  ============================================================
19:51:48.0746 0x0f58  KSN ping started
19:51:51.0335 0x0f58  KSN ping finished: true
19:51:52.0831 0x0f58  ================ Scan system memory ========================
19:51:52.0832 0x0f58  System memory - ok
19:51:52.0834 0x0f58  ================ Scan services =============================
19:51:52.0892 0x0f58  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:51:53.0103 0x0f58  !SASCORE - ok
19:51:53.0295 0x0f58  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
19:51:53.0331 0x0f58  ACPI - ok
19:51:53.0405 0x0f58  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:51:53.0426 0x0f58  AdobeARMservice - ok
19:51:53.0477 0x0f58  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:51:53.0504 0x0f58  AdobeFlashPlayerUpdateSvc - ok
19:51:53.0543 0x0f58  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:51:53.0589 0x0f58  adp94xx - ok
19:51:53.0619 0x0f58  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:51:53.0653 0x0f58  adpahci - ok
19:51:53.0695 0x0f58  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
19:51:53.0720 0x0f58  adpu160m - ok
19:51:53.0740 0x0f58  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:51:53.0768 0x0f58  adpu320 - ok
19:51:53.0816 0x0f58  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:51:54.0085 0x0f58  AeLookupSvc - ok
19:51:54.0146 0x0f58  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
19:51:54.0216 0x0f58  AFD - ok
19:51:54.0305 0x0f58  [ 5D97943C128ED756D1B0A08302C1B1F8, BE7C390B12EB38B0174C55F5459ECA44DC0521277475EF8E6C59E0DE407096EA ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
19:51:54.0470 0x0f58  AgereSoftModem - ok
19:51:54.0518 0x0f58  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:51:54.0541 0x0f58  agp440 - ok
19:51:54.0587 0x0f58  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
19:51:54.0609 0x0f58  aic78xx - ok
19:51:54.0625 0x0f58  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
19:51:54.0697 0x0f58  ALG - ok
19:51:54.0729 0x0f58  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
19:51:54.0750 0x0f58  aliide - ok
19:51:54.0769 0x0f58  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:51:54.0793 0x0f58  amdagp - ok
19:51:54.0811 0x0f58  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
19:51:54.0832 0x0f58  amdide - ok
19:51:54.0854 0x0f58  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
19:51:54.0945 0x0f58  AmdK7 - ok
19:51:54.0974 0x0f58  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:51:55.0020 0x0f58  AmdK8 - ok
19:51:55.0066 0x0f58  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
19:51:55.0107 0x0f58  Appinfo - ok
19:51:55.0183 0x0f58  [ D2B87FC03BE28CD0B33C2B5C1119FD8E, 97EB74CB7F62C0D06D45CB250E3A90657A0F107C2FC20738FF6B2C87B0240080 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:51:55.0204 0x0f58  Apple Mobile Device - ok
19:51:55.0257 0x0f58  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
19:51:55.0282 0x0f58  arc - ok
19:51:55.0294 0x0f58  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:51:55.0320 0x0f58  arcsas - ok
19:51:55.0431 0x0f58  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:51:55.0459 0x0f58  aspnet_state - ok
19:51:55.0490 0x0f58  [ CED1D37BD8E8AFDBB2DD03650C91A626, 81808C6A4862C59F2EA01BF4AC22FE4B45D5BE7C8B3770E4223CFA1859DF1833 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
19:51:55.0521 0x0f58  aswHwid - ok
19:51:55.0547 0x0f58  [ 9663B8EE07EFFA105E6A326F3F748B0B, AA8611AD3F1E953A07ED8D0FC5CC3E5A4B7BF6DC47AEEF52C9010815BC9CB941 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:51:55.0570 0x0f58  aswMonFlt - ok
19:51:55.0603 0x0f58  [ 51559FF521E62A9EF3049F5AADF14152, A09D832BBC80EEE28BD82912FD936B4C3E55087EC572E2001DEB987816B06C52 ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
19:51:55.0624 0x0f58  aswRdr - ok
19:51:55.0660 0x0f58  [ 5DE9634CF67CB34085C84BB5E52C129C, D13D57FB9027FF49BE2E581C1CFEED1DBF0DC600D319E90881852F88D6DC4D1E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:51:55.0680 0x0f58  aswRvrt - ok
19:51:55.0740 0x0f58  [ B3FACD144D816F2D64FD0AB2239509AC, AF314206F65E0040EDEDE4B21699B966CC6C8B22E03E90D698928231DC39D34A ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:51:55.0803 0x0f58  aswSnx - ok
19:51:55.0884 0x0f58  [ E375052C5BC009245CD8DF6B52CC57C2, 02C9CCC31124CAEC3C34B6DAB504A79E0243FEB72F59F68CB3BB9568F7202FFB ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:51:55.0925 0x0f58  aswSP - ok
19:51:55.0972 0x0f58  [ DE0997DD26D6990AE86B1474CE33E686, 39FC9E32436FB27FA8F787D7F26669D45A0121B5BAC40BBF8A8D21155ACEC5E6 ] aswStmXP        C:\Windows\system32\drivers\aswStmXP.sys
19:51:55.0998 0x0f58  aswStmXP - ok
19:51:56.0040 0x0f58  [ FFAA05876DA940A9C8F1C2468D61A739, 204852CF60F73C5B0187AC94B76010C54CB98E7F91D1466CED986A2EDC637956 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
19:51:56.0062 0x0f58  aswTdi - ok
19:51:56.0100 0x0f58  [ 24AA84A4F7694FD5C69FE1344D33A0F4, DFE207336D36E82F833F7A84D7CC28ECF3BB5D52AB572C821F3CA3170D07B86F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:51:56.0129 0x0f58  aswVmm - ok
19:51:56.0169 0x0f58  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:51:56.0227 0x0f58  AsyncMac - ok
19:51:56.0245 0x0f58  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
19:51:56.0269 0x0f58  atapi - ok
19:51:56.0333 0x0f58  [ 86FB6B8DDBCB6E025CE8A90F77AF1FF1, BA0D5BCABD354D86AEE228C9135E643D5DBB4F538BAF4BA4CEEE2D5504BD0D34 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
19:51:56.0400 0x0f58  Ati External Event Utility - ok
19:51:56.0600 0x0f58  [ A23EFB72057FED7128EB558866055FDF, 22B75605C359D84F982AF583C552A849F332B06025BE9DC7DC1118CC23E67821 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:51:56.0936 0x0f58  atikmdag - ok
19:51:57.0007 0x0f58  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:51:57.0070 0x0f58  AudioEndpointBuilder - ok
19:51:57.0089 0x0f58  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:51:57.0126 0x0f58  Audiosrv - ok
19:51:57.0219 0x0f58  [ A97E144E84A665B22AE6E6A93E4DD465, 888D702B9B9E6C446AD7499571DAEAB072BEF141FF3300E74C6E538FA312BDCD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:51:57.0247 0x0f58  avast! Antivirus - ok
19:51:57.0573 0x0f58  [ A4C778C47836C9786C6A648C828DFF2B, 85E070A4C6B4D84EEE5600BA71C9A5E8C051A85033A34BBB5FB1BB56E601E93C ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
19:51:58.0512 0x0f58  AvastVBoxSvc - ok
19:51:58.0576 0x0f58  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:51:58.0646 0x0f58  Beep - ok
19:51:58.0821 0x0f58  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
19:51:58.0888 0x0f58  BFE - ok
19:51:59.0276 0x0f58  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
19:51:59.0384 0x0f58  BITS - ok
19:51:59.0437 0x0f58  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
19:51:59.0532 0x0f58  blbdrive - ok
19:51:59.0685 0x0f58  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:51:59.0723 0x0f58  Bonjour Service - ok
19:51:59.0768 0x0f58  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:51:59.0850 0x0f58  bowser - ok
19:51:59.0892 0x0f58  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
19:51:59.0970 0x0f58  BrFiltLo - ok
19:52:00.0007 0x0f58  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
19:52:00.0111 0x0f58  BrFiltUp - ok
19:52:00.0203 0x0f58  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
19:52:00.0306 0x0f58  Browser - ok
19:52:00.0352 0x0f58  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
19:52:00.0502 0x0f58  Brserid - ok
19:52:00.0567 0x0f58  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
19:52:00.0681 0x0f58  BrSerWdm - ok
19:52:00.0714 0x0f58  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
19:52:00.0803 0x0f58  BrUsbMdm - ok
19:52:00.0812 0x0f58  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
19:52:00.0913 0x0f58  BrUsbSer - ok
19:52:00.0954 0x0f58  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:52:01.0027 0x0f58  BTHMODEM - ok
19:52:01.0066 0x0f58  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:52:01.0127 0x0f58  cdfs - ok
19:52:01.0166 0x0f58  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:52:01.0222 0x0f58  cdrom - ok
19:52:01.0301 0x0f58  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
19:52:01.0385 0x0f58  CertPropSvc - ok
19:52:01.0411 0x0f58  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:52:01.0490 0x0f58  circlass - ok
19:52:01.0549 0x0f58  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
19:52:01.0608 0x0f58  CLFS - ok
19:52:01.0719 0x0f58  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:01.0779 0x0f58  clr_optimization_v2.0.50727_32 - ok
19:52:01.0844 0x0f58  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:52:01.0896 0x0f58  clr_optimization_v4.0.30319_32 - ok
19:52:01.0963 0x0f58  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:52:02.0062 0x0f58  CmBatt - ok
19:52:02.0157 0x0f58  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:52:02.0204 0x0f58  cmdide - ok
19:52:02.0251 0x0f58  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:52:02.0278 0x0f58  Compbatt - ok
19:52:02.0309 0x0f58  COMSysApp - ok
19:52:02.0341 0x0f58  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:52:02.0384 0x0f58  crcdisk - ok
19:52:02.0414 0x0f58  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
19:52:02.0505 0x0f58  Crusoe - ok
19:52:02.0582 0x0f58  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:52:02.0663 0x0f58  CryptSvc - ok
19:52:02.0758 0x0f58  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:52:02.0823 0x0f58  DcomLaunch - ok
19:52:02.0858 0x0f58  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:52:02.0896 0x0f58  DfsC - ok
19:52:03.0596 0x0f58  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
19:52:03.0973 0x0f58  DFSR - ok
19:52:04.0038 0x0f58  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
19:52:04.0106 0x0f58  Dhcp - ok
19:52:04.0151 0x0f58  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
19:52:04.0178 0x0f58  disk - ok
19:52:04.0220 0x0f58  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:52:04.0250 0x0f58  Dnscache - ok
19:52:04.0271 0x0f58  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
19:52:04.0319 0x0f58  dot3svc - ok
19:52:04.0358 0x0f58  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
19:52:04.0426 0x0f58  DPS - ok
19:52:04.0448 0x0f58  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:52:04.0485 0x0f58  drmkaud - ok
19:52:04.0549 0x0f58  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:52:04.0616 0x0f58  DXGKrnl - ok
19:52:04.0666 0x0f58  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
19:52:04.0728 0x0f58  E1G60 - ok
19:52:04.0764 0x0f58  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
19:52:04.0817 0x0f58  EapHost - ok
19:52:04.0843 0x0f58  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
19:52:04.0900 0x0f58  Ecache - ok
19:52:04.0981 0x0f58  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:52:05.0028 0x0f58  ehRecvr - ok
19:52:05.0078 0x0f58  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
19:52:05.0125 0x0f58  ehSched - ok
19:52:05.0149 0x0f58  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
19:52:05.0188 0x0f58  ehstart - ok
19:52:05.0251 0x0f58  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:52:05.0297 0x0f58  elxstor - ok
19:52:05.0351 0x0f58  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
19:52:05.0438 0x0f58  EMDMgmt - ok
19:52:05.0466 0x0f58  [ A81AB23EDDB4693612014D87367D014C, 6AF1B0D3C3A61710A31B11C531E090C363C34A3D7C6365FDFA2B425F03E9EBAB ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:52:05.0513 0x0f58  ErrDev - ok
19:52:05.0583 0x0f58  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
19:52:05.0648 0x0f58  EventSystem - ok
19:52:05.0679 0x0f58  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:52:05.0750 0x0f58  exfat - ok
19:52:05.0795 0x0f58  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:52:05.0827 0x0f58  fastfat - ok
19:52:05.0842 0x0f58  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:52:05.0893 0x0f58  fdc - ok
19:52:05.0944 0x0f58  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
19:52:06.0025 0x0f58  fdPHost - ok
19:52:06.0047 0x0f58  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:52:06.0133 0x0f58  FDResPub - ok
19:52:06.0164 0x0f58  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:52:06.0189 0x0f58  FileInfo - ok
19:52:06.0203 0x0f58  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:52:06.0250 0x0f58  Filetrace - ok
19:52:06.0271 0x0f58  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:52:06.0326 0x0f58  flpydisk - ok
19:52:06.0419 0x0f58  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:52:06.0464 0x0f58  FltMgr - ok
