• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

WinSysClean X5 valt niet te installeren?

Status
Niet open voor verdere reacties.
HansGU

HansGU

Elite lid
Lid geworden
22 jul 2012
Berichten
5.088
Waarderingsscore
1
Helaas lukt het me niet in Windows-7 (64 bit) het programma WinSysClean X5 te installeren. Wel heb ik vanaf de opgegeven website het betreffende programma opgehaald (met de registratie code welke ik per mail ontving)

Ik dacht er goed aan te doen door eerst mijn oudere X4 versie te verwijderen. Helaas moest ik dit handmatig doen omdat het programma niet meer vermeld stond in ad/remove. Dit laatste zou misschien kunnen komen doordat ik ongeveer een maand geleden een systeem backup heb teruggezet.

Hoe dan ook, WSC X4 heb ik verwijderd door eerst de mappen te deleten en daarna ook via regedit iedere register verwijzing naar dat programma weg te halen. Daarbij heb ik geen fouten gemaakt en steeds F3 gebruikt voor een nieuwe zoekactie. Tenslotte werden geen verwijzingen naar X4 meer gevonden.

Het resultaat van dit alles is dat ik X5 nu niet meer kan installeren vanwege de onderstaande foutmeldingen (2 screenshots staan hieronder)

53d0d1b0dcd22-dit_zie_ik.jpg


53d0d1d406c6b-dit_zie_ik2.jpg


Alvast bedankt voor eventuele adviezen.
 
Download SystemLook.exe voor 32-bit- dan wel 64-bit Windows
  • Download het bestand naar het Bureaublad.

SystemLook.exe opstarten:
  • Windows 2000 en Windows XP: start SystemLook.exe middels dubbelklik op de snelkoppeling.
  • Windows Vista, Windows 7 en Windows 8: start SystemLook.exe middels rechtsklik op de snelkoppeling en dan kiezen voor "Als Administrator uitvoeren".
In het venster dat opent kopieer je onderstaande code:
Code: 
[color=#0000FF][SIZE="4"]:filefind
WinSysClean
:folderfind
WinSysClean
:regfind
WinSysClean
[/SIZE][/color]
  • Klik op de knop "Look" om de scan te activeren.
  • Als de scan klaar is opent een tekstbestand (SystemLook.txt).
  • Post de inhoud van dit logbestand.
 
Overigens heb ik zojuist getracht WinSysClean X4 opnieuw te installeren. Dit lukt ook niet meer.... Ok Abraham, ik ga dat doen

---------- Bericht toegevoegd op 12:30 ---------- Vorige bericht was op 12:25 ----------

========== filefind ==========

Searching for "WinSysClean"
No files found.

========== folderfind ==========

Searching for "WinSysClean"
No folders found.

========== regfind ==========

Searching for "WinSysClean"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug]
"StoreLocation"="C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_WinSysClean.exe_5f0ab48f6cc992b7648ca514770c647cadbb5e_0c47f316"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\WinSysClean.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug]
"StoreLocation"="C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_WinSysClean.exe_5f0ab48f6cc992b7648ca514770c647cadbb5e_0c47f316"
[HKEY_USERS\S-1-5-21-3321544612-3085500425-1333708152-1000\Software\Microsoft\Windows\Windows Error Reporting\Debug]
"StoreLocation"="C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_WinSysClean.exe_5f0ab48f6cc992b7648ca514770c647cadbb5e_0c47f316"

-= EOF =-

Dit was het logje Abraham.
 
Laatst bewerkt door een moderator:
Doe nu het volgende:

System File Checker
Ga naar Start en typ in de zoekregel cmd - bovenaan in het startmenu zie je nu de betreffende snelkoppeling.
Klik deze snelkoppeling met rechts aan en kies voor Als administrator uitvoeren.

In het zwarte venster typ je nu sfc /scannow gevolgd door indrukken van de Entertoets.
Denk wel aan de spatie na 'sfc'.
In het zwarte venster zie je vervolgens de voortgang van de scan.
SFC (SystemFileChecker) houdt in dat systeembestanden gecontroleerd worden op juist funktioneren, zo nodig volgt reparatie.
Let goed op de laatste meldingen in het venster: indien aangegeven wordt, dat herstel afhankelijk is van opnieuw opstarten, doe dit dan.

Is de scan klaar en hoeft er niet gerebooted te worden, typ je Exit gevolgd door indrukken van de Entertoets.
Laat wel weten wat de melding in het zwarte venster na de scan was.
 
Eerst even een printscreen van de melding welke na sfc /scannow in beeld kwam:

53d0e82aa1a63-resultaat_sfc_scan.jpg


Vervolgens heb ik geprobeerd het CBS-logbestand te openen hetgeen niet lukte omdat ik toen de melding: geen toegang kreeg.

Daarop heb ik het logbestand naar mijn D-partitie gekopieerd en tot mijn verbazing kon ik het toen wel openen en lezen (nou ja, lezen...). Het is een erg groot bestand (917.415 bytes) dat ik niet kon posten. Ik kreeg de melding dat er per post maximaal 140000 tekens konden worden verzonden. Dat zijn dus bijna 7 etappes welke (mogelijk) gepost moeten worden. Het probleem is dat ik dan tijdens het posten nauwelijk kan terugvinden waar het voorafgaande deel eindigde... Is er misschien een mogelijkheid de gehele log in 1 keer te posten? Het in 7 delen splitsen lijkt ondoenlijk?.
 
Laatst bewerkt door een moderator:
Download
51a5f5d096dae-icon_RSIT.png
RSIT van de onderstaande locaties en sla deze op het bureablad op.
Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

RSIT Downloaden
RSIT Uitvoeren
  • Dubbelklik op RSIT.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Als u RSIT de eerste keer uitvoert zal HijackThis gedownload worden als deze niet aanwezig is, sta dit vervolgens toe.
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" geopend.
RSIT Logbestanden plaatsen
  • Post de inhoud van het logbestand met de naam Log.txt toe in uw volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map "C:\rsit")"
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
 
Dag Abraham, hieronder staat het RSIT logbestand

Logfile of random's system information tool 1.10 (written by random/random)
Run by HansG at 2014-07-25 08:11:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 78 GB (64%) free of 123 GB
Total RAM: 6142 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:11:23, on 25-7-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\trend micro\HansG.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
O4 - HKLM\..\Run: [EMET Agent] "C:\Program Files (x86)\EMET 4.1\EMET_agent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3321544612-3085500425-1333708152-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3321544612-3085500425-1333708152-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Acronis OS Selector activeren (OS Selector) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PDFree\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11017 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" -r
"C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Raxco\PDFree\PDAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
WLIDSvcM.exe 2092
"C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\rundll32.exe" P17RunE.dll,RunDLLEntry
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
"C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe

"C:\Users\HansG\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\HansG\AppData\Roaming\Mozilla\Firefox\Profiles\7xd9x9zx.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\HansG\AppData\Roaming\Mozilla\Firefox\Profiles\7xd9x9zx.default\extensions\
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-01 658624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-01 1074368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-01 518336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]
WOT Helper - C:\Program Files\WOT\WOT.dll [2013-09-02 1753048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-01 584384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-01 542400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-01 885952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-01 428224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]
WOT Helper - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02 1430488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-01 488640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2013-09-02 1753048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02 1430488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2013-10-29 356128]
"EMET Agent"=C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [2013-11-12 78992]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2014-04-13 295512]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPath"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-07-25 08:11:15 ----D---- C:\rsit
2014-07-25 08:11:15 ----D---- C:\Program Files\trend micro
2014-07-24 21:57:24 ----ASH---- C:\hiberfil.sys
2014-07-24 08:12:06 ----D---- C:\Windows\MiniDump
2014-07-23 21:22:08 ----D---- C:\ProgramData\Geevs
2014-07-23 21:21:19 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-07-23 21:21:19 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-07-23 21:21:17 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-07-23 21:21:17 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-07-23 21:21:16 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-07-23 21:21:16 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-07-23 21:21:15 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-07-23 21:21:15 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-07-18 15:28:05 ----D---- C:\Output
2014-07-18 11:36:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-09 11:47:55 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 11:47:46 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 11:47:46 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 11:47:42 ----A---- C:\Windows\system32\aepdu.dll
2014-07-09 11:47:41 ----A---- C:\Windows\system32\aeinv.dll
2014-07-09 11:47:40 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-09 11:47:40 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 11:47:40 ----A---- C:\Windows\system32\osk.exe
2014-07-09 11:47:36 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-09 11:47:36 ----A---- C:\Windows\system32\schannel.dll
2014-07-09 11:47:36 ----A---- C:\Windows\system32\kerberos.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-09 11:47:35 ----A---- C:\Windows\system32\wdigest.dll
2014-07-09 11:47:35 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-09 11:47:35 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-09 11:47:35 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-09 11:47:35 ----A---- C:\Windows\system32\credssp.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 11:46:57 ----A---- C:\Windows\system32\iernonce.dll
2014-07-09 11:46:56 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-09 11:46:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-09 11:46:56 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-09 11:46:56 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 11:46:56 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 11:46:56 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 11:46:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-09 11:46:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-09 11:46:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-09 11:46:55 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 11:46:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 11:46:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-09 11:46:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-09 11:46:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-09 11:46:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-09 11:46:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 11:46:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-09 11:46:54 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 11:46:54 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 11:46:53 ----A---- C:\Windows\system32\iesetup.dll
2014-07-09 11:46:53 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-09 11:46:52 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-09 11:46:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 11:46:51 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 11:46:51 ----A---- C:\Windows\system32\ieui.dll
2014-07-09 11:46:51 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 11:46:51 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 11:46:50 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 11:46:50 ----A---- C:\Windows\system32\vbscript.dll
2014-07-09 11:46:50 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-09 11:46:50 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 11:46:50 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-09 11:46:50 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 11:46:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 11:46:49 ----A---- C:\Windows\system32\msrating.dll
2014-07-09 11:46:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-09 11:46:48 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 11:46:39 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 11:46:39 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-09 11:46:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-08 17:23:43 ----D---- C:\The KMPlayer
2014-07-07 09:57:05 ----A---- C:\Windows\system32\drivers\48230029.sys
2014-07-02 20:39:48 ----D---- C:\Program Files\CCleaner
2014-07-01 09:25:13 ----D---- C:\Windows\SYSWOW64\%Report%
2014-06-24 02:24:47 ----D---- C:\Todo
2014-06-23 04:09:51 ----D---- C:\Users\HansG\AppData\Roaming\BeSpotted
2014-06-12 01:14:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-11 00:00:37 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 00:00:36 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-11 00:00:36 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 00:00:36 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 00:00:34 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-11 00:00:34 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-06-11 00:00:34 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-11 00:00:34 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-06-11 00:00:34 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-11 00:00:34 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 00:00:34 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-11 00:00:34 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 00:00:32 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 00:00:32 ----A---- C:\Windows\system32\rdpcorets.dll
2014-06-01 00:15:12 ----D---- C:\Users\HansG\AppData\Roaming\PhotoScape
2014-06-01 00:15:00 ----D---- C:\Program Files (x86)\PhotoScape
2014-05-29 10:23:29 ----D---- C:\Program Files (x86)\Free Video Joiner
2014-05-29 05:16:44 ----D---- C:\Program Files (x86)\DVDVideoSoft
2014-05-29 04:51:18 ----D---- C:\Program Files\Speccy
2014-05-29 04:15:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-29 04:15:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-29 04:15:58 ----A---- C:\Windows\system32\winlogon.exe
2014-05-29 04:15:57 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-29 04:15:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-29 04:15:57 ----A---- C:\Windows\system32\objsel.dll
2014-05-29 04:15:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-29 04:15:57 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\sspicli.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\secur32.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\lsass.exe
2014-05-29 04:15:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-29 04:15:56 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-29 04:15:56 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\adprovider.dll
2014-05-29 04:15:51 ----A---- C:\Windows\system32\shell32.dll
2014-05-29 04:15:50 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-29 02:32:20 ----ASH---- C:\pagefile.sys
2014-05-08 16:07:07 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-05-08 16:06:33 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-08 16:06:33 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-05-08 16:06:33 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-05-08 16:06:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-05-08 04:42:50 ----D---- C:\Program Files (x86)\ESET
2014-05-02 00:28:13 ----SD---- C:\Windows\system32\CompatTel
2014-04-27 08:59:53 ----D---- C:\Program Files (x86)\Solveig Multimedia