19:52:06.0632 0x0f58  [ 7417E869AE5AAC3026329E7749698110, 14545202D90C23EE6A2ADC5627791A3B43B5EEA6F78F44021C9AE2B5B8A351DD ] FontCache       C:\Windows\system32\FntCache.dll
19:52:06.0729 0x0f58  FontCache - ok
19:52:06.0793 0x0f58  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:52:06.0814 0x0f58  FontCache3.0.0.0 - ok
19:52:06.0856 0x0f58  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:52:06.0915 0x0f58  Fs_Rec - ok
19:52:06.0960 0x0f58  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:52:06.0983 0x0f58  gagp30kx - ok
19:52:07.0004 0x0f58  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:52:07.0024 0x0f58  GEARAspiWDM - ok
19:52:07.0100 0x0f58  [ BF6DD6A0E1501D395DE1B26D4FEBAD29, 8F29C73416C72A3E41EDA615AC863752669273E2D2E0901A0C9AB66FF7011781 ] GoToAssist      C:\Program Files\Citrix\GoToAssist Corporate\1121\G2AC_Service.exe
19:52:07.0138 0x0f58  GoToAssist - ok
19:52:07.0196 0x0f58  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
19:52:07.0270 0x0f58  gpsvc - ok
19:52:07.0350 0x0f58  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:07.0371 0x0f58  gupdate - ok
19:52:07.0381 0x0f58  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:07.0401 0x0f58  gupdatem - ok
19:52:07.0450 0x0f58  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:52:07.0499 0x0f58  HdAudAddService - ok
19:52:07.0762 0x0f58  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:52:07.0880 0x0f58  HDAudBus - ok
19:52:07.0925 0x0f58  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:52:08.0021 0x0f58  HidBth - ok
19:52:08.0059 0x0f58  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:52:08.0126 0x0f58  HidIr - ok
19:52:08.0186 0x0f58  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
19:52:08.0236 0x0f58  hidserv - ok
19:52:08.0260 0x0f58  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:52:08.0297 0x0f58  HidUsb - ok
19:52:08.0327 0x0f58  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:52:08.0385 0x0f58  hkmsvc - ok
19:52:08.0411 0x0f58  [ 7EBEC5EB56B90ED65A8BBD91464E5CFB, 1CBDF532EFFFD564F79A45B2204BF02D9E6AC390796928DBE6DE9AF73E20C4B3 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
19:52:08.0436 0x0f58  HpCISSs - ok
19:52:08.0595 0x0f58  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:52:08.0663 0x0f58  HTTP - ok
19:52:08.0736 0x0f58  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
19:52:08.0780 0x0f58  i2omp - ok
19:52:08.0855 0x0f58  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:52:08.0946 0x0f58  i8042prt - ok
19:52:09.0035 0x0f58  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
19:52:09.0090 0x0f58  iaStorV - ok
19:52:09.0388 0x0f58  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:52:09.0558 0x0f58  idsvc - ok
19:52:09.0631 0x0f58  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:52:09.0671 0x0f58  iirsp - ok
19:52:09.0903 0x0f58  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:52:09.0972 0x0f58  IKEEXT - ok
19:52:10.0046 0x0f58  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
19:52:10.0091 0x0f58  intelide - ok
19:52:10.0120 0x0f58  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:52:10.0232 0x0f58  intelppm - ok
19:52:10.0315 0x0f58  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:52:10.0421 0x0f58  IPBusEnum - ok
19:52:10.0586 0x0f58  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:10.0666 0x0f58  IpFilterDriver - ok
19:52:10.0874 0x0f58  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:52:10.0965 0x0f58  iphlpsvc - ok
19:52:10.0972 0x0f58  IpInIp - ok
19:52:11.0011 0x0f58  [ 4B9C0F4D4A3ACC535F9771039ECD6365, C150DB53288BFC30B9CE8C061A5FF3AFCB4D6FFCB76CB4E6966191BB7B2E99EE ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
19:52:11.0103 0x0f58  IPMIDRV - ok
19:52:11.0170 0x0f58  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
19:52:11.0218 0x0f58  IPNAT - ok
19:52:11.0496 0x0f58  [ FB7679FD086C60597F8C6929FF66FAC2, 6333339CB052D2A64CFBE5916D6D8F2A4D6CA84A31B549F70733A91F3C4D6EB8 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:52:11.0564 0x0f58  iPod Service - ok
19:52:11.0612 0x0f58  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:52:11.0680 0x0f58  IRENUM - ok
19:52:11.0722 0x0f58  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:52:11.0745 0x0f58  isapnp - ok
19:52:11.0798 0x0f58  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
19:52:11.0827 0x0f58  iScsiPrt - ok
19:52:11.0848 0x0f58  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
19:52:11.0870 0x0f58  iteatapi - ok
19:52:11.0900 0x0f58  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
19:52:11.0921 0x0f58  iteraid - ok
19:52:11.0946 0x0f58  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:52:11.0969 0x0f58  kbdclass - ok
19:52:11.0986 0x0f58  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:52:12.0034 0x0f58  kbdhid - ok
19:52:12.0066 0x0f58  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
19:52:12.0095 0x0f58  KeyIso - ok
19:52:12.0173 0x0f58  [ CAC8E3956BAA1C45F602746645D45F97, 5E0A148D85920F12489AF299A0CA13DAD54A78D1909C21618673D47531A8E77D ] KeyScrambler    C:\Windows\system32\drivers\keyscrambler.sys
19:52:12.0207 0x0f58  KeyScrambler - ok
19:52:12.0376 0x0f58  [ E9648A2E6691B3BF0D17697640B8F7EB, 6832F086C3AD0BBB57A5D3B1B3DE8EAFB9F8E63906A70A77770B421670D61F8C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:52:12.0446 0x0f58  KSecDD - ok
19:52:12.0664 0x0f58  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:52:12.0745 0x0f58  KtmRm - ok
19:52:12.0784 0x0f58  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:52:12.0849 0x0f58  LanmanServer - ok
19:52:12.0915 0x0f58  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:52:12.0951 0x0f58  LanmanWorkstation - ok
19:52:12.0999 0x0f58  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:52:13.0041 0x0f58  lltdio - ok
19:52:13.0071 0x0f58  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:52:13.0150 0x0f58  lltdsvc - ok
19:52:13.0186 0x0f58  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:52:13.0272 0x0f58  lmhosts - ok
19:52:13.0305 0x0f58  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:52:13.0331 0x0f58  LSI_FC - ok
19:52:13.0362 0x0f58  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:52:13.0386 0x0f58  LSI_SAS - ok
19:52:13.0413 0x0f58  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:52:13.0439 0x0f58  LSI_SCSI - ok
19:52:13.0466 0x0f58  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:52:13.0525 0x0f58  luafv - ok
19:52:13.0539 0x0f58  [ B4CD87E78A01562E3DA67FE1C2779204, 536AC01C53A18E7B43F02F345FC3088C189A2D01F5E060714C0534FE7ECA2356 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:52:13.0558 0x0f58  MBAMProtector - ok
19:52:13.0679 0x0f58  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\AdwCleaner\Malwarebytes Anti-Malware\mbamservice.exe
19:52:13.0754 0x0f58  MBAMService - ok
19:52:13.0807 0x0f58  [ EAFEB8DF3B5B2AD7848B4C367FDD6E05, 7444D9DB01D28100831CDE3208829784225A92C4CDF9ED594EA3DD8F5FEAEA98 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:52:13.0849 0x0f58  MBAMWebAccessControl - ok
19:52:13.0902 0x0f58  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:52:13.0980 0x0f58  Mcx2Svc - ok
19:52:14.0056 0x0f58  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
19:52:14.0079 0x0f58  megasas - ok
19:52:14.0121 0x0f58  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
19:52:14.0161 0x0f58  MegaSR - ok
19:52:14.0242 0x0f58  Microsoft SharePoint Workspace Audit Service - ok
19:52:14.0266 0x0f58  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
19:52:14.0317 0x0f58  MMCSS - ok
19:52:14.0344 0x0f58  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
19:52:14.0410 0x0f58  Modem - ok
19:52:14.0429 0x0f58  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:52:14.0472 0x0f58  monitor - ok
19:52:14.0484 0x0f58  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:52:14.0506 0x0f58  mouclass - ok
19:52:14.0524 0x0f58  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:52:14.0566 0x0f58  mouhid - ok
19:52:14.0587 0x0f58  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
19:52:14.0610 0x0f58  MountMgr - ok
19:52:14.0663 0x0f58  [ 5DA347912FD3AF24D7BFB3DE519D4BD0, 4115406BAD580D9B4BF9589711D76B61CF516959E467BFA4456CE78017F89FCB ] mpio            C:\Windows\system32\drivers\mpio.sys
19:52:14.0691 0x0f58  mpio - ok
19:52:14.0722 0x0f58  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:52:14.0758 0x0f58  mpsdrv - ok
19:52:14.0801 0x0f58  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:52:14.0871 0x0f58  MpsSvc - ok
19:52:14.0890 0x0f58  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
19:52:14.0910 0x0f58  Mraid35x - ok
19:52:14.0956 0x0f58  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:52:14.0999 0x0f58  MRxDAV - ok
19:52:15.0051 0x0f58  [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:15.0102 0x0f58  mrxsmb - ok
19:52:15.0128 0x0f58  [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:15.0179 0x0f58  mrxsmb10 - ok
19:52:15.0198 0x0f58  [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:15.0228 0x0f58  mrxsmb20 - ok
19:52:15.0277 0x0f58  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
19:52:15.0299 0x0f58  msahci - ok
19:52:15.0330 0x0f58  [ 2C563AEF15B8D0014C36C5F27742AC7B, 378BA92A1C7E3B0DEBD7B4C28EDF9E5461313D66985B40EFB075DD6169936494 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:52:15.0357 0x0f58  msdsm - ok
19:52:15.0378 0x0f58  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
19:52:15.0442 0x0f58  MSDTC - ok
19:52:15.0460 0x0f58  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:52:15.0516 0x0f58  Msfs - ok
19:52:15.0541 0x0f58  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:52:15.0562 0x0f58  msisadrv - ok
19:52:15.0607 0x0f58  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:52:15.0665 0x0f58  MSiSCSI - ok
19:52:15.0672 0x0f58  msiserver - ok
19:52:15.0699 0x0f58  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:52:15.0751 0x0f58  MSKSSRV - ok
19:52:15.0773 0x0f58  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:15.0814 0x0f58  MSPCLOCK - ok
19:52:15.0836 0x0f58  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:52:15.0891 0x0f58  MSPQM - ok
19:52:15.0937 0x0f58  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:52:15.0967 0x0f58  MsRPC - ok
19:52:15.0993 0x0f58  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:52:16.0015 0x0f58  mssmbios - ok
19:52:16.0032 0x0f58  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:52:16.0087 0x0f58  MSTEE - ok
19:52:16.0108 0x0f58  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:52:16.0132 0x0f58  Mup - ok
19:52:16.0212 0x0f58  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
19:52:16.0265 0x0f58  napagent - ok
19:52:16.0287 0x0f58  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:52:16.0345 0x0f58  NativeWifiP - ok
19:52:16.0397 0x0f58  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:52:16.0448 0x0f58  NDIS - ok
19:52:16.0486 0x0f58  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:16.0534 0x0f58  NdisTapi - ok
19:52:16.0584 0x0f58  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:16.0625 0x0f58  Ndisuio - ok
19:52:16.0649 0x0f58  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:16.0707 0x0f58  NdisWan - ok
19:52:16.0731 0x0f58  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:52:16.0768 0x0f58  NDProxy - ok
19:52:16.0934 0x0f58  [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
19:52:16.0999 0x0f58  Nero BackItUp Scheduler 4.0 - ok
19:52:17.0055 0x0f58  [ 9213AA35BCA94EB79D366DA254E4BDF5, 5E1C71BEB6CFFF5A6F149E9FE6E169D087A6CBE63A504FEE8D42170284952F85 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
19:52:17.0096 0x0f58  Netaapl - ok
19:52:17.0117 0x0f58  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:52:17.0170 0x0f58  NetBIOS - ok
19:52:17.0220 0x0f58  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
19:52:17.0262 0x0f58  netbt - ok
19:52:17.0280 0x0f58  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
19:52:17.0307 0x0f58  Netlogon - ok
19:52:17.0349 0x0f58  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
19:52:17.0415 0x0f58  Netman - ok
19:52:17.0453 0x0f58  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:52:17.0483 0x0f58  NetMsmqActivator - ok
19:52:17.0495 0x0f58  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:52:17.0522 0x0f58  NetPipeActivator - ok
19:52:17.0552 0x0f58  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
19:52:17.0616 0x0f58  netprofm - ok
19:52:17.0628 0x0f58  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:52:17.0656 0x0f58  NetTcpActivator - ok
19:52:17.0668 0x0f58  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:52:17.0695 0x0f58  NetTcpPortSharing - ok
19:52:17.0834 0x0f58  [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