======List of files/folders modified in the last 3 months======

2014-07-25 08:11:15 ----RD---- C:\Program Files
2014-07-25 08:08:41 ----D---- C:\Windows\system32\config
2014-07-25 08:06:10 ----D---- C:\ProgramData\Kaspersky Lab
2014-07-24 22:11:47 ----D---- C:\Windows\Temp
2014-07-24 17:26:51 ----D---- C:\Windows\system32\Tasks
2014-07-24 14:00:08 ----D---- C:\Werk
2014-07-24 12:58:10 ----D---- C:\Input
2014-07-24 12:23:31 ----SHD---- C:\Windows\Installer
2014-07-24 11:23:24 ----D---- C:\Windows\Prefetch
2014-07-24 11:20:23 ----D---- C:\Windows
2014-07-24 11:20:07 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-24 11:20:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 10:49:41 ----RD---- C:\Program Files (x86)
2014-07-24 10:47:25 ----D---- C:\Windows\SysWOW64
2014-07-24 10:47:25 ----D---- C:\Windows\inf
2014-07-24 10:47:03 ----SHD---- C:\System Volume Information
2014-07-24 08:13:00 ----D---- C:\Windows\Logs
2014-07-23 21:22:08 ----HD---- C:\ProgramData
2014-07-23 21:21:19 ----D---- C:\Windows\System32
2014-07-21 22:31:23 ----D---- C:\Users\HansG\AppData\Roaming\Skype
2014-07-21 11:09:13 ----D---- C:\Windows\system32\LogFiles
2014-07-21 00:47:00 ----D---- C:\Users\HansG\AppData\Roaming\IrfanView
2014-07-20 19:28:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-19 02:38:39 ----D---- C:\Snapshots
2014-07-19 01:32:33 ----D---- C:\Users\HansG\AppData\Roaming\ObviousIdea
2014-07-18 22:17:44 ----D---- C:\Upload
2014-07-18 16:56:23 ----D---- C:\Windows\system32\catroot2
2014-07-16 13:45:38 ----D---- C:\Users\HansG\AppData\Roaming\dvdcss
2014-07-12 17:28:37 ----D---- C:\Windows\system32\drivers
2014-07-12 17:28:37 ----D---- C:\Windows\system32\catroot
2014-07-12 17:28:36 ----D---- C:\Windows\system32\DriverStore
2014-07-11 18:00:14 ----D---- C:\You Tube downloads
2014-07-11 17:27:47 ----D---- C:\Users\HansG\AppData\Roaming\Youtube Downloader HD
2014-07-09 12:13:03 ----D---- C:\Users\HansG\AppData\Roaming\vlc
2014-07-09 11:56:31 ----D---- C:\Windows\winsxs
2014-07-09 11:54:17 ----D---- C:\Program Files\Windows Journal
2014-07-09 11:54:16 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-09 11:54:16 ----D---- C:\Windows\system32\Dism
2014-07-09 11:54:16 ----D---- C:\Windows\ehome
2014-07-09 11:54:15 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-09 11:54:15 ----D---- C:\Windows\system32\nl-NL
2014-07-09 11:54:15 ----D---- C:\Windows\system32\en-US
2014-07-09 11:54:15 ----D---- C:\Program Files\Internet Explorer
2014-07-09 11:54:13 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 11:52:58 ----D---- C:\Windows\system32\MRT
2014-07-09 11:50:40 ----D---- C:\Windows\debug
2014-07-09 11:50:36 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 11:50:05 ----D---- C:\ProgramData\Microsoft Help
2014-07-08 17:49:38 ----D---- C:\Windows\Setup
2014-07-06 23:03:14 ----RD---- C:\Users
2014-07-03 23:17:25 ----RSD---- C:\Windows\assembly
2014-07-03 23:17:25 ----D---- C:\Users\HansG\AppData\Roaming\DVDVideoSoft
2014-07-02 21:24:06 ----D---- C:\Windows\SoftwareDistribution
2014-07-02 21:20:50 ----D---- C:\Windows\Speech
2014-07-02 21:03:39 ----D---- C:\Program Files (x86)\AnvSoft
2014-06-12 14:55:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-10 18:40:34 ----D---- C:\Program Files (x86)\FreeTime
2014-05-31 13:32:35 ----D---- C:\ProgramData\Skype
2014-05-31 13:32:32 ----RD---- C:\Program Files (x86)\Skype
2014-05-31 13:32:32 ----D---- C:\Program Files (x86)\Common Files
2014-05-29 05:51:10 ----D---- C:\Windows\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 CSCrySec;InfoWatch Encrypt Sector Library driver; C:\Windows\system32\DRIVERS\CSCrySec.sys [2011-06-02 84536]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-10-31 132704]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-04-01 458336]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-10-31 310368]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2011-06-02 66616]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2014-06-05 628288]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2014-04-01 29792]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-10-29 54368]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2013-10-29 178448]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2011-12-02 140816]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2013-10-29 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-29 29280]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NVENETFD;NVIDIA nForce-netwerkcontroller; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-08-03 1289216]
S3 cleanhlp;cleanhlp; \??\C:\Users\HansG\Desktop\Run\cleanhlp64.sys [2014-03-05 57024]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Anti-Virus-service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2013-10-29 356128]
R2 CSObjectsSrv;CryptoStorage control service; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 878368]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R2 OS Selector;Acronis OS Selector activeren; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2011-11-24 2159224]
R2 PDAgent;PDAgent; C:\Program Files\Raxco\PDFree\PDAgent.exe [2012-03-28 1882376]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2012-03-28 3290376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-10-29 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-10-29 79360]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-12 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-29 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

---------- Bericht toegevoegd op 08:18 ---------- Vorige bericht was op 08:18 ----------

Dag Abraham, hieronder staat het RSIT logbestand

Logfile of random's system information tool 1.10 (written by random/random)
Run by HansG at 2014-07-25 08:11:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 78 GB (64%) free of 123 GB
Total RAM: 6142 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:11:23, on 25-7-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\trend micro\HansG.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
O4 - HKLM\..\Run: [EMET Agent] "C:\Program Files (x86)\EMET 4.1\EMET_agent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3321544612-3085500425-1333708152-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3321544612-3085500425-1333708152-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Acronis OS Selector activeren (OS Selector) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PDFree\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11017 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" -r
"C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Raxco\PDFree\PDAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
WLIDSvcM.exe 2092
"C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\rundll32.exe" P17RunE.dll,RunDLLEntry
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
"C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe

"C:\Users\HansG\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\HansG\AppData\Roaming\Mozilla\Firefox\Profiles\7xd9x9zx.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\HansG\AppData\Roaming\Mozilla\Firefox\Profiles\7xd9x9zx.default\extensions\
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-01 658624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-01 1074368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-01 518336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]
WOT Helper - C:\Program Files\WOT\WOT.dll [2013-09-02 1753048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-01 584384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-01 542400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-01 885952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-01 428224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]
WOT Helper - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02 1430488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-01 488640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2013-09-02 1753048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02 1430488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2013-10-29 356128]
"EMET Agent"=C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [2013-11-12 78992]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2014-04-13 295512]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPath"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-07-25 08:11:15 ----D---- C:\rsit
2014-07-25 08:11:15 ----D---- C:\Program Files\trend micro
2014-07-24 21:57:24 ----ASH---- C:\hiberfil.sys
2014-07-24 08:12:06 ----D---- C:\Windows\MiniDump
2014-07-23 21:22:08 ----D---- C:\ProgramData\Geevs
2014-07-23 21:21:19 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-07-23 21:21:19 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-07-23 21:21:17 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-07-23 21:21:17 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-07-23 21:21:16 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-07-23 21:21:16 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-07-23 21:21:15 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-07-23 21:21:15 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-07-18 15:28:05 ----D---- C:\Output
2014-07-18 11:36:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-09 11:47:55 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 11:47:46 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 11:47:46 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 11:47:42 ----A---- C:\Windows\system32\aepdu.dll
2014-07-09 11:47:41 ----A---- C:\Windows\system32\aeinv.dll
2014-07-09 11:47:40 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-09 11:47:40 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 11:47:40 ----A---- C:\Windows\system32\osk.exe
2014-07-09 11:47:36 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-09 11:47:36 ----A---- C:\Windows\system32\schannel.dll
2014-07-09 11:47:36 ----A---- C:\Windows\system32\kerberos.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-09 11:47:35 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-09 11:47:35 ----A---- C:\Windows\system32\wdigest.dll
2014-07-09 11:47:35 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-09 11:47:35 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-09 11:47:35 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-09 11:47:35 ----A---- C:\Windows\system32\credssp.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-09 11:46:57 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 11:46:57 ----A---- C:\Windows\system32\iernonce.dll
2014-07-09 11:46:56 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-09 11:46:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-09 11:46:56 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-09 11:46:56 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 11:46:56 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 11:46:56 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 11:46:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-09 11:46:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-09 11:46:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-09 11:46:55 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 11:46:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 11:46:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-09 11:46:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-09 11:46:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-09 11:46:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-09 11:46:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 11:46:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-09 11:46:54 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 11:46:54 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 11:46:53 ----A---- C:\Windows\system32\iesetup.dll
2014-07-09 11:46:53 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-09 11:46:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-09 11:46:52 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-09 11:46:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 11:46:51 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 11:46:51 ----A---- C:\Windows\system32\ieui.dll
2014-07-09 11:46:51 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 11:46:51 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 11:46:50 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 11:46:50 ----A---- C:\Windows\system32\vbscript.dll
2014-07-09 11:46:50 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-09 11:46:50 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 11:46:50 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-09 11:46:50 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 11:46:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 11:46:49 ----A---- C:\Windows\system32\msrating.dll
2014-07-09 11:46:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-09 11:46:48 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 11:46:39 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 11:46:39 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-09 11:46:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-08 17:23:43 ----D---- C:\The KMPlayer
2014-07-07 09:57:05 ----A---- C:\Windows\system32\drivers\48230029.sys
2014-07-02 20:39:48 ----D---- C:\Program Files\CCleaner
2014-07-01 09:25:13 ----D---- C:\Windows\SYSWOW64\%Report%
2014-06-24 02:24:47 ----D---- C:\Todo
2014-06-23 04:09:51 ----D---- C:\Users\HansG\AppData\Roaming\BeSpotted
2014-06-12 01:14:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-11 00:00:37 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 00:00:36 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-11 00:00:36 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 00:00:36 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 00:00:34 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-11 00:00:34 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-06-11 00:00:34 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-11 00:00:34 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-06-11 00:00:34 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-11 00:00:34 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 00:00:34 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-11 00:00:34 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 00:00:32 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 00:00:32 ----A---- C:\Windows\system32\rdpcorets.dll
2014-06-01 00:15:12 ----D---- C:\Users\HansG\AppData\Roaming\PhotoScape
2014-06-01 00:15:00 ----D---- C:\Program Files (x86)\PhotoScape
2014-05-29 10:23:29 ----D---- C:\Program Files (x86)\Free Video Joiner
2014-05-29 05:16:44 ----D---- C:\Program Files (x86)\DVDVideoSoft
2014-05-29 04:51:18 ----D---- C:\Program Files\Speccy
2014-05-29 04:15:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-29 04:15:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-29 04:15:58 ----A---- C:\Windows\system32\winlogon.exe
2014-05-29 04:15:57 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-29 04:15:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-29 04:15:57 ----A---- C:\Windows\system32\objsel.dll
2014-05-29 04:15:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-29 04:15:57 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\sspicli.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\secur32.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\lsass.exe
2014-05-29 04:15:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-29 04:15:56 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-29 04:15:56 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-29 04:15:56 ----A---- C:\Windows\system32\adprovider.dll
2014-05-29 04:15:51 ----A---- C:\Windows\system32\shell32.dll
2014-05-29 04:15:50 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-29 02:32:20 ----ASH---- C:\pagefile.sys
2014-05-08 16:07:07 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-05-08 16:06:33 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-08 16:06:33 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-05-08 16:06:33 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-05-08 16:06:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-05-08 04:42:50 ----D---- C:\Program Files (x86)\ESET
2014-05-02 00:28:13 ----SD---- C:\Windows\system32\CompatTel
2014-04-27 08:59:53 ----D---- C:\Program Files (x86)\Solveig Multimedia