19:52:18.0030 0x0f58  NETw3v32 - ok
19:52:18.0241 0x0f58  [ 8DE67BD902095A13329FD82C85A1FA09, 7F0B058D0C306A845F7BF14B24B0BDBCE6F152A054331072549F46284E75A367 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
19:52:18.0571 0x0f58  NETw5v32 - ok
19:52:18.0633 0x0f58  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:52:18.0655 0x0f58  nfrd960 - ok
19:52:18.0707 0x0f58  [ 11D101C6EDE012E018F37275CD3DAA3C, DD97E2032BB7B70B5C60B26B0DC57A28A7CC9B817E664963D3213E756B03A1DF ] ngvss           C:\Windows\system32\drivers\ngvss.sys
19:52:18.0732 0x0f58  ngvss - ok
19:52:18.0791 0x0f58  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:52:18.0844 0x0f58  NlaSvc - ok
19:52:18.0883 0x0f58  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:52:18.0918 0x0f58  Npfs - ok
19:52:18.0956 0x0f58  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
19:52:19.0015 0x0f58  nsi - ok
19:52:19.0028 0x0f58  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:52:19.0084 0x0f58  nsiproxy - ok
19:52:19.0177 0x0f58  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:52:19.0256 0x0f58  Ntfs - ok
19:52:19.0297 0x0f58  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
19:52:19.0371 0x0f58  ntrigdigi - ok
19:52:19.0384 0x0f58  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
19:52:19.0436 0x0f58  Null - ok
19:52:19.0471 0x0f58  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:52:19.0498 0x0f58  nvraid - ok
19:52:19.0523 0x0f58  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:52:19.0546 0x0f58  nvstor - ok
19:52:19.0574 0x0f58  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:52:19.0600 0x0f58  nv_agp - ok
19:52:19.0609 0x0f58  NwlnkFlt - ok
19:52:19.0618 0x0f58  NwlnkFwd - ok
19:52:19.0666 0x0f58  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
19:52:19.0718 0x0f58  ohci1394 - ok
19:52:19.0786 0x0f58  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:19.0811 0x0f58  ose - ok
19:52:20.0110 0x0f58  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:52:20.0391 0x0f58  osppsvc - ok
19:52:20.0485 0x0f58  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
19:52:20.0571 0x0f58  p2pimsvc - ok
19:52:20.0603 0x0f58  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:52:20.0661 0x0f58  p2psvc - ok
19:52:20.0698 0x0f58  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
19:52:20.0773 0x0f58  Parport - ok
19:52:20.0815 0x0f58  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:52:20.0839 0x0f58  partmgr - ok
19:52:20.0862 0x0f58  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
19:52:20.0929 0x0f58  Parvdm - ok
19:52:20.0946 0x0f58  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:52:21.0003 0x0f58  PcaSvc - ok
19:52:21.0027 0x0f58  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
19:52:21.0056 0x0f58  pci - ok
19:52:21.0074 0x0f58  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
19:52:21.0097 0x0f58  pciide - ok
19:52:21.0112 0x0f58  [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:52:21.0144 0x0f58  pcmcia - ok
19:52:21.0199 0x0f58  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:52:21.0354 0x0f58  PEAUTH - ok
19:52:21.0468 0x0f58  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
19:52:21.0627 0x0f58  pla - ok
19:52:21.0686 0x0f58  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:52:21.0734 0x0f58  PlugPlay - ok
19:52:21.0804 0x0f58  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
19:52:21.0862 0x0f58  PNRPAutoReg - ok
19:52:21.0897 0x0f58  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
19:52:21.0956 0x0f58  PNRPsvc - ok
19:52:22.0005 0x0f58  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:52:22.0069 0x0f58  PolicyAgent - ok
19:52:22.0120 0x0f58  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:52:22.0177 0x0f58  PptpMiniport - ok
19:52:22.0195 0x0f58  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
19:52:22.0240 0x0f58  Processor - ok
19:52:22.0280 0x0f58  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:52:22.0330 0x0f58  ProfSvc - ok
19:52:22.0349 0x0f58  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
19:52:22.0376 0x0f58  ProtectedStorage - ok
19:52:22.0396 0x0f58  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
19:52:22.0441 0x0f58  PSched - ok
19:52:22.0520 0x0f58  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:52:22.0601 0x0f58  ql2300 - ok
19:52:22.0647 0x0f58  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:52:22.0672 0x0f58  ql40xx - ok
19:52:22.0720 0x0f58  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
19:52:22.0762 0x0f58  QWAVE - ok
19:52:22.0782 0x0f58  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:52:22.0808 0x0f58  QWAVEdrv - ok
19:52:22.0819 0x0f58  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:52:22.0870 0x0f58  RasAcd - ok
19:52:22.0897 0x0f58  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
19:52:22.0963 0x0f58  RasAuto - ok
19:52:22.0989 0x0f58  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:23.0037 0x0f58  Rasl2tp - ok
19:52:23.0134 0x0f58  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
19:52:23.0209 0x0f58  RasMan - ok
19:52:23.0235 0x0f58  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:23.0286 0x0f58  RasPppoe - ok
19:52:23.0309 0x0f58  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:52:23.0342 0x0f58  RasSstp - ok
19:52:23.0371 0x0f58  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:52:23.0416 0x0f58  rdbss - ok
19:52:23.0436 0x0f58  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:23.0493 0x0f58  RDPCDD - ok
19:52:23.0537 0x0f58  [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
19:52:23.0582 0x0f58  rdpdr - ok
19:52:23.0590 0x0f58  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:52:23.0638 0x0f58  RDPENCDD - ok
19:52:23.0696 0x0f58  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:52:23.0749 0x0f58  RDPWD - ok
19:52:23.0810 0x0f58  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:52:23.0865 0x0f58  RemoteAccess - ok
19:52:23.0917 0x0f58  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:52:23.0960 0x0f58  RemoteRegistry - ok
19:52:23.0991 0x0f58  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
19:52:24.0050 0x0f58  RpcLocator - ok
19:52:24.0088 0x0f58  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
19:52:24.0152 0x0f58  RpcSs - ok
19:52:24.0195 0x0f58  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:52:24.0293 0x0f58  rspndr - ok
19:52:24.0322 0x0f58  [ 283392AF1860ECDB5E0F8EBD7F3D72DF, B947025A41D7A16C48330ECE469860023D2109537A3DDC631C8EF9672687FF93 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
19:52:24.0401 0x0f58  RTL8169 - ok
19:52:24.0423 0x0f58  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
19:52:24.0450 0x0f58  SamSs - ok
19:52:24.0528 0x0f58  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:52:24.0545 0x0f58  SASDIFSV - ok
19:52:24.0573 0x0f58  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:52:24.0596 0x0f58  sbp2port - ok
19:52:24.0632 0x0f58  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:52:24.0674 0x0f58  SCardSvr - ok
19:52:24.0745 0x0f58  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
19:52:24.0829 0x0f58  Schedule - ok
19:52:24.0850 0x0f58  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:52:24.0885 0x0f58  SCPolicySvc - ok
19:52:24.0928 0x0f58  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
19:52:24.0967 0x0f58  sdbus - ok
19:52:24.0989 0x0f58  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:52:25.0026 0x0f58  SDRSVC - ok
19:52:25.0037 0x0f58  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:52:25.0119 0x0f58  secdrv - ok
19:52:25.0141 0x0f58  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
19:52:25.0199 0x0f58  seclogon - ok
19:52:25.0217 0x0f58  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
19:52:25.0275 0x0f58  SENS - ok
19:52:25.0318 0x0f58  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:52:25.0393 0x0f58  Serenum - ok
19:52:25.0416 0x0f58  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
19:52:25.0499 0x0f58  Serial - ok
19:52:25.0527 0x0f58  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:52:25.0568 0x0f58  sermouse - ok
19:52:25.0629 0x0f58  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:52:25.0679 0x0f58  SessionEnv - ok
19:52:25.0739 0x0f58  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:52:25.0798 0x0f58  sffdisk - ok
19:52:25.0844 0x0f58  [ E5EAFE85815BD89095FEF3144A09AB68, 625A3D73380AA3C1BAACA1ED7382B30DA4E435418DF5AEF911C473ADB220789B ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:52:25.0902 0x0f58  sffp_mmc - ok
19:52:25.0934 0x0f58  [ 9F66A46C55D6F1CCABC79BB7AFCCC545, 029115C69315D2298F7FC944A53EF7F120FF74919208EB5ABC190022176D9B16 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:52:26.0020 0x0f58  sffp_sd - ok
19:52:26.0056 0x0f58  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:52:26.0187 0x0f58  sfloppy - ok
19:52:26.0385 0x0f58  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:52:26.0570 0x0f58  SharedAccess - ok
19:52:26.0735 0x0f58  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:52:26.0808 0x0f58  ShellHWDetection - ok
19:52:26.0882 0x0f58  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:52:26.0930 0x0f58  sisagp - ok
19:52:27.0024 0x0f58  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
19:52:27.0055 0x0f58  SiSRaid2 - ok
19:52:27.0314 0x0f58  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:52:27.0351 0x0f58  SiSRaid4 - ok
19:52:27.0660 0x0f58  [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:52:27.0732 0x0f58  SkypeUpdate - ok
19:52:28.0808 0x0f58  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
19:52:29.0148 0x0f58  slsvc - ok
19:52:29.0361 0x0f58  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
19:52:29.0419 0x0f58  SLUINotify - ok
19:52:29.0462 0x0f58  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:52:29.0693 0x0f58  Smb - ok
19:52:29.0785 0x0f58  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:52:29.0833 0x0f58  SNMPTRAP - ok
19:52:29.0941 0x0f58  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:52:29.0966 0x0f58  spldr - ok
19:52:30.0078 0x0f58  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
19:52:30.0123 0x0f58  Spooler - ok
19:52:30.0190 0x0f58  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:52:30.0504 0x0f58  srv - ok
19:52:30.0620 0x0f58  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:52:30.0760 0x0f58  srv2 - ok
19:52:30.0851 0x0f58  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:52:30.0943 0x0f58  srvnet - ok
19:52:31.0105 0x0f58  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:52:31.0230 0x0f58  SSDPSRV - ok
19:52:31.0319 0x0f58  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:52:31.0399 0x0f58  SstpSvc - ok
19:52:31.0610 0x0f58  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
19:52:31.0756 0x0f58  stisvc - ok
19:52:31.0868 0x0f58  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:52:31.0913 0x0f58  swenum - ok
19:52:31.0980 0x0f58  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
19:52:32.0046 0x0f58  swprv - ok
19:52:32.0105 0x0f58  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
19:52:32.0139 0x0f58  Symc8xx - ok
19:52:32.0178 0x0f58  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
19:52:32.0244 0x0f58  Sym_hi - ok
19:52:32.0286 0x0f58  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
19:52:32.0310 0x0f58  Sym_u3 - ok
19:52:32.0448 0x0f58  [ 5EFCEDCF3DAF5C8D9E8B77A34A4EEC99, 4F9DFCBB1AAA1C6AD4123ECA4AF6A6F2334D9CED4D3D8945F45744DCDCD100A2 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:52:32.0503 0x0f58  SynTP - ok
19:52:32.0598 0x0f58  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
19:52:32.0744 0x0f58  SysMain - ok
19:52:32.0798 0x0f58  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:52:32.0861 0x0f58  TabletInputService - ok
19:52:32.0928 0x0f58  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:52:33.0031 0x0f58  TapiSrv - ok
19:52:33.0092 0x0f58  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
19:52:33.0185 0x0f58  TBS - ok
19:52:33.0293 0x0f58  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:52:33.0390 0x0f58  Tcpip - ok
19:52:33.0605 0x0f58  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
19:52:33.0670 0x0f58  Tcpip6 - ok
19:52:33.0780 0x0f58  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:52:33.0868 0x0f58  tcpipreg - ok
19:52:33.0927 0x0f58  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:52:34.0015 0x0f58  TDPIPE - ok
19:52:34.0040 0x0f58  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:52:34.0114 0x0f58  TDTCP - ok
19:52:34.0143 0x0f58  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:52:34.0201 0x0f58  tdx - ok