======List of files/folders modified in the last 3 months======

2014-07-25 08:11:15 ----RD---- C:\Program Files
2014-07-25 08:08:41 ----D---- C:\Windows\system32\config
2014-07-25 08:06:10 ----D---- C:\ProgramData\Kaspersky Lab
2014-07-24 22:11:47 ----D---- C:\Windows\Temp
2014-07-24 17:26:51 ----D---- C:\Windows\system32\Tasks
2014-07-24 14:00:08 ----D---- C:\Werk
2014-07-24 12:58:10 ----D---- C:\Input
2014-07-24 12:23:31 ----SHD---- C:\Windows\Installer
2014-07-24 11:23:24 ----D---- C:\Windows\Prefetch
2014-07-24 11:20:23 ----D---- C:\Windows
2014-07-24 11:20:07 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-24 11:20:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 10:49:41 ----RD---- C:\Program Files (x86)
2014-07-24 10:47:25 ----D---- C:\Windows\SysWOW64
2014-07-24 10:47:25 ----D---- C:\Windows\inf
2014-07-24 10:47:03 ----SHD---- C:\System Volume Information
2014-07-24 08:13:00 ----D---- C:\Windows\Logs
2014-07-23 21:22:08 ----HD---- C:\ProgramData
2014-07-23 21:21:19 ----D---- C:\Windows\System32
2014-07-21 22:31:23 ----D---- C:\Users\HansG\AppData\Roaming\Skype
2014-07-21 11:09:13 ----D---- C:\Windows\system32\LogFiles
2014-07-21 00:47:00 ----D---- C:\Users\HansG\AppData\Roaming\IrfanView
2014-07-20 19:28:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-19 02:38:39 ----D---- C:\Snapshots
2014-07-19 01:32:33 ----D---- C:\Users\HansG\AppData\Roaming\ObviousIdea
2014-07-18 22:17:44 ----D---- C:\Upload
2014-07-18 16:56:23 ----D---- C:\Windows\system32\catroot2
2014-07-16 13:45:38 ----D---- C:\Users\HansG\AppData\Roaming\dvdcss
2014-07-12 17:28:37 ----D---- C:\Windows\system32\drivers
2014-07-12 17:28:37 ----D---- C:\Windows\system32\catroot
2014-07-12 17:28:36 ----D---- C:\Windows\system32\DriverStore
2014-07-11 18:00:14 ----D---- C:\You Tube downloads
2014-07-11 17:27:47 ----D---- C:\Users\HansG\AppData\Roaming\Youtube Downloader HD
2014-07-09 12:13:03 ----D---- C:\Users\HansG\AppData\Roaming\vlc
2014-07-09 11:56:31 ----D---- C:\Windows\winsxs
2014-07-09 11:54:17 ----D---- C:\Program Files\Windows Journal
2014-07-09 11:54:16 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-09 11:54:16 ----D---- C:\Windows\system32\Dism
2014-07-09 11:54:16 ----D---- C:\Windows\ehome
2014-07-09 11:54:15 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-09 11:54:15 ----D---- C:\Windows\system32\nl-NL
2014-07-09 11:54:15 ----D---- C:\Windows\system32\en-US
2014-07-09 11:54:15 ----D---- C:\Program Files\Internet Explorer
2014-07-09 11:54:13 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 11:52:58 ----D---- C:\Windows\system32\MRT
2014-07-09 11:50:40 ----D---- C:\Windows\debug
2014-07-09 11:50:36 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 11:50:05 ----D---- C:\ProgramData\Microsoft Help
2014-07-08 17:49:38 ----D---- C:\Windows\Setup
2014-07-06 23:03:14 ----RD---- C:\Users
2014-07-03 23:17:25 ----RSD---- C:\Windows\assembly
2014-07-03 23:17:25 ----D---- C:\Users\HansG\AppData\Roaming\DVDVideoSoft
2014-07-02 21:24:06 ----D---- C:\Windows\SoftwareDistribution
2014-07-02 21:20:50 ----D---- C:\Windows\Speech
2014-07-02 21:03:39 ----D---- C:\Program Files (x86)\AnvSoft
2014-06-12 14:55:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-10 18:40:34 ----D---- C:\Program Files (x86)\FreeTime
2014-05-31 13:32:35 ----D---- C:\ProgramData\Skype
2014-05-31 13:32:32 ----RD---- C:\Program Files (x86)\Skype
2014-05-31 13:32:32 ----D---- C:\Program Files (x86)\Common Files
2014-05-29 05:51:10 ----D---- C:\Windows\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 CSCrySec;InfoWatch Encrypt Sector Library driver; C:\Windows\system32\DRIVERS\CSCrySec.sys [2011-06-02 84536]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-10-31 132704]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-04-01 458336]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-10-31 310368]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2011-06-02 66616]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2014-06-05 628288]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2014-04-01 29792]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-10-29 54368]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2013-10-29 178448]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2011-12-02 140816]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2013-10-29 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-29 29280]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NVENETFD;NVIDIA nForce-netwerkcontroller; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-08-03 1289216]
S3 cleanhlp;cleanhlp; \??\C:\Users\HansG\Desktop\Run\cleanhlp64.sys [2014-03-05 57024]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Anti-Virus-service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2013-10-29 356128]
R2 CSObjectsSrv;CryptoStorage control service; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 878368]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R2 OS Selector;Acronis OS Selector activeren; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2011-11-24 2159224]
R2 PDAgent;PDAgent; C:\Program Files\Raxco\PDFree\PDAgent.exe [2012-03-28 1882376]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2012-03-28 3290376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-10-29 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-10-29 79360]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-12 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-29 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

---------- Bericht toegevoegd op 08:49 ---------- Vorige bericht was op 08:18 ----------

Het lijkt wel of ik het logbestand dubbel heb gepost ? (snap niet dat ik dat niet heb gemerkt)
 
Download
51c590ce361e7-ComboFix_resized_2.png
ComboFix via n van deze locaties:
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!

Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
ComboFix opstarten:
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op ComboFix.exe en kies voor "Als Administrator uitvoeren".
ComboFix is opgestart:
  • Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
  • Combofix sluit tijdens de scan de internet verbinding probeer deze tussentijds niet te herstellen!
  • Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
  • Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
  • Post de inhoud van dit logbestand via DDRMMR's kleurcodeerder in je volgende bericht.
  • Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt
Belangrijke opmerking:
  • Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Start dan de computer opnieuw op.
 
Abraham, gedurende de combofix scan verscheen er om de haverklap een pop-up met de volgende foutmelding: Commandline Standard Stream Splitter werkt niet meer. Ik heb dit gelukkig iedere keer kunnen wegklikken (soms diverse keren achterelkaar door), maar combofix heeft diens scan gelukkig wel kunnen afmaken. Er werd o.a. een geinfecteerd systeembestand gevonden... Het gekke is dat nadat het systeem zichzelf had herstart en de tekstfile was gemaakt, er geen iconen meer te zien waren van:
Emet 4.1, Kaspersky Pure 3.0 (werkt nog steeds niet), nVidia en Skype (allemaal rechts in de system-tray) Wat kan ik hieraan doen? Is dit verontrustend? Dan volgt hieronder het combofix logbestand in de kleurcode:

N.B. Na nogmaals een reboot werken de net genoemde programma's weer wel !

[hjt]
combofix 14-07-24.01 - hansg 25-07-2014 12:18:26.1.2 - x64
microsoft windows 7 home premium 6.1.7601.1.1252.31.1043.18.6142.4596 [gmt 2:00]
gestart vanuit: c:\users\hansg\desktop\combofix.exe
av: kaspersky pure 3.0 *disabled/updated* {c3113fbf-4bcb-4461-d78d-6edfec9593e5}
fw: kaspersky pure 3.0 *disabled* {fb2abe9a-01a4-4539-fcd2-c7ea1246d49e}
sp: kaspersky pure 3.0 *disabled/updated* {7870de5b-6df1-4bef-ed3d-55ad9712d958}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
/wow section - stage 10
het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
kan bestand temp0501 niet vinden.
.
/wow section - stage 16
kan bestand lockedb niet vinden.
het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
.
.
(((((((((((((((((((((((((((((((((( andere verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\syswow64\smtp.ocx
c:\windows\wininit.ini
.
besmet exemplaar van c:\windows\syswow64\userinit.exe werd aangetroffen en gedesinfecteerd
hersteld exemplaar van - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
(((((((((((((((((((( bestanden gemaakt van 2014-06-25 to 2014-07-25 ))))))))))))))))))))))))))))))
.
.
2014-07-25 10:26 . 2014-07-25 10:26 -------- d-----w- c:\users\updatususer\appdata\local\temp
2014-07-25 10:26 . 2014-07-25 10:26 -------- d-----w- c:\users\default\appdata\local\temp
2014-07-25 06:11 . 2014-07-25 06:11 -------- d-----w- c:\rsit
2014-07-25 06:11 . 2014-07-25 06:11 -------- d-----w- c:\program files\trend micro
2014-07-24 10:22 . 2014-07-24 10:22 -------- d-----w- c:\users\hansg\appdata\local\packageaware
2014-07-23 19:22 . 2014-07-23 19:22 -------- d-----w- c:\programdata\geevs
2014-07-23 19:21 . 2010-06-02 02:55 239960 ----a-w- c:\windows\syswow64\xactengine3_7.dll
2014-07-23 19:21 . 2010-06-02 02:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2014-07-23 19:21 . 2010-05-26 09:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2014-07-23 19:21 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\syswow64\d3dcsx_43.dll
2014-07-23 19:21 . 2010-05-26 09:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-07-23 19:21 . 2010-05-26 09:41 470880 ----a-w- c:\windows\syswow64\d3dx10_43.dll
2014-07-23 19:21 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\syswow64\d3dx9_43.dll
2014-07-23 19:21 . 2010-05-26 09:41 2401112 ----a-w- c:\windows\system32\d3dx9_43.dll
2014-07-18 13:28 . 2014-07-23 04:20 -------- d-----w- c:\output
2014-07-18 09:36 . 2014-07-18 09:36 71344 ----a-w- c:\windows\syswow64\flashplayercplapp.cpl
2014-07-18 09:36 . 2014-07-18 09:36 699056 ----a-w- c:\windows\syswow64\flashplayerapp.exe
2014-07-09 09:46 . 2014-06-20 20:14 810160 ----a-w- c:\program files\internet explorer\iexplore.exe
2014-07-08 15:23 . 2014-07-24 14:28 -------- d-----w- c:\the kmplayer
2014-07-07 07:57 . 2014-07-07 07:57 122584 ----a-w- c:\windows\system32\drivers\48230029.sys
2014-07-02 18:39 . 2014-07-02 18:39 -------- d-----w- c:\program files\ccleaner
2014-07-01 07:25 . 2014-07-01 07:25 -------- d-----w- c:\windows\syswow64\%report%
.
.
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-25 07:01 . 2014-05-08 14:07 122584 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-07-20 18:20 . 2012-07-17 13:37 23256 ----a-w- c:\programdata\microsoft\identitycrl\production\ppcrlconfig600.dll
2014-07-09 09:50 . 2013-10-29 01:54 96441528 ----a-w- c:\windows\system32\mrt.exe
2014-06-05 11:01 . 2013-10-29 06:02 92768 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-06-05 11:01 . 2013-10-29 06:02 628288 ----a-w- c:\windows\system32\drivers\klif.sys
2014-05-12 05:26 . 2014-05-08 14:06 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-12 05:26 . 2014-05-08 14:06 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-12 05:25 . 2014-05-08 14:06 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-08 09:32 . 2014-06-10 22:00 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:32 . 2014-06-10 22:00 16384 ----a-w- c:\windows\system32\rdpgrouppolicyextension.dll
.
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\kavoverlayicon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[hkey_classes_root\clsid\{dd230880-495a-11d1-b064-008048ec2fc5}]
2014-04-01 10:41 458944 ----a-w- c:\program files (x86)\kaspersky lab\kaspersky pure 3.0\shellex.dll
.
[hkey_current_user\software\microsoft\windows\currentversion\run]
"skype"=c:\program files (x86)\skype\phone\skype.exe [2014-05-08 21444224]
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run]
"p17rune"="p17rune.dll" [2008-03-28 14848]
"avp"=c:\program files (x86)\kaspersky lab\kaspersky pure 3.0\avp.exe [2013-10-29 356128]
"emet agent"=c:\program files (x86)\emet 4.1\emet_agent.exe [2013-11-12 78992]
"apsdaemon"=c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe [2013-04-21 59720]
"quicktime task"=c:\program files (x86)\quicktime\qttask.exe [2014-01-17 421888]
"tkbellexe"=c:\program files (x86)\real\realplayer\update\realsched.exe [2014-04-13 295512]
.
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 5 (0x5)
"consentpromptbehavioruser"= 3 (0x3)
"enableuiadesktoptoggle"= 0 (0x0)
"enablesecureuiapath"= 1 (0x1)
.
[hkey_local_machine\software\wow6432node\microsoft\windows nt\currentversion\windows]
"loadappinit_dlls"=1 (0x1)
.
[hkey_local_machine\system\currentcontrolset\control\session manager]
bootexecute reg_multi_sz pdboot.exe\0autocheck autochk *\0ampa
.
[hkey_local_machine\software\microsoft\security center\monitoring\kasperskyantivirus]
"disablemonitoring"=dword:00000001
.
r2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [x]
r2 skypeupdate;skype updater;c:\program files (x86)\skype\updater\updater.exe;c:\program files (x86)\skype\updater\updater.exe [x]
r3 cleanhlp;cleanhlp;c:\users\hansg\desktop\run\cleanhlp64.sys;c:\users\hansg\desktop\run\cleanhlp64.sys [x]
r3 creative alchemy al6 licensing service;creative alchemy al6 licensing service;c:\program files (x86)\common files\creative labs shared\service\al6licensing.exe;c:\program files (x86)\common files\creative labs shared\service\al6licensing.exe [x]
r3 creative audio engine licensing service;creative audio engine licensing service;c:\program files (x86)\common files\creative labs shared\service\ctaelicensing.exe;c:\program files (x86)\common files\creative labs shared\service\ctaelicensing.exe [x]
r3 dg_ssudbus;samsung mobile usb composite device driver (devguru ver.);c:\windows\system32\drivers\ssudbus.sys;c:\windows\sysnative\drivers\ssudbus.sys [x]
r3 ieetwcollectorservice;internet explorer etw collector service;c:\windows\system32\ieetwcollector.exe;c:\windows\sysnative\ieetwcollector.exe [x]
r3 rdpvideominiport;remote desktop video miniport driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\sysnative\drivers\rdpvideominiport.sys [x]
r3 ssudmdm;samsung mobile usb modem drivers (devguru ver.);c:\windows\system32\drivers\ssudmdm.sys;c:\windows\sysnative\drivers\ssudmdm.sys [x]
r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\sysnative\drivers\tsusbflt.sys [x]
r3 tsusbgd;remote desktop generic usb device;c:\windows\system32\drivers\tsusbgd.sys;c:\windows\sysnative\drivers\tsusbgd.sys [x]
r3 watadminsvc;windows activation technologies-service;c:\windows\system32\wat\watadminsvc.exe;c:\windows\sysnative\wat\watadminsvc.exe [x]
s0 cscrysec;infowatch encrypt sector library driver;c:\windows\system32\drivers\cscrysec.sys;c:\windows\sysnative\drivers\cscrysec.sys [x]
s0 fltsrv;acronis storage filter management;c:\windows\system32\drivers\fltsrv.sys;c:\windows\sysnative\drivers\fltsrv.sys [x]
s1 csvirtualdiskdrv;infowatch virtual disk driver;c:\windows\system32\drivers\csvirtualdiskdrv.sys;c:\windows\sysnative\drivers\csvirtualdiskdrv.sys [x]
s1 klim6;kaspersky anti-virus ndis 6 filter;c:\windows\system32\drivers\klim6.sys;c:\windows\sysnative\drivers\klim6.sys [x]
s1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys;c:\windows\sysnative\drivers\kltdi.sys [x]
s1 kneps;kneps;c:\windows\system32\drivers\kneps.sys;c:\windows\sysnative\drivers\kneps.sys [x]
s2 csobjectssrv;cryptostorage control service;c:\program files (x86)\common files\infowatch\cryptostorage\protectedobjectssrv.exe;c:\program files (x86)\common files\infowatch\cryptostorage\protectedobjectssrv.exe [x]
s2 os selector;acronis os selector activeren;c:\program files (x86)\acronis\diskdirector\oss\reinstall_svc.exe;c:\program files (x86)\acronis\diskdirector\oss\reinstall_svc.exe [x]
s2 realnetworks downloader resolver service;realnetworks downloader resolver service;c:\program files (x86)\realnetworks\realdownloader\rndlresolversvc.exe;c:\program files (x86)\realnetworks\realdownloader\rndlresolversvc.exe [x]
s3 klkbdflt;kaspersky lab klkbdflt;c:\windows\system32\drivers\klkbdflt.sys;c:\windows\sysnative\drivers\klkbdflt.sys [x]
s3 klmouflt;kaspersky lab klmouflt;c:\windows\system32\drivers\klmouflt.sys;c:\windows\sysnative\drivers\klmouflt.sys [x]
.
.
--- andere services/drivers in geheugen ---
.
*newlycreated* - ws2ifsl
.
.
--------- x64 entries -----------
.
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\kavoverlayicon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[hkey_classes_root\clsid\{dd230880-495a-11d1-b064-008048ec2fc5}]
2014-04-01 10:42 491200 ----a-w- c:\program files (x86)\kaspersky lab\kaspersky pure 3.0\x64\shellex.dll
.
------- bijkomende scan -------
.
ulocal page = c:\windows\system32\blank.htm
ustart page = [noparse]https://www.google.nl/[/noparse]
mlocal page = c:\windows\syswow64\blank.htm
ie: e&xporteren naar microsoft excel - c:\progra~2\micros~1\office12\excel.exe/3000
tcp: dhcpnameserver = 212.54.40.25 212.54.44.54
ff - profilepath - c:\users\hansg\appdata\roaming\mozilla\firefox\profiles\7xd9x9zx.default\
.
- - - - orphans verwijderd - - - -
.
safeboot-cleanhlp
safeboot-cleanhlp.sys
hklm_wow6432node-activesetup-{2d46b6dc-2207-486b-b523-a557e6d54b47} - start
addremove-{c5089197-5b15-44ad-b0fc-2e94ee9ecb63} - c:\programdata\{40930dbe-27f2-463d-bd27-55bfd6a91a95}\wsc_x1.exe
.
.
.
--------------------- vergrendelde register sleutels ---------------------
.
[hkey_local_machine\system\controlset001\control\class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
.
[hkey_local_machine\system\controlset001\control\pcw\security]
@denied: (full) (everyone)
.
------------------------ andere aktieve processen ------------------------
.
c:\program files (x86)\creative\shared files\ctaudsvc.exe
c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe
.
**************************************************************************
.
voltooingstijd: 2014-07-25 12:32:53 - machine werd herstart
combofix-quarantined-files.txt 2014-07-25 10:32
.
pre-run: 81.735.409.664 bytes beschikbaar
post-run: 81.305.722.880 bytes beschikbaar
.
- - end of file - - 5a8031c61e1f4b36569c167808ebe328
a36c5e4f47e84449ff07ed3517b43a31