19:52:34.0230 0x0f58  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:52:34.0257 0x0f58  TermDD - ok
19:52:34.0420 0x0f58  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
19:52:34.0543 0x0f58  TermService - ok
19:52:34.0567 0x0f58  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
19:52:34.0606 0x0f58  Themes - ok
19:52:34.0654 0x0f58  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
19:52:34.0700 0x0f58  THREADORDER - ok
19:52:34.0824 0x0f58  [ F779BA4CD37963AB4600C9871B7752A3, 57CDADC5F089D03A800EF52F02C0B2F77B0AA9EFDF3CFD837452D699404A058E ] tifm21          C:\Windows\system32\drivers\tifm21.sys
19:52:34.0920 0x0f58  tifm21 - ok
19:52:34.0990 0x0f58  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
19:52:35.0045 0x0f58  TrkWks - ok
19:52:35.0146 0x0f58  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:52:35.0223 0x0f58  TrustedInstaller - ok
19:52:35.0332 0x0f58  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:35.0404 0x0f58  tssecsrv - ok
19:52:35.0450 0x0f58  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
19:52:35.0516 0x0f58  tunmp - ok
19:52:35.0551 0x0f58  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:52:35.0609 0x0f58  tunnel - ok
19:52:35.0647 0x0f58  [ 792A8B80F8188ABA4B2BE271583F3E46, BFE96D13926F3CB7D807CEBB5E190736B742EB5C93F7FED08AA5D145F4B6A874 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
19:52:35.0673 0x0f58  TVALZ - ok
19:52:35.0742 0x0f58  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:52:35.0777 0x0f58  uagp35 - ok
19:52:35.0811 0x0f58  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:52:35.0866 0x0f58  udfs - ok
19:52:35.0921 0x0f58  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:52:35.0974 0x0f58  UI0Detect - ok
19:52:36.0098 0x0f58  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:52:36.0129 0x0f58  uliagpkx - ok
19:52:36.0205 0x0f58  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
19:52:36.0272 0x0f58  uliahci - ok
19:52:36.0305 0x0f58  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
19:52:36.0341 0x0f58  UlSata - ok
19:52:36.0370 0x0f58  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
19:52:36.0412 0x0f58  ulsata2 - ok
19:52:36.0450 0x0f58  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:52:36.0538 0x0f58  umbus - ok
19:52:36.0641 0x0f58  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
19:52:36.0748 0x0f58  upnphost - ok
19:52:36.0845 0x0f58  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
19:52:36.0903 0x0f58  USBAAPL - ok
19:52:36.0984 0x0f58  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:52:37.0080 0x0f58  usbaudio - ok
19:52:37.0149 0x0f58  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:52:37.0227 0x0f58  usbccgp - ok
19:52:37.0287 0x0f58  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:52:37.0419 0x0f58  usbcir - ok
19:52:37.0510 0x0f58  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:52:37.0560 0x0f58  usbehci - ok
19:52:37.0615 0x0f58  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:52:37.0693 0x0f58  usbhub - ok
19:52:37.0710 0x0f58  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:52:37.0800 0x0f58  usbohci - ok
19:52:37.0843 0x0f58  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:52:37.0931 0x0f58  usbprint - ok
19:52:38.0010 0x0f58  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:38.0082 0x0f58  USBSTOR - ok
19:52:38.0105 0x0f58  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:52:38.0176 0x0f58  usbuhci - ok
19:52:38.0214 0x0f58  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:52:38.0307 0x0f58  usbvideo - ok
19:52:38.0341 0x0f58  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
19:52:38.0392 0x0f58  UxSms - ok
19:52:38.0801 0x0f58  [ 53D2D97E86482E0BF46462D9DCFEEC9D, 12328968129F3DEC989F4BEDE603DB0D574540B68CBF8537E070165600ABDBBA ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
19:52:38.0834 0x0f58  VBoxAswDrv - ok
19:52:38.0958 0x0f58  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
19:52:39.0109 0x0f58  vds - ok
19:52:39.0178 0x0f58  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:39.0264 0x0f58  vga - ok
19:52:39.0285 0x0f58  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:52:39.0371 0x0f58  VgaSave - ok
19:52:39.0419 0x0f58  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:52:39.0442 0x0f58  viaagp - ok
19:52:39.0492 0x0f58  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
19:52:39.0541 0x0f58  ViaC7 - ok
19:52:39.0583 0x0f58  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
19:52:39.0651 0x0f58  viaide - ok
19:52:39.0708 0x0f58  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:52:39.0748 0x0f58  volmgr - ok
19:52:39.0859 0x0f58  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:52:39.0914 0x0f58  volmgrx - ok
19:52:39.0991 0x0f58  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:52:40.0032 0x0f58  volsnap - ok
19:52:40.0062 0x0f58  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:52:40.0099 0x0f58  vsmraid - ok
19:52:40.0206 0x0f58  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
19:52:40.0309 0x0f58  VSS - ok
19:52:40.0347 0x0f58  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
19:52:40.0399 0x0f58  W32Time - ok
19:52:40.0438 0x0f58  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:52:40.0505 0x0f58  WacomPen - ok
19:52:40.0521 0x0f58  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
19:52:40.0570 0x0f58  Wanarp - ok
19:52:40.0579 0x0f58  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:52:40.0622 0x0f58  Wanarpv6 - ok
19:52:40.0739 0x0f58  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:52:40.0798 0x0f58  wcncsvc - ok
19:52:40.0825 0x0f58  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:52:40.0875 0x0f58  WcsPlugInService - ok
19:52:40.0933 0x0f58  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
19:52:40.0956 0x0f58  Wd - ok
19:52:41.0039 0x0f58  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:52:41.0112 0x0f58  Wdf01000 - ok
19:52:41.0173 0x0f58  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:52:41.0275 0x0f58  WdiServiceHost - ok
19:52:41.0284 0x0f58  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:52:41.0333 0x0f58  WdiSystemHost - ok
19:52:41.0409 0x0f58  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
19:52:41.0454 0x0f58  WebClient - ok
19:52:41.0538 0x0f58  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:52:41.0600 0x0f58  Wecsvc - ok
19:52:41.0644 0x0f58  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:52:41.0711 0x0f58  wercplsupport - ok
19:52:41.0745 0x0f58  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:52:41.0790 0x0f58  WerSvc - ok
19:52:41.0919 0x0f58  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:52:41.0949 0x0f58  WinDefend - ok
19:52:41.0967 0x0f58  WinHttpAutoProxySvc - ok
19:52:42.0514 0x0f58  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:52:42.0555 0x0f58  Winmgmt - ok
19:52:42.0929 0x0f58  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:52:43.0081 0x0f58  WinRM - ok
19:52:43.0178 0x0f58  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:52:43.0241 0x0f58  Wlansvc - ok
19:52:43.0290 0x0f58  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:52:43.0339 0x0f58  WmiAcpi - ok
19:52:43.0388 0x0f58  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:52:43.0445 0x0f58  wmiApSrv - ok
19:52:43.0659 0x0f58  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:52:43.0756 0x0f58  WMPNetworkSvc - ok
19:52:43.0819 0x0f58  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:52:43.0871 0x0f58  WPCSvc - ok
19:52:43.0933 0x0f58  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:52:43.0981 0x0f58  WPDBusEnum - ok
19:52:44.0014 0x0f58  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
19:52:44.0052 0x0f58  WpdUsb - ok
19:52:44.0336 0x0f58  [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:52:44.0393 0x0f58  WPFFontCache_v0400 - ok
19:52:44.0447 0x0f58  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:52:44.0501 0x0f58  ws2ifsl - ok
19:52:44.0560 0x0f58  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
19:52:44.0593 0x0f58  wscsvc - ok
19:52:44.0601 0x0f58  WSearch - ok
19:52:44.0979 0x0f58  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:52:45.0149 0x0f58  wuauserv - ok
19:52:45.0187 0x0f58  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:52:45.0214 0x0f58  WudfPf - ok
19:52:45.0299 0x0f58  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:45.0337 0x0f58  WUDFRd - ok
19:52:45.0370 0x0f58  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:52:45.0405 0x0f58  wudfsvc - ok
19:52:45.0426 0x0f58  ================ Scan global ===============================
19:52:45.0477 0x0f58  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
19:52:45.0531 0x0f58  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
19:52:45.0571 0x0f58  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
19:52:45.0629 0x0f58  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
19:52:45.0653 0x0f58  [ Global ] - ok
19:52:45.0653 0x0f58  ================ Scan MBR ==================================
19:52:45.0680 0x0f58  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:52:46.0945 0x0f58  \Device\Harddisk0\DR0 - ok
19:52:46.0946 0x0f58  ================ Scan VBR ==================================
19:52:46.0978 0x0f58  [ 301DE2545BA69A089ED1413447D036BC ] \Device\Harddisk0\DR0\Partition1
19:52:47.0017 0x0f58  \Device\Harddisk0\DR0\Partition1 - ok
19:52:47.0026 0x0f58  ================ Scan generic autorun ======================
19:52:47.0090 0x0f58  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
19:52:47.0178 0x0f58  Windows Defender - ok
19:52:48.0165 0x0f58  [ 799450710D1B09FAF0D220B4DA3BF431, EE77DE14BC91D9A26D08AF4507071BB13F9D7F835AE6616B7D313F4FAF877793 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:52:48.0614 0x0f58  AvastUI.exe - ok
19:52:49.0178 0x0f58  [ E589F7DF4F9B0E8E857022256F447F6E, BE6BD2EF11EADD34D8A801E069A28985B79B9A924D2F6B3A17B6355CE446E367 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
19:52:49.0592 0x0f58  SynTPEnh - ok
19:52:50.0363 0x0f58  [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:52:50.0407 0x0f58  APSDaemon - ok
19:52:50.0574 0x0f58  [ 20769F05B2A6EBF78CF3D82ED0063236, 5D89FC2DF6E13BB062B723CA85C0EF10253ACE64EBA064A58A362DC581573C1E ] C:\Program Files\iTunes\iTunesHelper.exe
19:52:50.0651 0x0f58  iTunesHelper - ok
19:52:51.0013 0x0f58  [ BEB657CF4124C7FB8030DA6A3AF74152, 1F8C4DF09190681203BCD22DCF7FF07E264A49511704FB41277CEA8E13DA36C9 ] C:\Users\Home\Desktop\KeyScrambler\keyscrambler.exe
19:52:51.0148 0x0f58  KeyScrambler - ok
19:52:51.0770 0x0f58  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:52:51.0994 0x0f58  Sidebar - ok
19:52:52.0303 0x0f58  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:52:52.0454 0x0f58  Sidebar - ok
19:52:52.0741 0x0f58  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
19:52:52.0852 0x0f58  Sidebar - ok
19:52:54.0283 0x0f58  [ DB13097358D7DFB4329CB286552EB3D9, 331579413EEA271597AFF5E52858C420EB8115284E14F31DD9F48B0ABCB1889A ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
19:52:54.0889 0x0f58  SUPERAntiSpyware - ok
19:52:55.0001 0x0f58  Skype - ok
19:52:55.0427 0x0f58  [ 1F014EA12ECB13C909DA9395E9CD3D18, FA4E7090E3778A954AB82B304B9E3711F35E30E5DE7B9020F4E820B6E3B1CF85 ] C:\Program Files\CCleaner\CCleaner.exe
19:52:55.0821 0x0f58  CCleaner Monitoring - ok
19:52:56.0230 0x0f58  [ AC6547C062FB9C78445B4FAD098DB778, B5BA2763FE5F52A27063E0ED8FCA6F7F2AE8E7BA26CA134D6A2A6F441B656E07 ] C:\Users\Home\AppData\Local\FlickrUploadrWindows\Update.exe
19:52:56.0322 0x0f58  FlickrUploadr - ok
19:52:56.0330 0x0f58  UTWmedia - ok
19:52:56.0377 0x0f58  [ CC1959AB3929997F4198AA69C854086F, B60D0CB690E8490152691DFBC5E2321FB1CA4CBCE343F42C141BEEF9D76D531F ] C:\Windows\System32\regsvr32.exe
19:52:56.0404 0x0f58  Emktion - ok
19:52:56.0613 0x0f58  [ D20B41EFA291D3EFFE8FF9F9A30553F8, 83C3FE3973F6A41D997ED15C21DD44CB27EBFA54EA75BCC540483089C9A3DB8E ] C:\Users\Home\AppData\Local\Citrix\GoToMeeting\3019\g2mstart.exe
19:52:56.0633 0x0f58  GoToMeeting - ok
19:52:56.0634 0x0f58  Waiting for KSN requests completion. In queue: 59
19:52:57.0634 0x0f58  Waiting for KSN requests completion. In queue: 59
19:52:58.0634 0x0f58  Waiting for KSN requests completion. In queue: 59
19:52:59.0693 0x0f58  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x41000 ( enabled : updated )
19:52:59.0810 0x0f58  Win FW state via NFP2: enabled ( trusted )
19:53:02.0246 0x0f58  ============================================================
19:53:02.0246 0x0f58  Scan finished
19:53:02.0246 0x0f58  ============================================================
19:53:02.0262 0x11bc  Detected object count: 0
19:53:02.0262 0x11bc  Actual detected object count: 0
 
 
I have also run Farbar Recovery
 
First 
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-07-2015
Ran by Home (administrator) on HOME-PC (28-07-2015 19:18:19)
Running from C:\Users\Home\Downloads
Loaded Profiles: Home (Available Profiles: Home)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(QFX Software Corporation) C:\Users\Home\Desktop\KeyScrambler\KeyScrambler.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Home\AppData\Local\Citrix\GoToMeeting\3019\g2mstart.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Home\AppData\Local\Citrix\GoToMeeting\3019\g2mcomm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Home\AppData\Local\Citrix\GoToMeeting\3019\g2mlauncher.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Users\Home\Downloads\tdsskiller.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-28] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM\...\Run: [KeyScrambler] => C:\Users\Home\Desktop\KeyScrambler\keyscrambler.exe [509216 2015-06-10] (QFX Software Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist Corporate\1121\G2AWinLogon.dll [2015-06-06] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6715160 2015-07-25] (SUPERAntiSpyware)
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6278424 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\Run: [FlickrUploadr] => "C:\Users\Home\AppData\Local\FlickrUploadrWindows\Update.exe" --processStart Flickr.exe
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\Run: [UTWmedia] => regsvr32.exe C:\Users\Home\AppData\Local\UTWmedia\lepkor.dll <===== ATTENTION
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\Run: [Emktion] => C:\Windows\System32\regsvr32.exe C:\Users\Home\AppData\Local\Obics\lepkor.dll
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\Run: [GoToMeeting] => C:\Users\Home\AppData\Local\Citrix\GoToMeeting\3019\g2mstart.exe [42504 2015-07-12] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\Users\Home\AppData\Local\Obics\lepkor.dll ATTENTION! ====> ZeroAccess?
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-28] (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000 -> DefaultScope {718ECDF3-939E-439F-8E9D-30A787A0809C} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000 -> {718ECDF3-939E-439F-8E9D-30A787A0809C} URL = https://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-28] (AVAST Software)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{288AF0CE-07DF-4A55-AF9A-A7E91688F2AE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4C599D19-E0E1-4990-8027-F63F2AF7A575}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C7F2F074-EFB1-4DE2-AAB7-B80CC2846F8A}: [DhcpNameServer] 172.20.10.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2159580509-3706010778-2699225716-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Home\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-21] (Citrix Online)
FF Plugin HKU\S-1-5-21-2159580509-3706010778-2699225716-1000: @radvision.com/ConfClient -> C:\Users\Home\AppData\Local\Radvision\Installer\1.5.0.5\npclientinstmgr.dll [2015-02-15] (Avaya, Inc.)
FF Plugin HKU\S-1-5-21-2159580509-3706010778-2699225716-1000: SkypePlugin -> C:\Users\Home\AppData\Local\SkypePlugin\7.1.0.63\npSkypePlugin.dll [2014-11-27] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2159580509-3706010778-2699225716-1000: SkypePlugin64 -> C:\Users\Home\AppData\Local\SkypePlugin\7.1.0.63\npSkypePlugin-x64.dll [2014-11-27] (Skype Technologies S.A.)
FF Plugin ProgramFiles/Appdata: C:\Users\Home\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-02-19] (Cisco WebEx LLC)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-07]
 