[/hjt]

---------- Bericht toegevoegd op 13:08 ---------- Vorige bericht was op 12:51 ----------

Ik ben wel een beetje teleurgesteld over Kaspersky nu.

Een geinfecteerd systeembestand zou dat programma na talloze scans toch allang herkent moeten hebben?
 
Laatst bewerkt door een moderator:
Geen enkele antiviussoftware geeft 100% beveiliging.
Sinds wanneer gebruik jij Kaspersky?


Download
51e2903039553-TDSSKiller_Resized.png
TDSSKiller en (ver)plaats de download naar/op het bureaublad.

  • Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).
  • Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"
  • Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
  • Start nu TDSSkiller opnieuw.
  • Klik in het licentiescherm op "Accept" om door te gaan.
  • Vervolgens krijgt u het scherm te zien van het "Kaspersky Security Network Statement" klik hier eveneens op "Accep".
  • Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.

    5247f2ef6060f-TDSSKiller-parameters.jpg

  • Klik op de knop "Start Scan" en volg de instructies.

  • Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.
  • Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
  • Post de inhoud van dit logbestand in jouw volgende bericht.
 
Kaspersky Pure 3.0 gebruik ik al bijna 1 jaar Abraham. De licensie verloopt alsik het goed heb op 28 augustus a.s. Weet niet of ik hem dan weer zal nemen...
Dan nu de TDSS log:

15:03:49.0651 0x0a30 ============================================================
15:03:49.0651 0x0a30 Current date / time: 2014/07/25 15:03:49.0651
15:03:49.0651 0x0a30 SystemInfo:
15:03:49.0651 0x0a30
15:03:49.0651 0x0a30 OS Version: 6.1.7601 ServicePack: 1.0
15:03:49.0651 0x0a30 Product type: Workstation
15:03:49.0651 0x0a30 ComputerName: HANSG-PC
15:03:49.0651 0x0a30 UserName: HansG
15:03:49.0651 0x0a30 Windows directory: C:\Windows
15:03:49.0651 0x0a30 System windows directory: C:\Windows
15:03:49.0651 0x0a30 Running under WOW64
15:03:49.0651 0x0a30 Processor architecture: Intel x64
15:03:49.0651 0x0a30 Number of processors: 2
15:03:49.0651 0x0a30 Page size: 0x1000
15:03:49.0651 0x0a30 Boot type: Normal boot
15:03:49.0651 0x0a30 ============================================================
15:03:51.0613 0x0a30 KLMD registered as C:\Windows\system32\drivers\76484115.sys
15:03:51.0913 0x0a30 System UUID: {316A9857-980D-3964-91A6-994ACAE05E6D}
15:03:52.0473 0x0a30 Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 ( 232.88 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
15:03:52.0483 0x0a30 ============================================================
15:03:52.0483 0x0a30 \Device\Harddisk0\DR0:
15:03:52.0483 0x0a30 MBR partitions:
15:03:52.0483 0x0a30 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:03:52.0483 0x0a30 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEF6147A
15:03:52.0483 0x0a30 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xEF94001, BlocksNum 0xE2307FF
15:03:52.0483 0x0a30 ============================================================
15:03:52.0513 0x0a30 C: <-> \Device\Harddisk0\DR0\Partition2
15:03:52.0563 0x0a30 D: <-> \Device\Harddisk0\DR0\Partition3
15:03:52.0563 0x0a30 ============================================================
15:03:52.0563 0x0a30 Initialize success
15:03:52.0563 0x0a30 ============================================================
15:04:09.0489 0x1258 ============================================================
15:04:09.0489 0x1258 Scan started
15:04:09.0489 0x1258 Mode: Manual;
15:04:09.0489 0x1258 ============================================================
15:04:09.0489 0x1258 KSN ping started
15:04:23.0165 0x1258 KSN ping finished: true
15:04:24.0205 0x1258 ================ Scan system memory ========================
15:04:24.0205 0x1258 System memory - ok
15:04:24.0205 0x1258 ================ Scan services =============================
15:04:24.0345 0x1258 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:04:24.0345 0x1258 1394ohci - ok
15:04:24.0385 0x1258 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:04:24.0395 0x1258 ACPI - ok
15:04:24.0415 0x1258 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:04:24.0415 0x1258 AcpiPmi - ok
15:04:24.0455 0x1258 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:04:24.0465 0x1258 adp94xx - ok
15:04:24.0495 0x1258 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:04:24.0495 0x1258 adpahci - ok
15:04:24.0525 0x1258 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:04:24.0525 0x1258 adpu320 - ok
15:04:24.0555 0x1258 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:04:24.0555 0x1258 AeLookupSvc - ok
15:04:24.0595 0x1258 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:04:24.0615 0x1258 AFD - ok
15:04:24.0635 0x1258 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:04:24.0635 0x1258 agp440 - ok
15:04:24.0655 0x1258 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:04:24.0655 0x1258 ALG - ok
15:04:24.0695 0x1258 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:04:24.0695 0x1258 aliide - ok
15:04:24.0705 0x1258 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:04:24.0705 0x1258 amdide - ok
15:04:24.0735 0x1258 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:04:24.0735 0x1258 AmdK8 - ok
15:04:24.0755 0x1258 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:04:24.0755 0x1258 AmdPPM - ok
15:04:24.0785 0x1258 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:04:24.0795 0x1258 amdsata - ok
15:04:24.0805 0x1258 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:04:24.0805 0x1258 amdsbs - ok
15:04:24.0825 0x1258 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:04:24.0825 0x1258 amdxata - ok
15:04:24.0855 0x1258 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
15:04:24.0855 0x1258 AppID - ok
15:04:24.0875 0x1258 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:04:24.0885 0x1258 AppIDSvc - ok
15:04:24.0915 0x1258 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
15:04:24.0915 0x1258 Appinfo - ok
15:04:24.0975 0x1258 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:04:24.0975 0x1258 arc - ok
15:04:24.0985 0x1258 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:04:24.0985 0x1258 arcsas - ok
15:04:25.0065 0x1258 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:04:25.0065 0x1258 aspnet_state - ok
15:04:25.0105 0x1258 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:04:25.0105 0x1258 AsyncMac - ok
15:04:25.0135 0x1258 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:04:25.0135 0x1258 atapi - ok
15:04:25.0185 0x1258 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:04:25.0205 0x1258 AudioEndpointBuilder - ok
15:04:25.0225 0x1258 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:04:25.0245 0x1258 AudioSrv - ok
15:04:25.0335 0x1258 [ 7E91655B4947EC1B18B3BC1645839145, 4425326D019A7A6380B71D6710AD94D58A11E1BC5BA42159DD4A17437A296C48 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
15:04:25.0335 0x1258 AVP - ok
15:04:25.0365 0x1258 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:04:25.0375 0x1258 AxInstSV - ok
15:04:25.0415 0x1258 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:04:25.0425 0x1258 b06bdrv - ok
15:04:25.0455 0x1258 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:04:25.0465 0x1258 b57nd60a - ok
15:04:25.0485 0x1258 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:04:25.0495 0x1258 BDESVC - ok
15:04:25.0505 0x1258 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:04:25.0505 0x1258 Beep - ok
15:04:25.0595 0x1258 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:04:25.0615 0x1258 BFE - ok
15:04:25.0665 0x1258 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
15:04:25.0685 0x1258 BITS - ok
15:04:25.0695 0x1258 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:04:25.0695 0x1258 blbdrive - ok
15:04:25.0725 0x1258 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:04:25.0725 0x1258 bowser - ok
15:04:25.0755 0x1258 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:04:25.0765 0x1258 BrFiltLo - ok
15:04:25.0775 0x1258 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:04:25.0775 0x1258 BrFiltUp - ok
15:04:25.0815 0x1258 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:04:25.0815 0x1258 BridgeMP - ok
15:04:25.0845 0x1258 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:04:25.0845 0x1258 Browser - ok
15:04:25.0875 0x1258 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:04:25.0875 0x1258 Brserid - ok
15:04:25.0895 0x1258 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:04:25.0895 0x1258 BrSerWdm - ok
15:04:25.0915 0x1258 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:04:25.0915 0x1258 BrUsbMdm - ok
15:04:25.0925 0x1258 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:04:25.0935 0x1258 BrUsbSer - ok
15:04:25.0945 0x1258 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:04:25.0945 0x1258 BTHMODEM - ok
15:04:25.0975 0x1258 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:04:25.0985 0x1258 bthserv - ok
15:04:26.0035 0x1258 catchme - ok
15:04:26.0091 0x1258 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:04:26.0091 0x1258 cdfs - ok
15:04:26.0121 0x1258 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:04:26.0121 0x1258 cdrom - ok
15:04:26.0151 0x1258 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:04:26.0151 0x1258 CertPropSvc - ok
15:04:26.0181 0x1258 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:04:26.0181 0x1258 circlass - ok
15:04:26.0271 0x1258 [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp C:\Users\HansG\Desktop\Run\cleanhlp64.sys
15:04:26.0271 0x1258 cleanhlp - ok
15:04:26.0311 0x1258 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
15:04:26.0321 0x1258 CLFS - ok
15:04:26.0371 0x1258 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:04:26.0381 0x1258 clr_optimization_v2.0.50727_32 - ok
15:04:26.0421 0x1258 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:04:26.0431 0x1258 clr_optimization_v2.0.50727_64 - ok
15:04:26.0471 0x1258 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:04:26.0481 0x1258 clr_optimization_v4.0.30319_32 - ok
15:04:26.0491 0x1258 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:04:26.0491 0x1258 clr_optimization_v4.0.30319_64 - ok
15:04:26.0511 0x1258 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:04:26.0511 0x1258 CmBatt - ok
15:04:26.0521 0x1258 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:04:26.0521 0x1258 cmdide - ok
15:04:26.0561 0x1258 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
15:04:26.0571 0x1258 CNG - ok
15:04:26.0601 0x1258 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:04:26.0601 0x1258 Compbatt - ok
15:04:26.0631 0x1258 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:04:26.0631 0x1258 CompositeBus - ok
15:04:26.0641 0x1258 COMSysApp - ok
15:04:26.0651 0x1258 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:04:26.0651 0x1258 crcdisk - ok
15:04:26.0721 0x1258 [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
15:04:26.0721 0x1258 Creative ALchemy AL6 Licensing Service - ok
15:04:26.0771 0x1258 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
15:04:26.0771 0x1258 Creative Audio Engine Licensing Service - ok
15:04:26.0811 0x1258 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:04:26.0811 0x1258 CryptSvc - ok
15:04:26.0841 0x1258 [ 04199CA5C4A6F6E935906A74EAFCA8E7, F02E807E04DA16117E9E4D183186DF9425E9E1AD7CBC34AEED63A38F7D1E75E6 ] CSCrySec C:\Windows\system32\DRIVERS\CSCrySec.sys
15:04:26.0841 0x1258 CSCrySec - ok
15:04:26.0911 0x1258 [ 0F9FE82E229C039F0AC1996E44059653, BE925C118A7620259724B0750681C83DC14BC78620FB217025F46E4441C55F3A ] CSObjectsSrv C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
15:04:26.0931 0x1258 CSObjectsSrv - ok
15:04:26.0951 0x1258 [ 7D7F90460F1309B5205BF8CDFAD63E42, 885B9EA530E7B6D51DC24A5009F37A2D4CCACAFCA0A7CB693F4320E110AFFA4F ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
15:04:26.0951 0x1258 CSVirtualDiskDrv - ok
15:04:27.0001 0x1258 [ 69CDBA2B9C397E349A04FA70DD9170A2, 7879E58CB221063EF17A8A7677E81B47BFD600C3FC3353378690E4A2131327ED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
15:04:27.0011 0x1258 CTAudSvcService - ok
15:04:27.0051 0x1258 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:04:27.0071 0x1258 DcomLaunch - ok
15:04:27.0101 0x1258 [ C7D40AFE2F9B4FEC5395A464E15F6A3B, DC8EC8BD10AF861A8B4ED69E26A0933FD2F983DDEC94E6D3346ECDBDB44DD0B7 ] DefragFS C:\Windows\system32\drivers\DefragFS.sys
15:04:27.0101 0x1258 DefragFS - ok
15:04:27.0131 0x1258 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:04:27.0141 0x1258 defragsvc - ok
15:04:27.0171 0x1258 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:04:27.0171 0x1258 DfsC - ok
15:04:27.0211 0x1258 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
15:04:27.0211 0x1258 dg_ssudbus - ok
15:04:27.0241 0x1258 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:04:27.0251 0x1258 Dhcp - ok
15:04:27.0261 0x1258 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:04:27.0261 0x1258 discache - ok
15:04:27.0281 0x1258 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:04:27.0281 0x1258 Disk - ok
15:04:27.0321 0x1258 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:04:27.0321 0x1258 Dnscache - ok
15:04:27.0351 0x1258 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:04:27.0351 0x1258 dot3svc - ok
15:04:27.0381 0x1258 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:04:27.0381 0x1258 DPS - ok
15:04:27.0411 0x1258 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:04:27.0411 0x1258 drmkaud - ok
15:04:27.0471 0x1258 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:04:27.0491 0x1258 DXGKrnl - ok
15:04:27.0531 0x1258 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:04:27.0531 0x1258 EapHost - ok
15:04:27.0651 0x1258 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:04:27.0731 0x1258 ebdrv - ok
15:04:27.0771 0x1258 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
15:04:27.0771 0x1258 EFS - ok
15:04:27.0831 0x1258 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:04:27.0851 0x1258 ehRecvr - ok
15:04:27.0861 0x1258 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:04:27.0861 0x1258 ehSched - ok
15:04:27.0911 0x1258 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:04:27.0921 0x1258 elxstor - ok
15:04:27.0941 0x1258 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:04:27.0941 0x1258 ErrDev - ok
15:04:27.0991 0x1258 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:04:28.0001 0x1258 EventSystem - ok
15:04:28.0021 0x1258 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:04:28.0031 0x1258 exfat - ok
15:04:28.0051 0x1258 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:04:28.0051 0x1258 fastfat - ok
15:04:28.0091 0x1258 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:04:28.0111 0x1258 Fax - ok
15:04:28.0131 0x1258 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:04:28.0141 0x1258 fdc - ok
15:04:28.0171 0x1258 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:04:28.0171 0x1258 fdPHost - ok
15:04:28.0181 0x1258 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:04:28.0181 0x1258 FDResPub - ok
15:04:28.0201 0x1258 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:04:28.0201 0x1258 FileInfo - ok
15:04:28.0211 0x1258 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:04:28.0211 0x1258 Filetrace - ok
15:04:28.0231 0x1258 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:04:28.0231 0x1258 flpydisk - ok
15:04:28.0261 0x1258 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:04:28.0261 0x1258 FltMgr - ok
15:04:28.0291 0x1258 [ B8AFE7A30D34C0E9FDBA81632294547C, B972AE00CA877A5BB439F797016530FB06C7F1BADD24383863F48E6744CFB700 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
15:04:28.0301 0x1258 fltsrv - ok
15:04:28.0361 0x1258 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
15:04:28.0391 0x1258 FontCache - ok
15:04:28.0431 0x1258 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:04:28.0431 0x1258 FontCache3.0.0.0 - ok
15:04:28.0441 0x1258 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:04:28.0441 0x1258 FsDepends - ok
15:04:28.0471 0x1258 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:04:28.0471 0x1258 Fs_Rec - ok
15:04:28.0501 0x1258 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:04:28.0511 0x1258 fvevol - ok
15:04:28.0541 0x1258 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:04:28.0541 0x1258 gagp30kx - ok
15:04:28.0591 0x1258 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:04:28.0641 0x1258 gpsvc - ok
15:04:28.0661 0x1258 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:04:28.0661 0x1258 hcw85cir - ok
15:04:28.0701 0x1258 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:04:28.0721 0x1258 HDAudBus - ok
15:04:28.0731 0x1258 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:04:28.0731 0x1258 HidBatt - ok
15:04:28.0741 0x1258 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:04:28.0751 0x1258 HidBth - ok
15:04:28.0761 0x1258 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:04:28.0761 0x1258 HidIr - ok
15:04:28.0771 0x1258 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
15:04:28.0771 0x1258 hidserv - ok
15:04:28.0811 0x1258 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:04:28.0811 0x1258 HidUsb - ok
15:04:28.0841 0x1258 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:04:28.0851 0x1258 hkmsvc - ok
15:04:28.0861 0x1258 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:04:28.0871 0x1258 HomeGroupListener - ok
15:04:28.0891 0x1258 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:04:28.0901 0x1258 HomeGroupProvider - ok
15:04:28.0931 0x1258 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:04:28.0931 0x1258 HpSAMD - ok
15:04:28.0961 0x1258 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:04:28.0981 0x1258 HTTP - ok
15:04:28.0991 0x1258 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:04:28.0991 0x1258 hwpolicy - ok
15:04:29.0021 0x1258 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:04:29.0021 0x1258 i8042prt - ok
15:04:29.0051 0x1258 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:04:29.0061 0x1258 iaStorV - ok
15:04:29.0121 0x1258 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:04:29.0141 0x1258 idsvc - ok
15:04:29.0161 0x1258 IEEtwCollectorService - ok
15:04:29.0191 0x1258 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:04:29.0191 0x1258 iirsp - ok
15:04:29.0241 0x1258 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:04:29.0261 0x1258 IKEEXT - ok
15:04:29.0291 0x1258 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:04:29.0291 0x1258 intelide - ok
15:04:29.0311 0x1258 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
15:04:29.0311 0x1258 intelppm - ok