Chrome: 
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-06]
CHR Extension: (Skype Calling) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-05-11]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-06]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-06]
CHR Extension: (Google Sheets) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (GoToMeeting for Google Calendar) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaonpiemcjiihedemhopdoefaohcjoch [2015-06-28]
CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-06]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-02-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2015-07-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-06]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-14]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-28] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-28] (Avast Software)
S3 GoToAssist; C:\Program Files\Citrix\GoToAssist Corporate\1121\G2AC_Service.exe [310080 2015-06-06] (Citrix Online, a division of Citrix Systems, Inc.)
S2 MBAMService; C:\AdwCleaner\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-07-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-07-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-07-28] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-07-28] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-07-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-28] (AVAST Software)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [211408 2015-06-03] (QFX Software Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-28] (AVAST Software)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-28] (Avast Software)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-28 19:18 - 2015-07-28 19:19 - 00016013 _____ C:\Users\Home\Downloads\FRST.txt
2015-07-28 19:18 - 2015-07-28 19:18 - 00000000 ____D C:\FRST
2015-07-28 19:16 - 2015-07-28 19:16 - 01650688 _____ (Farbar) C:\Users\Home\Downloads\FRST.exe
2015-07-28 19:06 - 2015-07-28 19:07 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Home\Downloads\tdsskiller.exe
2015-07-28 18:55 - 2015-07-28 18:55 - 00000000 ____D C:\Users\Home\AppData\Roaming\QFX Software
2015-07-28 18:55 - 2015-07-28 18:55 - 00000000 ____D C:\ProgramData\QFX Software
2015-07-28 18:53 - 2015-07-28 18:53 - 00001102 _____ C:\Windows\PFRO.log
2015-07-28 18:51 - 2015-07-28 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
2015-07-28 18:51 - 2015-06-03 15:59 - 00211408 _____ (QFX Software Corporation) C:\Windows\system32\Drivers\keyscrambler.sys
2015-07-28 18:50 - 2015-07-28 18:50 - 00000000 ____D C:\Users\Home\Desktop\KeyScrambler
2015-07-28 18:49 - 2015-07-28 18:49 - 01555032 _____ C:\Users\Home\Downloads\KeyScrambler_Setup.exe
2015-07-28 12:54 - 2015-07-28 12:54 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-28 12:54 - 2015-07-28 12:54 - 00161472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-07-28 12:54 - 2015-07-28 12:54 - 00095112 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-07-28 12:54 - 2015-07-28 12:54 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-23 20:54 - 2015-07-25 22:10 - 00000000 ____D C:\Users\Home\AppData\Local\Obics
2015-07-23 20:54 - 2015-07-23 20:54 - 00000000 ____D C:\Users\Home\AppData\Local\UTWmedia
2015-07-23 20:52 - 2015-07-23 21:30 - 00000022 _____ C:\Users\Home\Downloads\Court_Notification_00697205.zip
2015-07-22 08:00 - 2015-07-14 17:02 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 08:00 - 2015-07-14 15:23 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 16:37 - 2015-07-21 16:37 - 00338751 _____ C:\Users\Home\Downloads\mod_playerjr_3.12.1_UNZIP_FIRST (1).zip
2015-07-21 16:36 - 2015-07-21 16:36 - 00338751 _____ C:\Users\Home\Downloads\mod_playerjr_3.12.1_UNZIP_FIRST.zip
2015-07-21 11:26 - 2015-07-21 11:26 - 00027901 _____ C:\Users\Home\Downloads\joomla3_cincopa (1).zip
2015-07-21 11:16 - 2015-07-21 11:16 - 00027901 _____ C:\Users\Home\Downloads\joomla3_cincopa.zip
2015-07-21 08:51 - 2015-07-21 08:51 - 00002407 _____ C:\Users\Home\Downloads\wizardgo_player_joomla.zip
2015-07-20 18:57 - 2015-07-20 18:58 - 00876150 _____ C:\Users\Home\Downloads\smith.bmp
2015-07-19 09:35 - 2015-07-19 09:35 - 00057214 _____ C:\Users\Home\Downloads\mod_marqueeaholic_J3.x_v1.4.3.zip
2015-07-19 09:35 - 2015-07-19 09:35 - 00057214 _____ C:\Users\Home\Downloads\mod_marqueeaholic_J3.x_v1.4.3 (1).zip
2015-07-18 16:40 - 2015-07-18 16:40 - 00005576 _____ C:\Users\Home\Downloads\mod_rss_marquee_for_joomla_3.4.zip
2015-07-18 13:20 - 2015-07-18 13:21 - 00305360 _____ (Citrix Online) C:\Users\Home\Downloads\GoToMeeting Launcher (1).exe
2015-07-18 07:18 - 2015-07-18 07:19 - 01123736 _____ C:\Users\Home\Downloads\33-34Savitri.txt
2015-07-18 07:14 - 2015-07-18 07:14 - 00001975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.0.lnk
2015-07-18 07:14 - 2015-07-18 07:14 - 00001963 _____ C:\Users\Public\Desktop\Adobe Digital Editions 4.0.lnk
2015-07-18 07:14 - 2015-07-18 07:14 - 00000000 ____D C:\Users\Home\AppData\Local\Adobe_Systems_Incorporate
2015-07-18 07:14 - 2015-07-18 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-07-18 07:13 - 2015-07-18 07:14 - 00000000 ____D C:\Users\Home\Documents\My Digital Editions
2015-07-18 07:12 - 2015-07-18 07:13 - 08466632 _____ (Adobe Systems Incorporated) C:\Users\Home\Downloads\ADE_4.0_Installer.exe
2015-07-16 15:14 - 2015-07-16 19:06 - 00000000 ____D C:\Users\Home\Desktop\Twinkl
2015-07-16 09:42 - 2015-06-25 03:57 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 09:41 - 2015-07-03 17:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 09:41 - 2015-06-17 17:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 09:41 - 2015-06-17 16:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 09:40 - 2015-06-12 17:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 09:32 - 2015-05-31 09:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-16 09:31 - 2015-06-27 17:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 09:31 - 2015-06-27 17:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 09:31 - 2015-06-27 17:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 09:31 - 2015-06-27 17:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-16 09:31 - 2015-06-27 15:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 09:31 - 2015-06-27 15:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 09:31 - 2015-06-12 14:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-16 09:31 - 2015-01-09 01:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 08:11 - 2015-07-03 06:31 - 12386304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 08:11 - 2015-07-03 06:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-16 08:11 - 2015-06-17 02:14 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 08:11 - 2015-06-17 02:12 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 08:11 - 2015-06-17 02:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-16 08:11 - 2015-06-17 02:10 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-16 08:11 - 2015-06-17 02:09 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 08:11 - 2015-06-17 02:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-16 08:11 - 2015-06-17 02:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-16 08:11 - 2015-06-17 02:09 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-16 08:11 - 2015-06-17 02:08 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-16 08:11 - 2015-06-17 02:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-16 08:11 - 2015-06-17 02:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-16 08:11 - 2015-06-17 02:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-07-16 08:11 - 2015-06-17 02:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-16 08:11 - 2015-06-17 02:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-16 08:11 - 2015-06-17 02:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-16 08:11 - 2015-06-17 02:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-16 08:11 - 2015-06-17 02:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-16 08:11 - 2015-06-17 02:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-07-16 08:11 - 2015-06-17 02:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-07-16 08:11 - 2015-06-17 02:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-07-11 09:01 - 2015-07-11 09:49 - 13415916 _____ C:\Users\Home\Documents\2015-07-11 09.01 SAVITRI Reading.g2m
2015-07-10 21:03 - 2015-07-10 21:47 - 90277230 _____ C:\Users\Home\Documents\2015-07-10 21.03 SAVITRI Reading.g2m
2015-07-09 22:44 - 2015-07-09 22:44 - 00018295 _____ C:\Users\Home\Downloads\mod_textscroller.zip
2015-07-09 22:04 - 2015-07-09 22:04 - 56297805 _____ C:\Users\Home\Documents\2015-07-09 21.00 SAVITRI Reading.wmv
2015-07-09 09:58 - 2015-07-09 09:58 - 40743021 _____ C:\Users\Home\Documents\2015-07-09 09.17 SAVITRI Reading.wmv
2015-07-08 21:26 - 2015-07-08 21:26 - 24931289 _____ C:\Users\Home\Documents\2015-07-08 21.00 SAVITRI Reading.wmv
2015-07-08 13:21 - 2015-07-08 13:21 - 00578327 _____ C:\Users\Home\Downloads\SAFS Brent 2015 Final.xlsm
2015-07-08 13:21 - 2015-07-08 13:21 - 00121629 _____ C:\Users\Home\Downloads\Brent 2015 Application.odt
2015-07-08 10:17 - 2015-07-08 10:16 - 52019077 _____ C:\Users\Home\Documents\2015-07-08 09.05 SAVITRI Reading.wmv
2015-07-07 22:31 - 2015-07-07 22:31 - 82554631 _____ C:\Users\Home\Documents\2015-07-07 21.00 SAVITRI Reading.wmv
2015-07-07 12:37 - 2015-07-07 12:37 - 00001880 _____ C:\Users\Home\Downloads\Outstanding Citrix Invoice(s) - 6003319776.txt
2015-07-07 10:25 - 2015-07-07 10:25 - 61805225 _____ C:\Users\Home\Documents\2015-07-07 08.59 SAVITRI Reading.wmv
2015-07-06 21:37 - 2015-07-06 21:37 - 33398181 _____ C:\Users\Home\Documents\2015-07-06 21.02 SAVITRI Reading.wmv
2015-07-06 15:16 - 2015-07-06 15:39 - 00000022 _____ C:\Users\Home\Downloads\lowercasealphabet.zip
2015-07-06 09:54 - 2015-07-06 09:54 - 41706273 _____ C:\Users\Home\Documents\2015-07-06 09.01 SAVITRI Reading.wmv
2015-07-05 13:37 - 2015-07-05 13:37 - 00090054 _____ C:\Users\Home\Desktop\New Picture.bmp
2015-07-04 21:56 - 2015-07-04 21:57 - 00298192 _____ (Citrix Online) C:\Users\Home\Downloads\GoToMeeting Launcher.exe
2015-07-04 19:01 - 2015-07-04 19:03 - 00000000 ____D C:\Users\Home\04.07.2015 2015-03-28 - 2015-07-04
2015-07-04 12:44 - 2015-07-04 12:44 - 00000000 ____D C:\ProgramData\WindowsSearch
2015-07-02 11:03 - 2015-07-02 11:03 - 00000926 _____ C:\Users\Home\Downloads\A New Apprentice For the New Term at Sohag Patel.txt
2015-07-01 22:32 - 2015-07-01 22:32 - 00160256 _____ C:\Users\Home\Downloads\cashflow_annual_sample.xls
2015-07-01 22:32 - 2015-07-01 22:32 - 00160256 _____ C:\Users\Home\Downloads\cashflow_annual_sample (1).xls
2015-07-01 11:28 - 2015-07-01 11:28 - 00159744 _____ (Apple Inc.) C:\Users\Plugins\npqtplugin5.dll
2015-07-01 11:28 - 2015-07-01 11:28 - 00159744 _____ (Apple Inc.) C:\Users\Plugins\npqtplugin4.dll
2015-07-01 11:28 - 2015-07-01 11:28 - 00159744 _____ (Apple Inc.) C:\Users\Plugins\npqtplugin3.dll
2015-07-01 11:28 - 2015-07-01 11:28 - 00159744 _____ (Apple Inc.) C:\Users\Plugins\npqtplugin2.dll
2015-07-01 11:28 - 2015-07-01 11:28 - 00159744 _____ (Apple Inc.) C:\Users\Plugins\npqtplugin.dll
2015-07-01 11:28 - 2015-07-01 11:28 - 00004208 _____ C:\Users\Plugins\QuickTimePlugin.class
2015-07-01 11:28 - 2015-07-01 11:28 - 00002394 _____ C:\Users\Plugins\nsIQTScriptablePlugin.xpt
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\zh_TW.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\zh_CN.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\sv.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\ru.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\pt_PT.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\pt.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\pl.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\nl.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\nb.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\ko.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\ja.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\it.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\fr.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\fi.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\es.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\en.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\de.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources\da.lproj
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTimePlayer.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QuickTime.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeWebHelper.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeVRAuthoring.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeVR.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeThirdParty.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeStreamingExtras.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeStreamingAuthoring.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeStreaming.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeMusic.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeMPEG4Authoring.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeMPEG4.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeMPEG.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeInternetExtras.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeImage.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeH264.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeEssentials.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeEffects.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeCapture.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeAuthoring.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTimeAudioSupport.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTime3GPPAuthoring.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTime3GPP.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\QuickTime.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem\CoreVideo.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\QTSystem
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\PropertyPanels\PropPanelHelpers.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\PropertyPanels\PanelHelperBase.Resources
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\PropertyPanels
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\Users\Plugins
2015-07-01 11:28 - 2015-07-01 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-06-28 16:55 - 2015-07-24 09:01 - 00002164 _____ C:\Users\Home\Desktop\GoToTraining.lnk
2015-06-28 16:55 - 2015-07-24 09:01 - 00001232 _____ C:\Users\Home\Desktop\GoToMeeting.lnk
2015-06-28 16:55 - 2015-06-28 16:55 - 00000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
2015-06-28 16:54 - 2015-07-28 18:30 - 00000556 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2159580509-3706010778-2699225716-1000.job
2015-06-28 16:54 - 2015-07-28 17:46 - 00000652 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2159580509-3706010778-2699225716-1000.job
2015-06-28 11:40 - 2015-07-15 23:03 - 44302336 _____ C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000001
2015-06-28 11:40 - 2015-07-15 23:03 - 27525120 _____ C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000003
2015-06-28 11:40 - 2015-07-15 23:02 - 01572864 _____ C:\Users\Home\.ghost-ntfs-3g-00000000000000000009
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-28 18:59 - 2009-04-11 13:37 - 01660545 _____ C:\Windows\WindowsUpdate.log
2015-07-28 18:56 - 2015-02-15 11:16 - 00000000 ____D C:\Users\Home\AppData\Roaming\Skype
2015-07-28 18:54 - 2015-03-26 19:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-28 18:53 - 2015-02-06 14:02 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-28 18:53 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-28 18:53 - 2006-11-02 13:47 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-28 18:53 - 2006-11-02 13:47 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-28 18:52 - 2006-11-02 14:01 - 00032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-28 18:30 - 2015-02-06 14:02 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-28 17:55 - 2015-06-07 21:57 - 00000000 ____D C:\Users\Home\Documents\original
2015-07-28 17:37 - 2015-02-06 13:02 - 00000000 ____D C:\Users\Home
2015-07-28 16:45 - 2015-04-28 19:33 - 00000000 ____D C:\Users\Home\AppData\Local\CrashDumps
2015-07-28 15:56 - 2015-03-14 16:12 - 00000000 ____D C:\Windows\system32\vbox
2015-07-28 14:22 - 2015-02-06 14:01 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-28 13:27 - 2015-05-15 09:39 - 00000000 ____D C:\Users\Home\Desktop\Adventure
2015-07-28 12:54 - 2015-02-06 14:02 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-28 12:54 - 2015-02-06 14:02 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-28 12:54 - 2015-02-06 14:02 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-28 12:54 - 2015-02-06 14:02 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-28 12:54 - 2015-02-06 14:02 - 00057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-07-28 12:54 - 2015-02-06 14:02 - 00055200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-07-28 12:54 - 2015-02-06 14:02 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-28 12:54 - 2015-02-06 14:02 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-26 09:38 - 2015-02-06 14:04 - 00001971 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-26 08:47 - 2015-02-06 13:02 - 00001356 _____ C:\Users\Home\AppData\Local\d3d9caps.dat
2015-07-25 22:10 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\PLA
2015-07-25 21:09 - 2015-02-06 14:01 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-07-23 21:28 - 2015-05-24 22:26 - 00000000 ____D C:\Windows\Minidump
2015-07-22 13:18 - 2015-03-21 10:46 - 00000000 ____D C:\Users\Home\Desktop\SAFS 2015
2015-07-22 08:17 - 2006-11-02 13:47 - 00397080 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 10:51 - 2015-05-24 18:29 - 00000000 ____D C:\ProgramData\f54f7720000013e9
2015-07-18 07:13 - 2015-03-24 11:48 - 00000000 ____D C:\Program Files\Adobe
2015-07-17 13:23 - 2015-02-06 13:07 - 00000000 ____D C:\Users\Home\Desktop\patel
2015-07-16 11:56 - 2006-11-02 11:33 - 00758370 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-16 09:40 - 2015-02-07 10:01 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 13:54 - 2015-03-26 19:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 13:54 - 2015-03-26 19:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-15 09:16 - 2015-03-24 11:48 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-15 09:15 - 2015-03-24 11:48 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-07 20:28 - 2015-06-20 16:47 - 00000000 ____D C:\Users\Home\Desktop\SAATM
2015-07-07 16:53 - 2015-05-21 15:01 - 00000000 ____D C:\Users\Home\AppData\Local\Citrix
2015-07-03 11:41 - 2015-03-23 01:17 - 00000000 ___RD C:\Program Files\Skype
2015-07-03 11:41 - 2015-02-15 11:16 - 00000000 ____D C:\ProgramData\Skype
2015-07-03 08:49 - 2006-11-02 11:24 - 127070192 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-07-02 08:24 - 2015-05-09 23:18 - 00000000 ____D C:\Users\Home\AppData\Local\FlickrUploadrWindows
2015-07-01 23:30 - 2015-04-20 10:48 - 00000000 ____D C:\AdwCleaner
2015-07-01 23:30 - 2015-02-06 14:01 - 00000794 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-01 23:30 - 2015-02-06 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
 
==================== Files in the root of some directories =======
 
2015-05-28 17:45 - 2015-05-28 17:45 - 0000036 _____ () C:\Users\Home\AppData\Roaming\Opusbext.dat
2015-02-17 17:40 - 2015-02-17 17:40 - 0024206 _____ () C:\Users\Home\AppData\Roaming\UserTile.png
2015-02-06 13:02 - 2015-07-26 08:47 - 0001356 _____ () C:\Users\Home\AppData\Local\d3d9caps.dat
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-28 19:02
 
==================== End of log ============================
 
Addition
 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-07-2015
Ran by Home at 2015-07-28 19:20:02
Running from C:\Users\Home\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2159580509-3706010778-2699225716-500 - Administrator - Disabled)
Guest (S-1-5-21-2159580509-3706010778-2699225716-501 - Limited - Disabled)
Home (S-1-5-21-2159580509-3706010778-2699225716-1000 - Administrator - Enabled) => C:\Users\Home
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Digital Editions 4.0 (HKLM\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco WebEx Meetings (HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
DolbyFiles (Version: 0.1 - Nero AG) Hidden
File Identifier (HKLM\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.8 - Sharpened Productions)
FileZilla Client 3.10.3 (HKLM\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Flickr Uploadr for Windows (HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\FlickrUploadrWindows) (Version: 0.9.90.246 - Flickr)
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
GoToAssist Corporate (HKLM\...\GoToAssist) (Version: 11.3.0.1121 - Citrix Online, a division of Citrix Systems, Inc.)
GoToMeeting 7.2.3.3019 (HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\GoToMeeting) (Version: 7.2.3.3019 - CitrixOnline)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
InCD Help (Version: 6.4.0.0 - Nero AG) Hidden
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.7.0.0 - QFX Software Corporation)
K-Lite Codec Pack 10.9.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.9.5 - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM\...\{9d8f8637-2435-4b5e-984e-fa1200d4d953}) (Version:  - Nero AG)
OpenOffice 4.1.1 (HKLM\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Scopia Meeting Outlook Add-In (HKLM\...\{1432AAF0-8F50-4C6E-8BDE-4175AE45AB5D}) (Version: 1.0.117 - Avaya)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Web Plugin (HKLM\...\{8FDC1BC1-D9FF-4EE1-B2E5-5852F9D820AF}) (Version: 7.1.0.63 - Skype Technologies S.A.)
Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.2.11.0 - Synaptics Incorporated)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}) (Version: 1.23.0000 - Texas Instruments Inc.)
TIPCI (Version: 1.23.0000 - Texas Instruments Inc.) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{12BB8FBC-3502-4523-A3C6-EAC64F886E38}\InprocServer32 -> C:\Users\Home\AppData\Local\Radvision\Installer\1.5.0.5\clientinstmgr.dll (Avaya, Inc.)
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{20BEBD18-11D0-4470-AAE1-F34B9E8D9761}\InprocServer32 -> C:\Users\Home\AppData\Local\SkypePlugin\7.1.0.63\GatewayActiveX.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\ProgramData\WebEx\WebEx\1324\atucfobj.dll (Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{44B70501-8D0D-11D1-A4CC-00805FD9D93C}\InprocServer32 ->  No File
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{6C085518-1934-4BB2-B6BB-862608E5BA0E}\InprocServer32 -> C:\Users\Home\AppData\Local\Radvision\Installer\1.5.0.5\clientinstmgr.dll (Avaya, Inc.)
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{6CC09415-4DF6-46CE-B549-DAC11D9CDBAB}\InprocServer32 -> C:\Users\Home\AppData\Local\Radvision\Installer\1.5.0.5\npclientinstmgr.dll (Avaya, Inc.)
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{7689E767-A379-4CDF-8AE1-E55541D9F4A3}\InprocServer32 -> C:\Users\Home\AppData\Local\Radvision\Installer\1.5.0.5\clientinstmgr.dll (Avaya, Inc.)
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{7B56DD1E-FF92-4C55-AD32-D09BAC008C91}\InprocServer32 -> C:\Users\Home\AppData\Local\Radvision\Installer\1.5.0.5\clientinstmgr.dll (Avaya, Inc.)
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Home\AppData\Local\Citrix\GoToMeeting\3019\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{B5322578-1624-4C26-BB8C-E366FFB9314F}\localserver32 -> C:\Users\Home\AppData\Local\SkypePlugin\7.1.0.63\GatewayVersion.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{E7796E3C-2940-4BD3-875E-0E42EE0215E0}\localserver32 -> C:\Users\Home\AppData\Local\SkypePlugin\7.1.0.63\PluginHost.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2159580509-3706010778-2699225716-1000_Classes\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InprocServer32 -> C:\Users\Home\AppData\Local\Obics\lepkor.dll ()
 