15:04:29.0331 0x1258 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:04:29.0331 0x1258 IPBusEnum - ok
15:04:29.0341 0x1258 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:04:29.0351 0x1258 IpFilterDriver - ok
15:04:29.0391 0x1258 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:04:29.0401 0x1258 iphlpsvc - ok
15:04:29.0411 0x1258 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:04:29.0421 0x1258 IPMIDRV - ok
15:04:29.0451 0x1258 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:04:29.0451 0x1258 IPNAT - ok
15:04:29.0461 0x1258 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:04:29.0461 0x1258 IRENUM - ok
15:04:29.0471 0x1258 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:04:29.0481 0x1258 isapnp - ok
15:04:29.0511 0x1258 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:04:29.0521 0x1258 iScsiPrt - ok
15:04:29.0551 0x1258 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:04:29.0551 0x1258 kbdclass - ok
15:04:29.0581 0x1258 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:04:29.0581 0x1258 kbdhid - ok
15:04:29.0591 0x1258 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
15:04:29.0591 0x1258 KeyIso - ok
15:04:29.0641 0x1258 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
15:04:29.0651 0x1258 kl1 - ok
15:04:29.0711 0x1258 [ 70D959CB6DC1F2AC6AFF3AC20891939D, 22EECAD6C8DD9C2691D707950FFCD5DBA929942450B7E2E69F5DDE9DD4E7DBFE ] KLIF C:\Windows\system32\DRIVERS\klif.sys
15:04:29.0731 0x1258 KLIF - ok
15:04:29.0731 0x1258 [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
15:04:29.0741 0x1258 KLIM6 - ok
15:04:29.0751 0x1258 [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
15:04:29.0751 0x1258 klkbdflt - ok
15:04:29.0761 0x1258 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
15:04:29.0771 0x1258 klmouflt - ok
15:04:29.0781 0x1258 [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
15:04:29.0781 0x1258 kltdi - ok
15:04:29.0831 0x1258 [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
15:04:29.0831 0x1258 kneps - ok
15:04:29.0861 0x1258 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:04:29.0861 0x1258 KSecDD - ok
15:04:29.0881 0x1258 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:04:29.0881 0x1258 KSecPkg - ok
15:04:29.0901 0x1258 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:04:29.0901 0x1258 ksthunk - ok
15:04:29.0931 0x1258 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:04:29.0941 0x1258 KtmRm - ok
15:04:29.0981 0x1258 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:04:29.0991 0x1258 LanmanServer - ok
15:04:30.0021 0x1258 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:04:30.0031 0x1258 LanmanWorkstation - ok
15:04:30.0061 0x1258 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:04:30.0061 0x1258 lltdio - ok
15:04:30.0081 0x1258 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:04:30.0091 0x1258 lltdsvc - ok
15:04:30.0111 0x1258 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:04:30.0111 0x1258 lmhosts - ok
15:04:30.0141 0x1258 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:04:30.0151 0x1258 LSI_FC - ok
15:04:30.0171 0x1258 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:04:30.0171 0x1258 LSI_SAS - ok
15:04:30.0181 0x1258 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:04:30.0191 0x1258 LSI_SAS2 - ok
15:04:30.0201 0x1258 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:04:30.0201 0x1258 LSI_SCSI - ok
15:04:30.0221 0x1258 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:04:30.0231 0x1258 luafv - ok
15:04:30.0241 0x1258 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:04:30.0251 0x1258 Mcx2Svc - ok
15:04:30.0271 0x1258 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:04:30.0271 0x1258 megasas - ok
15:04:30.0311 0x1258 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:04:30.0321 0x1258 MegaSR - ok
15:04:30.0341 0x1258 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:04:30.0351 0x1258 MMCSS - ok
15:04:30.0361 0x1258 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:04:30.0361 0x1258 Modem - ok
15:04:30.0391 0x1258 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:04:30.0391 0x1258 monitor - ok
15:04:30.0401 0x1258 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:04:30.0411 0x1258 mouclass - ok
15:04:30.0431 0x1258 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:04:30.0431 0x1258 mouhid - ok
15:04:30.0441 0x1258 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:04:30.0441 0x1258 mountmgr - ok
15:04:30.0511 0x1258 [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:04:30.0511 0x1258 MozillaMaintenance - ok
15:04:30.0541 0x1258 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:04:30.0541 0x1258 mpio - ok
15:04:30.0561 0x1258 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:04:30.0561 0x1258 mpsdrv - ok
15:04:30.0611 0x1258 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:04:30.0631 0x1258 MpsSvc - ok
15:04:30.0661 0x1258 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:04:30.0661 0x1258 MRxDAV - ok
15:04:30.0681 0x1258 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:04:30.0691 0x1258 mrxsmb - ok
15:04:30.0711 0x1258 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:04:30.0721 0x1258 mrxsmb10 - ok
15:04:30.0721 0x1258 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:04:30.0731 0x1258 mrxsmb20 - ok
15:04:30.0751 0x1258 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:04:30.0751 0x1258 msahci - ok
15:04:30.0771 0x1258 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:04:30.0771 0x1258 msdsm - ok
15:04:30.0791 0x1258 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:04:30.0801 0x1258 MSDTC - ok
15:04:30.0821 0x1258 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:04:30.0821 0x1258 Msfs - ok
15:04:30.0841 0x1258 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:04:30.0841 0x1258 mshidkmdf - ok
15:04:30.0861 0x1258 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:04:30.0861 0x1258 msisadrv - ok
15:04:30.0891 0x1258 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:04:30.0891 0x1258 MSiSCSI - ok
15:04:30.0901 0x1258 msiserver - ok
15:04:30.0931 0x1258 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:04:30.0931 0x1258 MSKSSRV - ok
15:04:30.0931 0x1258 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:04:30.0931 0x1258 MSPCLOCK - ok
15:04:30.0941 0x1258 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:04:30.0941 0x1258 MSPQM - ok
15:04:30.0961 0x1258 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:04:30.0971 0x1258 MsRPC - ok
15:04:30.0991 0x1258 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:04:30.0991 0x1258 mssmbios - ok
15:04:30.0991 0x1258 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:04:30.0991 0x1258 MSTEE - ok
15:04:31.0011 0x1258 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:04:31.0011 0x1258 MTConfig - ok
15:04:31.0041 0x1258 [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
15:04:31.0041 0x1258 MTsensor - ok
15:04:31.0081 0x1258 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:04:31.0081 0x1258 Mup - ok
15:04:31.0142 0x1258 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:04:31.0152 0x1258 napagent - ok
15:04:31.0192 0x1258 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:04:31.0202 0x1258 NativeWifiP - ok
15:04:31.0262 0x1258 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:04:31.0282 0x1258 NDIS - ok
15:04:31.0302 0x1258 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:04:31.0302 0x1258 NdisCap - ok
15:04:31.0312 0x1258 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:04:31.0312 0x1258 NdisTapi - ok
15:04:31.0332 0x1258 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:04:31.0332 0x1258 Ndisuio - ok
15:04:31.0352 0x1258 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:04:31.0352 0x1258 NdisWan - ok
15:04:31.0372 0x1258 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:04:31.0372 0x1258 NDProxy - ok
15:04:31.0392 0x1258 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:04:31.0392 0x1258 NetBIOS - ok
15:04:31.0412 0x1258 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:04:31.0412 0x1258 NetBT - ok
15:04:31.0422 0x1258 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
15:04:31.0432 0x1258 Netlogon - ok
15:04:31.0462 0x1258 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:04:31.0472 0x1258 Netman - ok
15:04:31.0492 0x1258 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:04:31.0492 0x1258 NetMsmqActivator - ok
15:04:31.0532 0x1258 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:04:31.0532 0x1258 NetPipeActivator - ok
15:04:31.0562 0x1258 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:04:31.0572 0x1258 netprofm - ok
15:04:31.0582 0x1258 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:04:31.0582 0x1258 NetTcpActivator - ok
15:04:31.0592 0x1258 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:04:31.0592 0x1258 NetTcpPortSharing - ok
15:04:31.0622 0x1258 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:04:31.0622 0x1258 nfrd960 - ok
15:04:31.0652 0x1258 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:04:31.0662 0x1258 NlaSvc - ok
15:04:31.0692 0x1258 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2, 7A3FA5B779CBBED46CA81328951B71352E4FC60153A91965877834EC7C6F0074 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
15:04:31.0692 0x1258 nmwcd - ok
15:04:31.0712 0x1258 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:04:31.0712 0x1258 Npfs - ok
15:04:31.0742 0x1258 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:04:31.0742 0x1258 nsi - ok
15:04:31.0772 0x1258 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:04:31.0772 0x1258 nsiproxy - ok
15:04:31.0852 0x1258 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:04:31.0882 0x1258 Ntfs - ok
15:04:31.0902 0x1258 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:04:31.0902 0x1258 Null - ok
15:04:31.0932 0x1258 [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
15:04:31.0942 0x1258 NVENETFD - ok
15:04:32.0412 0x1258 [ 8E6247F418B4C8AE9EEB0B532CABCC21, 42AD2588CBC8C9478F289955AB1391C65788D0564CCA7E0F9A41B8498A8BA117 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:04:32.0842 0x1258 nvlddmkm - ok
15:04:32.0902 0x1258 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:04:32.0902 0x1258 nvraid - ok
15:04:32.0922 0x1258 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:04:32.0922 0x1258 nvstor - ok
15:04:32.0982 0x1258 [ 41B97DCE2B2D113B831EB197F02A7398, 3168C646327E5C72741A326C12AD46A73234DA6A67DC21F66FF1D195A971FBFE ] nvsvc C:\Windows\system32\nvvsvc.exe
15:04:33.0002 0x1258 nvsvc - ok
15:04:33.0072 0x1258 [ A3A25E0509F67473B960DAF214828BE3, F2EC38B82DF46E5765FD8976AA5A7043637AC716F56B17D6DC7524E774602DE3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:04:33.0092 0x1258 nvUpdatusService - ok
15:04:33.0132 0x1258 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:04:33.0132 0x1258 nv_agp - ok
15:04:33.0202 0x1258 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:04:33.0212 0x1258 odserv - ok
15:04:33.0242 0x1258 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:04:33.0242 0x1258 ohci1394 - ok
15:04:33.0382 0x1258 [ F216972DF23E8FFE7A381A4CB6C329AE, 9B3D5A09EA020D6970FA427F48E8B6950EC9C17B63F20D37AFA549FE9BC529E8 ] OS Selector C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
15:04:33.0422 0x1258 OS Selector - ok
15:04:33.0482 0x1258 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:04:33.0492 0x1258 ose - ok
15:04:33.0562 0x1258 [ 634347ADEBC790B8F07654A3EA8034FD, 1A7E0C145F80E598E96F75CFF3C97B4CD1E2DF492DF89BC398228AECE1F1AA1C ] P17 C:\Windows\system32\drivers\P17.sys
15:04:33.0582 0x1258 P17 - ok
15:04:33.0632 0x1258 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:04:33.0642 0x1258 p2pimsvc - ok
15:04:33.0662 0x1258 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:04:33.0682 0x1258 p2psvc - ok
15:04:33.0712 0x1258 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:04:33.0712 0x1258 Parport - ok
15:04:33.0742 0x1258 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:04:33.0742 0x1258 partmgr - ok
15:04:33.0772 0x1258 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
15:04:33.0772 0x1258 PcaSvc - ok
15:04:33.0782 0x1258 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:04:33.0792 0x1258 pci - ok
15:04:33.0812 0x1258 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:04:33.0812 0x1258 pciide - ok
15:04:33.0832 0x1258 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:04:33.0832 0x1258 pcmcia - ok
15:04:33.0842 0x1258 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:04:33.0842 0x1258 pcw - ok
15:04:33.0962 0x1258 [ 6250FBFC8F1ECC353F1CE701655FAC21, 519EAA09820980241FB1521C2B6BA4D6D38A90DE2A936D53656B9658946F0970 ] PDAgent C:\Program Files\Raxco\PDFree\PDAgent.exe
15:04:34.0002 0x1258 PDAgent - ok
15:04:34.0142 0x1258 [ B85B912DB75D442A8E3A8560F400652B, D819229FB9C3151396A1D4EA278763C709EB4705CE43E64FEFC78640828DDA49 ] PDEngine C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
15:04:34.0212 0x1258 PDEngine - ok
15:04:34.0252 0x1258 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:04:34.0262 0x1258 PEAUTH - ok
15:04:34.0332 0x1258 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:04:34.0332 0x1258 PerfHost - ok
15:04:34.0412 0x1258 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:04:34.0442 0x1258 pla - ok
15:04:34.0482 0x1258 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:04:34.0492 0x1258 PlugPlay - ok
15:04:34.0512 0x1258 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:04:34.0512 0x1258 PNRPAutoReg - ok
15:04:34.0542 0x1258 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:04:34.0542 0x1258 PNRPsvc - ok
15:04:34.0582 0x1258 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:04:34.0602 0x1258 PolicyAgent - ok
15:04:34.0622 0x1258 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:04:34.0632 0x1258 Power - ok
15:04:34.0662 0x1258 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:04:34.0662 0x1258 PptpMiniport - ok
15:04:34.0682 0x1258 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:04:34.0682 0x1258 Processor - ok
15:04:34.0712 0x1258 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
15:04:34.0722 0x1258 ProfSvc - ok
15:04:34.0732 0x1258 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:04:34.0732 0x1258 ProtectedStorage - ok
15:04:34.0762 0x1258 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:04:34.0762 0x1258 Psched - ok
15:04:34.0822 0x1258 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:04:34.0862 0x1258 ql2300 - ok
15:04:34.0892 0x1258 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:04:34.0892 0x1258 ql40xx - ok
15:04:34.0922 0x1258 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:04:34.0932 0x1258 QWAVE - ok
15:04:34.0942 0x1258 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:04:34.0942 0x1258 QWAVEdrv - ok
15:04:34.0952 0x1258 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:04:34.0952 0x1258 RasAcd - ok
15:04:34.0992 0x1258 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:04:34.0992 0x1258 RasAgileVpn - ok
15:04:35.0012 0x1258 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:04:35.0022 0x1258 RasAuto - ok
15:04:35.0032 0x1258 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:04:35.0042 0x1258 Rasl2tp - ok
15:04:35.0062 0x1258 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:04:35.0072 0x1258 RasMan - ok
15:04:35.0082 0x1258 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:04:35.0092 0x1258 RasPppoe - ok
15:04:35.0102 0x1258 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:04:35.0102 0x1258 RasSstp - ok
15:04:35.0132 0x1258 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:04:35.0142 0x1258 rdbss - ok
15:04:35.0152 0x1258 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:04:35.0162 0x1258 rdpbus - ok
15:04:35.0172 0x1258 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:04:35.0172 0x1258 RDPCDD - ok
15:04:35.0182 0x1258 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:04:35.0182 0x1258 RDPENCDD - ok
15:04:35.0202 0x1258 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:04:35.0202 0x1258 RDPREFMP - ok
15:04:35.0232 0x1258 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:04:35.0232 0x1258 RdpVideoMiniport - ok
15:04:35.0282 0x1258 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:04:35.0282 0x1258 RDPWD - ok
15:04:35.0322 0x1258 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:04:35.0332 0x1258 rdyboost - ok
15:04:35.0362 0x1258 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
15:04:35.0362 0x1258 RealNetworks Downloader Resolver Service - ok
15:04:35.0392 0x1258 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:04:35.0392 0x1258 RemoteAccess - ok
15:04:35.0422 0x1258 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:04:35.0432 0x1258 RemoteRegistry - ok
15:04:35.0442 0x1258 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:04:35.0442 0x1258 RpcEptMapper - ok
15:04:35.0462 0x1258 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:04:35.0472 0x1258 RpcLocator - ok
15:04:35.0492 0x1258 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:04:35.0512 0x1258 RpcSs - ok
15:04:35.0532 0x1258 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:04:35.0542 0x1258 rspndr - ok
15:04:35.0552 0x1258 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