==================== Restore Points =========================
 
28-07-2015 10:45:02 Windows Update
28-07-2015 12:51:09 avast! antivirus system restore point
28-07-2015 13:21:46 Avast Cleanup
28-07-2015 16:44:12 Avast Cleanup
28-07-2015 16:51:58 Avast Cleanup
28-07-2015 17:21:17 Avast Cleanup
28-07-2015 17:27:55 Avast Cleanup
28-07-2015 17:47:13 Avast Cleanup
28-07-2015 17:51:27 Avast Cleanup
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04024C57-39AA-413D-8ECE-693F3AFC837D} - \WebBarUpdateTask No Task File <==== ATTENTION
Task: {05ED1A6B-41BC-4EF0-8713-3B44CED16A89} - \Price Fountain No Task File <==== ATTENTION
Task: {12A39444-EF59-4B45-88C0-BD73711EAE15} - System32\Tasks\{67041B40-3B13-4747-B145-5FB10AAFF70A} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {2235A257-A068-40FB-9D91-E669062E538D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-28] (AVAST Software)
Task: {227B3EE0-EF09-4765-AD0A-D13B885A95EC} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-01-13] ()
Task: {253EACD2-5C3C-404A-B60B-D84601A3149C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Home => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {2FD87F46-8B77-48C4-BF2D-10DCAFD4A01B} - System32\Tasks\G2MUploadTask-S-1-5-21-2159580509-3706010778-2699225716-1000 => C:\Users\Home\AppData\Local\Citrix\GoToMeeting\3019\g2mupload.exe [2015-07-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {37249AEE-E1CF-4B0A-81A1-842E7508C465} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B7B1C17-49CE-4A67-B643-5F60B7B61B71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {4BE9F546-864F-4B37-BCA0-DC1D964F13F4} - \Periodic Synchronize Task No Task File <==== ATTENTION
Task: {4E7846D8-B252-45BD-BEAE-68E8C353EE7D} - \WebBarLaunchTask No Task File <==== ATTENTION
Task: {4FC4D5A9-F5ED-4FC7-9504-54BC692F4248} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {81150E13-F911-4924-98F3-5A10AE5D0D2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {880781BC-93FC-4696-96F9-19C974372E3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-06] (Google Inc.)
Task: {BE74407C-C235-494B-9820-6F0EF52189AB} - System32\Tasks\G2MUpdateTask-S-1-5-21-2159580509-3706010778-2699225716-1000 => C:\Users\Home\AppData\Local\Citrix\GoToMeeting\3019\g2mupdate.exe [2015-07-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {F0C76EE8-FFBA-4595-BC01-E89359E4070C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-06] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2159580509-3706010778-2699225716-1000.job => C:\Users\Home\AppData\Local\Citrix\GoToMeeting\3019\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2159580509-3706010778-2699225716-1000.job => C:\Users\Home\AppData\Local\Citrix\GoToMeeting\3019\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-03-14 14:54 - 2015-07-28 12:54 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-14 14:54 - 2015-07-28 12:54 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-28 12:39 - 2015-07-28 12:39 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072800\algo.dll
2015-07-23 20:54 - 2015-07-23 20:54 - 00180224 _____ () C:\Users\Home\AppData\Local\UTWmedia\lepkor.dll
2015-03-29 11:29 - 2015-03-29 11:29 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-07-23 20:54 - 2015-07-23 20:54 - 00180224 _____ () C:\Users\Home\AppData\Local\Obics\lepkor.dll
2008-06-03 04:35 - 2008-06-03 04:35 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-14 10:45 - 2015-03-14 14:54 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-26 09:37 - 2015-07-23 23:39 - 16308040 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.107\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{EB7D20DB-F9CF-4A9F-A710-BE1C3179F4BF}] => (Allow) LPort=80
FirewallRules: [{BACAAE58-31CC-43B1-8EDE-157431A5E032}] => (Allow) LPort=80
FirewallRules: [{371EA284-00D3-48B9-B9B1-0A19C32B3098}] => (Allow) LPort=80
FirewallRules: [{BB9E98EA-924D-43A3-ADD9-B55437DFE61F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{E4236FE3-65C2-4099-A9B5-3D059AB9BF3D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0E8C8D23-7BE5-409F-95EA-0BD33A5B4660}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97DC601B-2C10-41CF-A22F-A994F8AA2C10}] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{C5E05D21-D19A-4C6F-8165-B85E9574C087}] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{13725AAA-FB78-4802-AA12-9543C9368206}] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{10DAFC5D-85F4-41A4-8063-5C29AD8551E4}] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{2853EA2D-29D4-4FD0-8FEA-EA3364A86E75}] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{90DAE36E-93EE-4ED8-9B88-D2EB191A59E2}] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{64BE3DDB-6D43-429D-9D39-7FDF07F052F3}] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{DB0926E0-97A4-4F77-8912-67791B481EF5}] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{13B8E610-A3E0-4C0A-A15E-F6BCC4DC1B8E}] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{CCD85589-4C08-4798-AA76-7A08ED343327}] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{464D7F89-32C1-4CD4-B8A4-03E03147E8B9}] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{91971475-B49C-4AE0-AFFF-39D589EB44E0}] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [TCP Query User{F3F923F2-32B2-4623-AEC9-B6DE32C92151}C:\users\home\appdata\local\skypeplugin\7.1.0.63\pluginhost.exe] => (Allow) C:\users\home\appdata\local\skypeplugin\7.1.0.63\pluginhost.exe
FirewallRules: [UDP Query User{F2781CB4-3260-4B31-B7A7-43470FFC11ED}C:\users\home\appdata\local\skypeplugin\7.1.0.63\pluginhost.exe] => (Allow) C:\users\home\appdata\local\skypeplugin\7.1.0.63\pluginhost.exe
FirewallRules: [{1D59E467-7572-4D88-A41D-C6627E0FF059}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{9B87114F-94FA-4830-82DB-E8E92F32837B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EA4757E3-1190-4E52-9B76-DCFD01314461}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{A5E4AC39-EB21-4B1D-915E-287C0451EA8C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{35E73C5E-5166-46A8-9DD3-D2639159D645}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/28/2015 06:58:23 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/28/2015 06:58:23 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/28/2015 06:58:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/28/2015 06:58:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/28/2015 06:57:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/28/2015 06:57:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/28/2015 06:57:47 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/28/2015 06:57:47 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/28/2015 06:57:43 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (07/28/2015 06:57:43 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
 
System errors:
=============
Error: (07/28/2015 06:54:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (07/28/2015 06:51:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (07/28/2015 05:37:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (07/28/2015 01:17:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (07/28/2015 01:16:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:15:14 on 28/07/2015 was unexpected.
 
Error: (07/28/2015 12:58:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (07/28/2015 12:38:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (07/28/2015 12:38:24 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.0.10 for the Network Card with network address 001CBF1B0D3D has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
 
Error: (07/28/2015 10:46:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070020Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 x86 (KB3037573){7E80442D-8DCE-42D1-8EF4-FDF7B487475A}202
 
Error: (07/28/2015 10:46:41 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB3037573 (Security Update) into Resolved(Resolved) state
 
 
Microsoft Office:
=========================
Error: (07/28/2015 06:58:23 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES
 
Error: (07/28/2015 06:58:23 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES
 
Error: (07/28/2015 06:58:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS
 
Error: (07/28/2015 06:58:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS
 
Error: (07/28/2015 06:57:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES
 
Error: (07/28/2015 06:57:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES
 
Error: (07/28/2015 06:57:47 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS
 
Error: (07/28/2015 06:57:47 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS
 
Error: (07/28/2015 06:57:43 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS
 
Error: (07/28/2015 06:57:43 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\HOME\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS
 
 
CodeIntegrity Error:
===================================
  Date: 2015-07-28 19:19:00.543
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-28 19:19:00.300
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-28 19:19:00.053
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-28 19:18:59.794
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-28 15:00:57.685
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-28 15:00:57.227
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-28 15:00:56.948
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-28 15:00:56.499
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-28 14:42:22.254
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-28 14:42:21.944
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU T5250 @ 1.50GHz
Percentage of memory in use: 88%
Total physical RAM: 2045.69 MB
Available physical RAM: 231.8 MB
Total Virtual: 4330.64 MB
Available Virtual: 2217.52 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.88 GB) (Free:118.75 GB) NTFS ==>[drive with boot components (obtained from BCD)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 83108FCD)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
==================== End of log ============================


Edited by Queen-Evie, 28 July 2015 - 02:36 PM.
moved from Am I Intected to Malware Removal Logs. FRST logs are allowed only in MRL forum


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:26 PM

Posted 31 July 2015 - 07:38 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.


start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\Run: [UTWmedia] => regsvr32.exe C:\Users\Home\AppData\Local\UTWmedia\lepkor.dll <===== ATTENTION
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...\Run: [Emktion] => C:\Windows\System32\regsvr32.exe C:\Users\Home\AppData\Local\Obics\lepkor.dll
HKU\S-1-5-21-2159580509-3706010778-2699225716-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\Users\Home\AppData\Local\Obics\lepkor.dll ATTENTION! ====> ZeroAccess?
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-14]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
Task: {04024C57-39AA-413D-8ECE-693F3AFC837D} - \WebBarUpdateTask No Task File <==== ATTENTION
Task: {05ED1A6B-41BC-4EF0-8713-3B44CED16A89} - \Price Fountain No Task File <==== ATTENTION
Task: {4BE9F546-864F-4B37-BCA0-DC1D964F13F4} - \Periodic Synchronize Task No Task File <==== ATTENTION
Task: {4E7846D8-B252-45BD-BEAE-68E8C353EE7D} - \WebBarLaunchTask No Task File <==== ATTENTION
C:\Users\Home\AppData\Local\UTWmedia
C:\Users\Home\AppData\Local\Obics

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is the computer running now?

#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:26 PM

Posted 05 August 2015 - 07:56 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users