15:04:35.0552 0x1258 SamSs - ok
15:04:35.0572 0x1258 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:04:35.0572 0x1258 sbp2port - ok
15:04:35.0602 0x1258 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:04:35.0602 0x1258 SCardSvr - ok
15:04:35.0612 0x1258 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:04:35.0612 0x1258 scfilter - ok
15:04:35.0662 0x1258 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
15:04:35.0682 0x1258 Schedule - ok
15:04:35.0712 0x1258 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:04:35.0712 0x1258 SCPolicySvc - ok
15:04:35.0722 0x1258 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:04:35.0732 0x1258 SDRSVC - ok
15:04:35.0772 0x1258 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:04:35.0772 0x1258 secdrv - ok
15:04:35.0792 0x1258 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:04:35.0792 0x1258 seclogon - ok
15:04:35.0812 0x1258 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
15:04:35.0812 0x1258 SENS - ok
15:04:35.0832 0x1258 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:04:35.0832 0x1258 SensrSvc - ok
15:04:35.0852 0x1258 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:04:35.0852 0x1258 Serenum - ok
15:04:35.0872 0x1258 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:04:35.0872 0x1258 Serial - ok
15:04:35.0892 0x1258 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:04:35.0892 0x1258 sermouse - ok
15:04:35.0932 0x1258 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:04:35.0932 0x1258 SessionEnv - ok
15:04:35.0942 0x1258 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:04:35.0942 0x1258 sffdisk - ok
15:04:35.0952 0x1258 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:04:35.0962 0x1258 sffp_mmc - ok
15:04:35.0972 0x1258 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:04:35.0972 0x1258 sffp_sd - ok
15:04:35.0982 0x1258 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:04:35.0982 0x1258 sfloppy - ok
15:04:36.0022 0x1258 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:04:36.0032 0x1258 SharedAccess - ok
15:04:36.0062 0x1258 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:04:36.0072 0x1258 ShellHWDetection - ok
15:04:36.0092 0x1258 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:04:36.0092 0x1258 SiSRaid2 - ok
15:04:36.0114 0x1258 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:04:36.0114 0x1258 SiSRaid4 - ok
15:04:36.0164 0x1258 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:04:36.0174 0x1258 SkypeUpdate - ok
15:04:36.0204 0x1258 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:04:36.0204 0x1258 Smb - ok
15:04:36.0254 0x1258 [ BBFB94699C8C265A6AF5FD51BDE26DFC, 9901A4E95F535963D4ED1ADFCE734D3AA51271793979A4436D30E12AD7DCE233 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
15:04:36.0264 0x1258 snapman - ok
15:04:36.0294 0x1258 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:04:36.0294 0x1258 SNMPTRAP - ok
15:04:36.0344 0x1258 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:04:36.0344 0x1258 spldr - ok
15:04:36.0384 0x1258 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:04:36.0394 0x1258 Spooler - ok
15:04:36.0524 0x1258 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:04:36.0614 0x1258 sppsvc - ok
15:04:36.0644 0x1258 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:04:36.0654 0x1258 sppuinotify - ok
15:04:36.0684 0x1258 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:04:36.0694 0x1258 srv - ok
15:04:36.0714 0x1258 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:04:36.0724 0x1258 srv2 - ok
15:04:36.0734 0x1258 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:04:36.0744 0x1258 srvnet - ok
15:04:36.0754 0x1258 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:04:36.0764 0x1258 SSDPSRV - ok
15:04:36.0784 0x1258 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:04:36.0784 0x1258 SstpSvc - ok
15:04:36.0824 0x1258 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
15:04:36.0824 0x1258 ssudmdm - ok
15:04:36.0844 0x1258 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:04:36.0854 0x1258 stexstor - ok
15:04:36.0894 0x1258 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:04:36.0914 0x1258 stisvc - ok
15:04:36.0924 0x1258 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:04:36.0924 0x1258 swenum - ok
15:04:36.0974 0x1258 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:04:36.0984 0x1258 swprv - ok
15:04:37.0054 0x1258 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
15:04:37.0104 0x1258 SysMain - ok
15:04:37.0124 0x1258 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:04:37.0124 0x1258 TabletInputService - ok
15:04:37.0154 0x1258 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:04:37.0164 0x1258 TapiSrv - ok
15:04:37.0184 0x1258 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:04:37.0194 0x1258 TBS - ok
15:04:37.0264 0x1258 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:04:37.0314 0x1258 Tcpip - ok
15:04:37.0384 0x1258 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:04:37.0424 0x1258 TCPIP6 - ok
15:04:37.0454 0x1258 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:04:37.0454 0x1258 tcpipreg - ok
15:04:37.0484 0x1258 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:04:37.0484 0x1258 TDPIPE - ok
15:04:37.0514 0x1258 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:04:37.0514 0x1258 TDTCP - ok
15:04:37.0524 0x1258 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:04:37.0534 0x1258 tdx - ok
15:04:37.0534 0x1258 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:04:37.0544 0x1258 TermDD - ok
15:04:37.0584 0x1258 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
15:04:37.0604 0x1258 TermService - ok
15:04:37.0614 0x1258 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:04:37.0614 0x1258 Themes - ok
15:04:37.0644 0x1258 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:04:37.0644 0x1258 THREADORDER - ok
15:04:37.0664 0x1258 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:04:37.0674 0x1258 TrkWks - ok
15:04:37.0714 0x1258 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:04:37.0724 0x1258 TrustedInstaller - ok
15:04:37.0754 0x1258 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:04:37.0754 0x1258 tssecsrv - ok
15:04:37.0784 0x1258 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:04:37.0784 0x1258 TsUsbFlt - ok
15:04:37.0804 0x1258 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:04:37.0804 0x1258 TsUsbGD - ok
15:04:37.0824 0x1258 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:04:37.0834 0x1258 tunnel - ok
15:04:37.0844 0x1258 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:04:37.0844 0x1258 uagp35 - ok
15:04:37.0874 0x1258 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:04:37.0884 0x1258 udfs - ok
15:04:37.0904 0x1258 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:04:37.0904 0x1258 UI0Detect - ok
15:04:37.0924 0x1258 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:04:37.0924 0x1258 uliagpkx - ok
15:04:37.0954 0x1258 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:04:37.0954 0x1258 umbus - ok
15:04:37.0964 0x1258 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
15:04:37.0974 0x1258 UmPass - ok
15:04:38.0004 0x1258 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:04:38.0014 0x1258 upnphost - ok
15:04:38.0034 0x1258 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:04:38.0034 0x1258 usbccgp - ok
15:04:38.0064 0x1258 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:04:38.0074 0x1258 usbcir - ok
15:04:38.0094 0x1258 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:04:38.0094 0x1258 usbehci - ok
15:04:38.0134 0x1258 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:04:38.0134 0x1258 usbhub - ok
15:04:38.0154 0x1258 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:04:38.0154 0x1258 usbohci - ok
15:04:38.0174 0x1258 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:04:38.0174 0x1258 usbprint - ok
15:04:38.0194 0x1258 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:04:38.0194 0x1258 usbscan - ok
15:04:38.0214 0x1258 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:04:38.0224 0x1258 USBSTOR - ok
15:04:38.0244 0x1258 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:04:38.0254 0x1258 usbuhci - ok
15:04:38.0274 0x1258 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:04:38.0274 0x1258 UxSms - ok
15:04:38.0294 0x1258 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
15:04:38.0294 0x1258 VaultSvc - ok
15:04:38.0314 0x1258 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:04:38.0314 0x1258 vdrvroot - ok
15:04:38.0344 0x1258 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:04:38.0364 0x1258 vds - ok
15:04:38.0374 0x1258 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:04:38.0374 0x1258 vga - ok
15:04:38.0394 0x1258 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:04:38.0394 0x1258 VgaSave - ok
15:04:38.0414 0x1258 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:04:38.0424 0x1258 vhdmp - ok
15:04:38.0444 0x1258 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:04:38.0444 0x1258 viaide - ok
15:04:38.0474 0x1258 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:04:38.0474 0x1258 volmgr - ok
15:04:38.0494 0x1258 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:04:38.0504 0x1258 volmgrx - ok
15:04:38.0514 0x1258 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:04:38.0524 0x1258 volsnap - ok
15:04:38.0554 0x1258 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:04:38.0564 0x1258 vsmraid - ok
15:04:38.0624 0x1258 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:04:38.0674 0x1258 VSS - ok
15:04:38.0694 0x1258 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:04:38.0694 0x1258 vwifibus - ok
15:04:38.0714 0x1258 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:04:38.0724 0x1258 W32Time - ok
15:04:38.0754 0x1258 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:04:38.0754 0x1258 WacomPen - ok
15:04:38.0784 0x1258 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:04:38.0784 0x1258 WANARP - ok
15:04:38.0794 0x1258 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:04:38.0794 0x1258 Wanarpv6 - ok
15:04:38.0874 0x1258 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:04:38.0904 0x1258 WatAdminSvc - ok
15:04:38.0974 0x1258 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:04:39.0014 0x1258 wbengine - ok
15:04:39.0024 0x1258 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:04:39.0034 0x1258 WbioSrvc - ok
15:04:39.0054 0x1258 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:04:39.0064 0x1258 wcncsvc - ok
15:04:39.0074 0x1258 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:04:39.0074 0x1258 WcsPlugInService - ok
15:04:39.0104 0x1258 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:04:39.0104 0x1258 Wd - ok
15:04:39.0144 0x1258 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:04:39.0164 0x1258 Wdf01000 - ok
15:04:39.0184 0x1258 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:04:39.0194 0x1258 WdiServiceHost - ok
15:04:39.0194 0x1258 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:04:39.0204 0x1258 WdiSystemHost - ok
15:04:39.0234 0x1258 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
15:04:39.0244 0x1258 WebClient - ok
15:04:39.0274 0x1258 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:04:39.0274 0x1258 Wecsvc - ok
15:04:39.0294 0x1258 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:04:39.0294 0x1258 wercplsupport - ok
15:04:39.0334 0x1258 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:04:39.0334 0x1258 WerSvc - ok
15:04:39.0364 0x1258 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:04:39.0364 0x1258 WfpLwf - ok
15:04:39.0384 0x1258 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:04:39.0384 0x1258 WIMMount - ok
15:04:39.0404 0x1258 WinDefend - ok
15:04:39.0434 0x1258 WinHttpAutoProxySvc - ok
15:04:39.0484 0x1258 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:04:39.0484 0x1258 Winmgmt - ok
15:04:39.0574 0x1258 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
15:04:39.0624 0x1258 WinRM - ok
15:04:39.0684 0x1258 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:04:39.0684 0x1258 WinUsb - ok
15:04:39.0734 0x1258 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:04:39.0764 0x1258 Wlansvc - ok
15:04:39.0906 0x1258 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:04:39.0966 0x1258 wlidsvc - ok
15:04:39.0986 0x1258 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:04:39.0986 0x1258 WmiAcpi - ok
15:04:40.0006 0x1258 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:04:40.0016 0x1258 wmiApSrv - ok
15:04:40.0036 0x1258 WMPNetworkSvc - ok
15:04:40.0056 0x1258 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:04:40.0056 0x1258 WPCSvc - ok
15:04:40.0076 0x1258 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:04:40.0076 0x1258 WPDBusEnum - ok
15:04:40.0096 0x1258 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:04:40.0096 0x1258 ws2ifsl - ok
15:04:40.0116 0x1258 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
15:04:40.0116 0x1258 wscsvc - ok
15:04:40.0126 0x1258 WSearch - ok
15:04:40.0236 0x1258 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
15:04:40.0296 0x1258 wuauserv - ok
15:04:40.0326 0x1258 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:04:40.0326 0x1258 WudfPf - ok
15:04:40.0356 0x1258 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:04:40.0356 0x1258 WUDFRd - ok
15:04:40.0366 0x1258 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:04:40.0376 0x1258 wudfsvc - ok
15:04:40.0396 0x1258 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:04:40.0406 0x1258 WwanSvc - ok
15:04:40.0416 0x1258 ================ Scan global ===============================
15:04:40.0446 0x1258 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:04:40.0476 0x1258 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:04:40.0496 0x1258 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:04:40.0516 0x1258 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:04:40.0536 0x1258 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:04:40.0546 0x1258 [ Global ] - ok
15:04:40.0546 0x1258 ================ Scan MBR ==================================
15:04:40.0556 0x1258 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:04:40.0726 0x1258 \Device\Harddisk0\DR0 - ok
15:04:40.0726 0x1258 ================ Scan VBR ==================================
15:04:40.0726 0x1258 [ AD06F0C2DFD967C5F00BBD17908F7A2E ] \Device\Harddisk0\DR0\Partition1
15:04:40.0726 0x1258 \Device\Harddisk0\DR0\Partition1 - ok
15:04:40.0736 0x1258 [ C145272AD06C0BFEC4D32C169E6A47E3 ] \Device\Harddisk0\DR0\Partition2
15:04:40.0736 0x1258 \Device\Harddisk0\DR0\Partition2 - ok
15:04:40.0736 0x1258 [ 44FCB7C82FFDE2C0865A2F002F323B4F ] \Device\Harddisk0\DR0\Partition3
15:04:40.0736 0x1258 \Device\Harddisk0\DR0\Partition3 - ok
15:04:40.0746 0x1258 ================ Scan generic autorun ======================
15:04:40.0746 0x1258 P17RunE - ok
15:04:40.0796 0x1258 [ 7E91655B4947EC1B18B3BC1645839145, 4425326D019A7A6380B71D6710AD94D58A11E1BC5BA42159DD4A17437A296C48 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
15:04:40.0806 0x1258 AVP - ok
15:04:40.0836 0x1258 [ E350385CF8113BE4A1D5ABEFC2B0F04C, CCE22F609274A1782F9EA563E5841786AAD142C246698648A8710C113073BFC1 ] C:\Program Files (x86)\EMET 4.1\EMET_agent.exe
15:04:40.0836 0x1258 EMET Agent - ok
15:04:40.0876 0x1258 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:04:40.0886 0x1258 APSDaemon - ok
15:04:40.0936 0x1258 [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:04:40.0946 0x1258 QuickTime Task - ok
15:04:40.0986 0x1258 [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
15:04:40.0996 0x1258 TkBellExe - ok
15:04:41.0016 0x1258 Skype - ok
15:04:41.0086 0x1258 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:04:41.0116 0x1258 Sidebar - ok
15:04:41.0148 0x1258 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:04:41.0148 0x1258 mctadmin - ok
15:04:41.0218 0x1258 [ 92BB68A095EE0ED8EBA5C68591F3F541, 4FE9E52380B935A5AA8E3DAD747E1B9B9DE5B0E6B0802DA6FB3498015201DC6B ] C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe
15:04:41.0228 0x1258 CTAutoUpdate - ok
15:04:41.0298 0x1258 [ 15BA44432E0BAC44233D1203DD33457B, 73874E1AD8D8E94EBAAAE4CEDED963A74AD0EE03D0AA660E34043DDAAFD06DCC ] C:\Program Files (x86)\Creative\Productregistratie\Dutch\InetReg.exe
15:04:41.0318 0x1258 InetReg - ok
15:04:41.0318 0x1258 Waiting for KSN requests completion. In queue: 331
15:04:42.0318 0x1258 Waiting for KSN requests completion. In queue: 331
15:04:43.0320 0x1258 Waiting for KSN requests completion. In queue: 20
15:04:44.0340 0x1258 AV detected via SS2: Kaspersky PURE 3.0, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\wmiav.exe ( 13.0.2.558 ), 0x41000 ( enabled : updated )
15:04:44.0350 0x1258 FW detected via SS2: Kaspersky PURE 3.0, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\wmifw.exe ( 13.0.2.558 ), 0x41010 ( enabled )
15:04:47.0012 0x1258 ============================================================
15:04:47.0012 0x1258 Scan finished
15:04:47.0012 0x1258 ============================================================
15:04:47.0022 0x0b68 Detected object count: 0
15:04:47.0022 0x0b68 Actual detected object count: 0
15:05:08.0320 0x0440 Deinitialize success
 
Download
52063a40e2e64-Farbar_Recovery_Scan_Tool_canned.png
Farbar Recovery Scan Tool 32 of 64 bit van n van de onderstaande links
Farbar Recovery Scan Tool 32 bit (x86)
Farbar Recovery Scan Tool 64 bit (x64)
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
FRST opstarten:
  • Windows 2000 en Windows XP: dubbelklik op FRST.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op FRST.exe of FRST64.exe en kies voor "Als Administrator uitvoeren".
FRST is opgestart:
  • Wanneer het programma is geopend klik dan op de knop Yes bij de disclaimer.


    53b7e197bbd45-farbar.jpg
    .

  • Druk vervolgens op de Scan knop.
  • Aansluitend zal een logbestand (FRST.txt) aangemaakt worden en op het bureaublad opgeslagen worden.
  • Post de inhoud van FRST.txt in je volgende bericht
.
 
Ik had eerst nog mijn Kaspersky antivirus uitgezet Abraham. Was dat ok?

Dan volgt hieronder de log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014 01
Ran by HansG at 2014-07-25 15:36:15
Running from C:\Users\HansG\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky PURE 3.0 (Disabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Disabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis*Disk*Director*11*Home (HKLM-x32\...\{8EFB7927-48AD-4E6D-91B7-6B2BD6C3F380}) (Version: 11.0.2343 - Acronis)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Any Video Converter 5.6.3 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 10 v.10.2.6 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.02.06 - Ashampoo GmbH & Co. KG)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Bridge Base Online (HKLM-x32\...\Bridge_Base_Online) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Configuratiescherm voor geluid (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
CuteFTP (HKLM-x32\...\CuteFTP) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EMET 4.1 (HKLM-x32\...\{65BC2BDA-D828-4596-99E4-A8799C45C84C}) (Version: 4.1 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.1.514 - DVDVideoSoft Ltd.)
Free Video Joiner (HKLM-x32\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version: - FreeVideoJoiner.com)
Free Video to MP3 Converter version 5.0.44.623 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.44.623 - DVDVideoSoft Ltd.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
Light Image Resizer 4.0.7.4 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.7.4 - ObviousIdea)
Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Meda MP3 Joiner 1.2 (HKLM-x32\...\Meda MP3 Joiner_is1) (Version: - MedaFan Technology)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2007 (x32 Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 nl)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP4Joiner v2.1.2 (HKLM-x32\...\MP4Joiner_is1) (Version: - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NBB-Rekenprogramma (HKLM-x32\...\NBBReken_is1) (Version: 2.8.31 - Bridge Systems BV / Nederlandse Bridge Bond)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NVIDIA Grafisch stuurprogramma 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA-configuratiescherm 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
PerfectDisk Free Defrag (HKLM\...\{56C0C063-2B3B-4B9B-8C1F-51C895EA1F0C}) (Version: 1.0.0 - Raxco Software Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SetupCrystalReportsClientXIR2 (HKLM-x32\...\{A0912B60-2587-457E-8345-0D820EEA6C6F}) (Version: 1.0.0 - Microsoft)
Skype 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SolveigMM AVI Trimmer (HKLM-x32\...\SolveigMM AVI Trimmer 2.1.1307.29) (Version: 2.1.1307.29 - Solveig Multimedia)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
StepBridge (HKLM-x32\...\StepBridge) (Version: - )
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.125 - PandoraTV)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0413-0000-0000000FF1CE}_PROPLUS_{F8564AF8-30AE-4427-ACF3-69714E1BB656}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROPLUS_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROPLUS_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROPLUS_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)
Youtube Downloader HD v. 2.9.9.13 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

21-07-2014 09:20:32 WinSysClean Restore Point
23-07-2014 19:20:54 DirectX is genstalleerd.
24-07-2014 01:00:10 Windows Update
24-07-2014 08:46:46 Revo Uninstaller's restore point - Lightworks

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-07-25 12:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {11EBE2AE-982F-49AA-9CD2-FA0CDCDB656F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6517D105-C87D-44EF-B86B-E848970692AA} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3321544612-3085500425-1333708152-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B91AC595-3E92-4C3E-9B47-27148C8F3D1F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BA6A0A92-C24C-4AC2-91C4-5B23E47148F2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3321544612-3085500425-1333708152-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D3CBE367-EF11-40E8-B645-40D151E9F243} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {D6C88C99-063B-45E2-96B8-EDB79662F4D9} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3321544612-3085500425-1333708152-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E3FEC0D3-93E4-419E-9036-562ECC8CEACB} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3321544612-3085500425-1333708152-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F5682221-3725-43AF-9F29-E0DF745A3FF5} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3321544612-3085500425-1333708152-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)

==================== Loaded Modules (whitelisted) =============

2013-11-12 10:38 - 2013-11-12 10:38 - 00089232 _____ () C:\Program Files (x86)\EMET 4.1\EMET_CE64.DLL
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2011-11-24 19:39 - 2011-11-24 19:39 - 02159224 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
2013-10-28 16:09 - 2013-01-31 11:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-12 10:22 - 2013-11-12 10:22 - 00114176 _____ () C:\Program Files (x86)\EMET 4.1\HelperLib.dll
2013-11-12 10:22 - 2013-11-12 10:22 - 00028672 _____ () C:\Program Files (x86)\EMET 4.1\ReportingSubsystem.dll
2013-06-12 16:53 - 2013-06-12 16:53 - 00348160 _____ () C:\Program Files (x86)\EMET 4.1\DevExpress.UserSkins.HighContrast.dll
2013-11-12 10:22 - 2013-11-12 10:22 - 00023040 _____ () C:\Program Files (x86)\EMET 4.1\TrayIconSubsystem.dll
2013-11-12 10:22 - 2013-11-12 10:22 - 00042496 _____ () C:\Program Files (x86)\EMET 4.1\PKIPinningSubsystem.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2013-11-12 10:38 - 2013-11-12 10:38 - 00080528 _____ () C:\Program Files (x86)\EMET 4.1\EMET_CE.DLL
2013-10-29 18:49 - 2009-02-06 19:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2013-10-29 18:49 - 2009-03-26 15:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\HansG\Documents\vrijdagladder.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Ethernet-controller
Description: Ethernet-controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB IMT-0521 SCR
Description: USB IMT-0521 SCR
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/25/2014 00:56:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2014 00:29:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2014 00:25:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002833
Id van proces met fout: 0x1098
Starttijd van toepassing met fout: 0xmtee.3XE0
Pad naar toepassing met fout: mtee.3XE1
Pad naar module met fout: mtee.3XE2
Rapport-id: mtee.3XE3

Error: (07/25/2014 00:25:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002833
Id van proces met fout: 0xbc4
Starttijd van toepassing met fout: 0xmtee.3XE0
Pad naar toepassing met fout: mtee.3XE1
Pad naar module met fout: mtee.3XE2
Rapport-id: mtee.3XE3

Error: (07/25/2014 00:25:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002833
Id van proces met fout: 0x1958
Starttijd van toepassing met fout: 0xmtee.3XE0
Pad naar toepassing met fout: mtee.3XE1
Pad naar module met fout: mtee.3XE2
Rapport-id: mtee.3XE3

Error: (07/25/2014 00:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002833
Id van proces met fout: 0x164c
Starttijd van toepassing met fout: 0xmtee.3XE0
Pad naar toepassing met fout: mtee.3XE1
Pad naar module met fout: mtee.3XE2
Rapport-id: mtee.3XE3

Error: (07/25/2014 00:24:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002833
Id van proces met fout: 0x1500
Starttijd van toepassing met fout: 0xmtee.3XE0
Pad naar toepassing met fout: mtee.3XE1
Pad naar module met fout: mtee.3XE2
Rapport-id: mtee.3XE3

Error: (07/25/2014 00:24:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002833
Id van proces met fout: 0x12e4
Starttijd van toepassing met fout: 0xmtee.3XE0
Pad naar toepassing met fout: mtee.3XE1
Pad naar module met fout: mtee.3XE2
Rapport-id: mtee.3XE3

Error: (07/25/2014 00:24:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002833
Id van proces met fout: 0x10fc
Starttijd van toepassing met fout: 0xmtee.3XE0
Pad naar toepassing met fout: mtee.3XE1
Pad naar module met fout: mtee.3XE2
Rapport-id: mtee.3XE3

Error: (07/25/2014 00:24:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002833
Id van proces met fout: 0xa28
Starttijd van toepassing met fout: 0xmtee.3XE0
Pad naar toepassing met fout: mtee.3XE1
Pad naar module met fout: mtee.3XE2
Rapport-id: mtee.3XE3


System errors:
=============
Error: (07/25/2014 00:26:59 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist.

Error: (07/25/2014 00:26:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma.

Error: (07/25/2014 00:22:47 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist.

Error: (07/22/2014 00:28:18 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (07/22/2014 03:03:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Function Discovery Resource Publication-service is gestopt met de volgende foutcode:
%%-2147014847.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-07-25 12:26:29.826
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand genstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2014-07-25 12:26:29.756
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand genstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2014-04-26 11:44:35.121
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2014-04-26 11:44:35.121
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2014-04-26 11:44:35.121
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2014-04-26 11:37:29.990
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2014-04-26 11:37:29.990
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2014-04-26 11:37:29.990
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2014-03-30 00:42:40.653
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2014-03-30 00:42:40.653
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.


==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 6142.49 MB
Available physical RAM: 4829.38 MB
Total Pagefile: 12283.16 MB
Available Pagefile: 10789.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (1e-partitie) (Fixed) (Total:119.69 GB) (Free:75.08 GB) NTFS
Drive d: (2e-partitie) (Fixed) (Total:113.09 GB) (Free:107.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 8B37D382)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=120 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=113 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 
Windows Defender deaktiveren
Daarvoor ga je naar "Start\Uitvoeren" en de opdracht luidt: services.msc.
Klik op de knop OK.
N.B.: Uitvoeren kan ook gestart worden door gelijktijdig de "Windowstoets + R-toets" in te drukken.

In het venster Services scroll je naar Windows Defender.
Dubbelklikk op die vermelding, bij "Opstarttype" zet je de instelling op "Gedeaktiveerd".

Klik nu eerst op de knop Toepassen; vervolgens klik je op de knop Stoppen, wacht even en klik uiteindelijk op OK.
Daarna mag je het venster Services weer sluiten.


Download Windows Repair All in One.

Lees deze lange handleiding A.U.B. helemaal door voordat u begint.
Notabene: sluit voordat Windows Repair All in One de fix gaat doen, eerst alle andere openstaande vensters!

  • Dubbelklik op "tweaking.com_windows_repair_aio_setup.exe" om de installatie daarvan te starten.
  • Windows Vista, 7 & 8: rechtsklik op de setup.exe en dan kiezen voor Als Administrator uitvoeren.
  • Klik in het scherm dat verschijnt op "Next" om het programma op de computer te installeren.
  • Volg de verder instructies van de installatie op, wanneer de installatie gereed is klikt u op "Next" en daarna op "Finish"
  • Hierna wordt het programma automatisch opgestart.
  • Indien wordt aangegeven, dat er een update beschikbaar is, klikt u op JA om hier mee akkoord te gaan.
    • Indien u niet beschikt over een werkende internetverbinding, dan kiest u de optie "NEE".
  • In het scherm wat nu verschijnt klik u op "Next" zoals op de onderstaande afbeelding.
    50e858705e33a-WRAIO-b.png
  • Klik in het vervolg scherm / tabblad Step1 wederom op "Next"
  • Klik in het volgende scherm Step2 wederom op "Next"
  • Bij het volgende scherm Step3 klikt u op "Do it" om de System File Checker uit te voeren zoals u kunt zien op de onderstaande afbeelding.
    50e859733a1c7-WRAIO-c.png
  • Er zal nu automatisch een CMD / DOS achtig scherm openen, druk hier op een toets om door te gaan.
    50e859d39eff0-WRAIO-d.png
  • Als deze scan gereed is klikt u wederom op "Next"
  • Klik in het volgende scherm Step4 wederom op "Next"
  • Klik hierna onder het tabblad Start repairs op de knop Start zoals op de onderstaande afbeelding.
    50e85bad2ae7c-WRAIO-e.png
  • Er zal nu een melding verschijnen met de mededeling om een herstelpunt en register back-up aan te maken, klik hier op JA.
    50e85c00267cc-WRAIO-f.png
  • Hierna verschijnt het volgende scherm.
    50e85c55e8459-WRAIO-g.png
  • Voer nu verder niets uit op de computer, laat het programma zijn werk doen.
  • Als het bovenstaande scherm is gesloten druk dan nogmaals op Start.
  • Standaard staan nu alle items aangevinkt, laat deze zo staan en klik op de knop start zoals u kunt zien op de onderstaande afbeelding.
    50e85d4231b8f-WRAIO-h.png
  • Laat het programma nu zijn werk doen en doe verder niets op het systeem, er zullen nu van allerlei CMD schermen verschijnen klik deze dan ook nooit weg.
  • Ik het rode kader op de onderstaande afbeelding ziet u de voorgang van de tool.
    50e85f3bd67d4-WRAIO-i.png
  • Als het erop lijkt alsof de tool niets meer doet, laat het systeem dan nog steeds met rust en wacht af tot het volgende scherm verschijnt.
  • Wanneer in een volgende scherm daarom gevraagd wordt, klikt u op "JA"
    50e862186134e-WRAIO-j.png
  • De computer wordt nu vanzelf na 30 seconden opnieuw opgestart.
 
Abraham, ik heb de stappen doorlopen.

Er werden 37 errors gefixt maar ik zag wel op een gegeven moment een aantal meldingen langskomen met de boodschap dat het bestand of map niet toegankelijk was...

Is er nog meer wat ik moet doen of kan ik alles gaan opruimen en zo ja, hoe?

N.B. Toen ik voor alle zekerheid windowsUpdates aanklikte stond er een rood kruis met de melding dat updates nog niet waren uitgevoerd. Ik laat nog even zoeken.

---------- Bericht toegevoegd op 19:11 ---------- Vorige bericht was op 18:54 ----------

Nogmaals updates. Ik zie al mijn ooit geinstalleerde updates niet meer. Wel werden er 2 updates voor microsoft essentials getoont, maar behalve windowsLiveMail heb ik die niet. Wat moet ik nu doen? m.a.w. wanneer ik windows naar updates laat zoeken wordt geen enkele (ooit geinstalleerde) update gevonden. Wel komt het groene label dat er geen updates werden gevonden (behoudens de 2 die ik zojuist noemde)
 
Laatst bewerkt door een moderator:
Download
525136c9bd45c-Farbar_Service_Scanner.png
Farbar Service Scanner
Zorg ervoor dat het tool vervolgens op het buraublad geplaatst wordt.

"Farbar Service Scanner" gebruiken:
  • Sluit nu eerst alle nog openstaande programmavensters!
    • Windows 2000 en Windows XP: dubbelklikken op "FSS.exe".
    • Windows Vista, Windows 7 en Windows 8: rechtsklikken op "FSS.exe" en dan kiezen voor Als Administrator uitvoeren.
  • Zorg er voor dat de volgende onderdelen zijn aangevinkt:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klik nu op de knop "Scan".
  • Aansluitend wordt een log aangemaakt (FSS.txt) in de zelfde map waar "FSS.exe" in zit.
  • Kopieer en plak de inhoud van het log in jouw volgende bericht.
 
Abraham, dit is de Farbar scan.

Farbar Service Scanner Version: 21-07-2014
Ran by HansG (administrator) on 25-07-2014 at 19:29:38
Running from "C:\Users\HansG\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

Overigens heb ik nog even via services.msc naar WindowsUpdates gekeken. Daarachter stond tot mijn verbazing: vertraagd starten. Is dat goed?
 
Laatst bewerkt door een moderator:
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan