• De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

Onvoldoende geheugen

Status
Niet open voor verdere reacties.
In jouw handleiding Process Explorer vond ik twee foutjes:

1. "Daartoe klik je in de menubalk op Select Columnes...". Eerst klikken op View (en Columns zonder 'e').
2. "Heb je het gecomprimeerde bestand uitgepakt, kan je de map Process Explorer het beste naar C:\Program Files (32 bit windows) of de map C:\Program Files (x86) (64-bit Windows) kopiren.". 32-bits en 64-bits moet andersom.

Tot mijn grote verbazing staan er sinds een half uur opeens twee Firefoxen in het Taakbeheer, dus ook in Process Explorer. Dat heb ik bij mijn weten nooit eerder gezien.

58bed1d1644ca-Firefox.png
 
Heb jij behalve de 64-bit versie van Firefox mogelijk ook nog de 32-bits versie van Mozilla Firefox in Program Files (x86) staan?

Overigens gebruikt jouw Vos in jouw voorbeeld een kwart van het geheugen in vergelijking met mijn voorbeeld.
Overigens: ik heb net een drie kwartier geleden mijn Firefox kunnen updaten naar de versie 52.
 
De 32-bits versie is sinds lange tijd geheel weg. Alleen de Maintenance Service blijkt nog 32-bits te zijn. Ik zal eens kijken of ik ook kan updaten.

Wat het geheugenverbruik betreft: het gaat hier wel om slechts n van de twee Firefoxen.

--- Update ---

Sinds de update van Firefox is deze plotseling onbruikbaar geworden. Geheel rode pagina.

--- Update ---

Boosdoener achterhaald via Veilige Modus: de addon 360 Internet Protection.
 
Even aannemende dat je Firefox bedoelt: de addon '360 Internet Protection' heb ik (tijdelijk?) verwijderd en nu werkt Firefox weer normaal.
 
Ik zit nu met mij oude Dell M6400 met daarin Windows Enterprise LTSBe en heb Firefox geupdated naar versie 52.
Qihoo 360 Essentials gebruik ik hierin en ik trachtte middels instellingen de add-on van Qihoo in Firefox te zetten.
Maar die knop is gedeaktiveerd - mogelijk dat er binnenkort dus een update ervoor komt.

Krijg je nog steeds die rare melding?
Wat geeft Windows Taakbeheer bij jou aan wat betreft het aantal processen en hoeveel werkgeheugen er wordt gebruikt?
 
De melding over onvoldoende geheugen is vandaag nog niet gekomen.

Het aantal processen staat momenteel op 61 (is vaak 70 of daaromtrent). Geheugenverbruik 61%; dat vind ik in de huidige situatie wel veel, want er staat weinig speciaals open.

De addon 360 Internet Protection zie ik nog gewoon in het aanbod staan en ik heb hem vanavond nog als test geherinstalleerd (zonder verbetering in de situatie). Zie de afbeelding hieronder.

58bf29ffab533-360.PNG
 
Ik heb die melding nog niet gekregen van Qihoo.


Download
51e2903039553-TDSSKiller_Resized.png
TDSSKiller en (ver)plaats de download naar/op het bureaublad.

  • Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).
  • Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"
  • Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
  • Start nu TDSSkiller opnieuw.
  • Klik in het licentiescherm op "Accept" om door te gaan.
  • Vervolgens krijgt u het scherm te zien van het "Kaspersky Security Network Statement" klik hier eveneens op "Accep".
  • Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.

    5247f2ef6060f-TDSSKiller-parameters.jpg

  • Klik op de knop "Start Scan" en volg de instructies.

  • Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.
  • Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
  • Post de inhoud van dit logbestand in jouw volgende bericht.
 
Binnen Qihu zelf is de Browseruntersttzung inderdaad grijs. Dat was mij ook opgevallen. Maar ik vond de addon wel binnen de Mozilla-winkel.

De TDSSKiller vond gelukkig ook weer niets.

11:23:12.0476 0x13c0 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
11:23:19.0266 0x13c0 ============================================================
11:23:19.0266 0x13c0 Current date / time: 2017/03/08 11:23:19.0266
11:23:19.0266 0x13c0 SystemInfo:
11:23:19.0266 0x13c0
11:23:19.0266 0x13c0 OS Version: 6.1.7601 ServicePack: 1.0
11:23:19.0266 0x13c0 Product type: Workstation
11:23:19.0266 0x13c0 ComputerName: LON-PC
11:23:19.0267 0x13c0 UserName: Lon
11:23:19.0267 0x13c0 Windows directory: C:\Windows
11:23:19.0267 0x13c0 System windows directory: C:\Windows
11:23:19.0267 0x13c0 Running under WOW64
11:23:19.0267 0x13c0 Processor architecture: Intel x64
11:23:19.0267 0x13c0 Number of processors: 2
11:23:19.0267 0x13c0 Page size: 0x1000
11:23:19.0267 0x13c0 Boot type: Normal boot
11:23:19.0267 0x13c0 CodeIntegrityOptions = 0x00000001
11:23:19.0267 0x13c0 ============================================================
11:23:20.0007 0x13c0 KLMD registered as C:\Windows\system32\drivers\74826951.sys
11:23:20.0007 0x13c0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
11:23:21.0100 0x13c0 System UUID: {94300A90-FBA2-A247-C8B9-CC31F9310CE6}
11:23:22.0434 0x13c0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:23:22.0441 0x13c0 Drive \Device\Harddisk1\DR1 - Size: 0x1E9D3AE00 ( 7.65 Gb ), SectorSize: 0x200, Cylinders: 0x3E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:23:22.0446 0x13c0 ============================================================
11:23:22.0446 0x13c0 \Device\Harddisk0\DR0:
11:23:22.0446 0x13c0 MBR partitions:
11:23:22.0446 0x13c0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353030
11:23:22.0446 0x13c0 \Device\Harddisk1\DR1:
11:23:22.0447 0x13c0 MBR partitions:
11:23:22.0447 0x13c0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3E, BlocksNum 0xF4DC2E
11:23:22.0447 0x13c0 ============================================================
11:23:23.0219 0x13c0 C: <-> \Device\Harddisk0\DR0\Partition1
11:23:23.0219 0x13c0 ============================================================
11:23:23.0219 0x13c0 Initialize success
11:23:23.0219 0x13c0 ============================================================
11:24:01.0252 0x12c8 ============================================================
11:24:01.0252 0x12c8 Scan started
11:24:01.0252 0x12c8 Mode: Manual; SigCheck; TDLFS;
11:24:01.0252 0x12c8 ============================================================
11:24:01.0252 0x12c8 KSN ping started
11:24:01.0662 0x12c8 KSN ping finished: true
11:24:03.0981 0x12c8 ================ Scan system memory ========================
11:24:03.0981 0x12c8 System memory - ok
11:24:03.0982 0x12c8 ================ Scan services =============================
11:24:04.0238 0x12c8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:24:04.0478 0x12c8 1394ohci - ok
11:24:04.0547 0x12c8 [ 9CC33FFF3AA4725CC3EE1ABDBDAA4CBC, 3251C8F78BA649E2A6D64422FDC9A0BC865406C36A2823BDCB453EFE86D2196B ] 360AntiHacker C:\Windows\system32\Drivers\360AntiHacker64.sys
11:24:04.0638 0x12c8 360AntiHacker - ok
11:24:04.0734 0x12c8 [ 06DC8E24D1846A26FFE978A51B73BBA0, 0E85F557649FEBEAD33FD49F2DA2917C694A40A5290A09EBE1C71D24C9572AD0 ] 360AvFlt C:\Windows\system32\DRIVERS\360AvFlt.sys
11:24:04.0771 0x12c8 360AvFlt - ok
11:24:04.0858 0x12c8 [ 03882DAC88F6C1CAD9101A9FC426B3EF, CF05279183D2510BE9D10673AE40177706F2A67B7C9F5E2A3105F920BE09AA6E ] 360Box64 C:\Windows\system32\DRIVERS\360Box64.sys
11:24:04.0915 0x12c8 360Box64 - ok
11:24:04.0986 0x12c8 [ D31541708A595BCA380105D44C2C2AD5, 730351AAB90D627BDA6E73035869AE314508933160035DDE38F1CB4665B81498 ] 360Camera C:\Windows\system32\Drivers\360Camera64.sys
11:24:05.0021 0x12c8 360Camera - ok
11:24:05.0147 0x12c8 [ A83EC46BA2414BC4150D3151DFCF7955, 3E6EBC1B60F82991A0A4D5563FDEB35D1B2D80F7BB7C613366BBDC0D91987096 ] 360FsFlt C:\Windows\system32\DRIVERS\360FsFlt.sys
11:24:05.0242 0x12c8 360FsFlt - ok
11:24:05.0319 0x12c8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:24:05.0393 0x12c8 ACPI - ok
11:24:05.0471 0x12c8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:24:05.0599 0x12c8 AcpiPmi - ok
11:24:05.0665 0x12c8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:24:05.0729 0x12c8 adp94xx - ok
11:24:05.0875 0x12c8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:24:05.0966 0x12c8 adpahci - ok
11:24:06.0018 0x12c8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:24:06.0068 0x12c8 adpu320 - ok
11:24:06.0112 0x12c8 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:24:06.0199 0x12c8 AeLookupSvc - ok
11:24:06.0331 0x12c8 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
11:24:06.0447 0x12c8 AFD - ok
11:24:06.0505 0x12c8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
11:24:06.0542 0x12c8 agp440 - ok
11:24:06.0609 0x12c8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
11:24:06.0703 0x12c8 ALG - ok
11:24:06.0759 0x12c8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
11:24:06.0797 0x12c8 aliide - ok
11:24:06.0879 0x12c8 [ FF779F9DE1CDF477033858B7681CEDA8, F190057C680F41BEF49FA7BE26A5827C124EC0BFE19D3E21ED93A3287E732D99 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:24:06.0975 0x12c8 AMD External Events Utility - ok
11:24:06.0995 0x12c8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
11:24:07.0026 0x12c8 amdide - ok
11:24:07.0079 0x12c8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:24:07.0140 0x12c8 AmdK8 - ok
11:24:07.0630 0x12c8 [ EF2B99DCEE397B45F50594696D7B5339, 568BD4AFD14C32A1602AE98D00A6C05372C0AE48D17CBC9257272A57F72E69D4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:24:08.0225 0x12c8 amdkmdag - ok
11:24:08.0275 0x12c8 [ 239DCE60BEE6E1576C803948AB4D54C5, BC346ACD57E9BDBBC4C659B1C9CB4D696A42B2AB3DBC387A169C89D11D15A673 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:24:08.0356 0x12c8 amdkmdap - ok
11:24:08.0413 0x12c8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:24:08.0486 0x12c8 AmdPPM - ok
11:24:08.0548 0x12c8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:24:08.0590 0x12c8 amdsata - ok
11:24:08.0668 0x12c8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:24:08.0731 0x12c8 amdsbs - ok
11:24:08.0756 0x12c8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:24:08.0816 0x12c8 amdxata - ok
11:24:08.0875 0x12c8 [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\Windows\system32\drivers\appid.sys
11:24:08.0944 0x12c8 AppID - ok
11:24:09.0019 0x12c8 [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:24:09.0116 0x12c8 AppIDSvc - ok
11:24:09.0171 0x12c8 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
11:24:09.0236 0x12c8 Appinfo - ok
11:24:09.0323 0x12c8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
11:24:09.0635 0x12c8 arc - ok
11:24:09.0770 0x12c8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:24:09.0809 0x12c8 arcsas - ok
11:24:11.0071 0x12c8 [ D8B152937AADE344D0915771AC91C947, 71AC507091DE9363A34F43C82E462DDB952635D24B808B976244D977B9B0AC1C ] Ashampoo Defrag Service C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe
11:24:11.0382 0x12c8 Ashampoo Defrag Service - ok
11:24:11.0770 0x12c8 [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:24:11.0839 0x12c8 aspnet_state - ok
11:24:11.0999 0x12c8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:24:13.0314 0x12c8 AsyncMac - ok
11:24:13.0375 0x12c8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
11:24:13.0405 0x12c8 atapi - ok
11:24:13.0593 0x12c8 [ 08BAAA2432E81031A6C3B11AD5A67E2B, BB909746B0FBC731BA7D64E9332FF367C8D37E7053B304F0FC08B270D3683D57 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:24:13.0878 0x12c8 athr - ok
11:24:14.0036 0x12c8 [ F9DB31BC5CD3700D37DB136BA56E5E9D, 9AB7421975500EE7FE583CCF86914F94E697606A9199DC4F27D5609554C5D3F7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:24:14.0113 0x12c8 AtiHDAudioService - ok
11:24:14.0199 0x12c8 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:24:14.0342 0x12c8 AudioEndpointBuilder - ok
11:24:14.0386 0x12c8 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:24:14.0467 0x12c8 AudioSrv - ok
11:24:14.0536 0x12c8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:24:14.0685 0x12c8 AxInstSV - ok
11:24:14.0779 0x12c8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:24:14.0889 0x12c8 b06bdrv - ok
11:24:14.0967 0x12c8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:24:15.0053 0x12c8 b57nd60a - ok
11:24:15.0115 0x12c8 [ 6BEEB92A07D1C2D4128D52752C34601A, 6D653145DF30D5A90F6FBC0A8750A29723EEB00B306F85ABB07BFDA11CF42789 ] BAPIDRV C:\Windows\system32\DRIVERS\BAPIDRV64.sys
11:24:15.0158 0x12c8 BAPIDRV - ok
11:24:15.0220 0x12c8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
11:24:15.0277 0x12c8 BDESVC - ok
11:24:15.0461 0x12c8 [ ECD29F7E7C87A309D654A6E2B59C45AC, B1108E5C050181BCF1ED7C45F8ABFCF192EE858B872C5DA728356E00F572A732 ] becwssvr C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwssvr.exe
11:24:15.0647 0x12c8 becwssvr - ok
11:24:15.0705 0x12c8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
11:24:15.0831 0x12c8 Beep - ok
11:24:15.0947 0x12c8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
11:24:16.0103 0x12c8 BFE - ok
11:24:16.0196 0x12c8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
11:24:16.0616 0x12c8 BITS - ok
11:24:16.0690 0x12c8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:24:16.0754 0x12c8 blbdrive - ok
11:24:16.0810 0x12c8 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:24:16.0911 0x12c8 bowser - ok
11:24:16.0959 0x12c8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:24:17.0024 0x12c8 BrFiltLo - ok
11:24:17.0056 0x12c8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:24:17.0125 0x12c8 BrFiltUp - ok
11:24:17.0200 0x12c8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
11:24:17.0281 0x12c8 Browser - ok
11:24:17.0340 0x12c8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:24:17.0442 0x12c8 Brserid - ok
11:24:17.0463 0x12c8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:24:17.0514 0x12c8 BrSerWdm - ok
11:24:17.0545 0x12c8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:24:17.0607 0x12c8 BrUsbMdm - ok
11:24:17.0634 0x12c8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:24:17.0687 0x12c8 BrUsbSer - ok
11:24:17.0720 0x12c8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:24:17.0771 0x12c8 BTHMODEM - ok
11:24:17.0816 0x12c8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
11:24:17.0942 0x12c8 bthserv - ok
11:24:17.0982 0x12c8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:24:18.0108 0x12c8 cdfs - ok
11:24:18.0146 0x12c8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:24:18.0210 0x12c8 cdrom - ok
11:24:18.0269 0x12c8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
11:24:18.0384 0x12c8 CertPropSvc - ok
11:24:18.0414 0x12c8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
11:24:18.0473 0x12c8 circlass - ok
11:24:18.0564 0x12c8 [ FF60401F1C659CA2ED4BAE85D3FD14DA, 71EEA0078E1545A2F80B0020BE7113843B713DE1A5CC20D9810BD9F3889A4DB0 ] CISVC C:\Windows\system32\CISVC.EXE
11:24:18.0633 0x12c8 CISVC - ok
11:24:18.0687 0x12c8 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
11:24:18.0759 0x12c8 CLFS - ok
11:24:18.0830 0x12c8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:24:18.0873 0x12c8 clr_optimization_v2.0.50727_32 - ok
11:24:18.0928 0x12c8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:24:18.0969 0x12c8 clr_optimization_v2.0.50727_64 - ok
11:24:19.0083 0x12c8 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:24:19.0165 0x12c8 clr_optimization_v4.0.30319_32 - ok
11:24:19.0218 0x12c8 [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:24:19.0307 0x12c8 clr_optimization_v4.0.30319_64 - ok
11:24:19.0371 0x12c8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:24:19.0427 0x12c8 CmBatt - ok
11:24:19.0472 0x12c8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:24:19.0505 0x12c8 cmdide - ok
11:24:19.0622 0x12c8 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
11:24:19.0737 0x12c8 CNG - ok
11:24:19.0816 0x12c8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:24:19.0854 0x12c8 Compbatt - ok
11:24:19.0901 0x12c8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:24:19.0945 0x12c8 CompositeBus - ok
11:24:19.0961 0x12c8 COMSysApp - ok
11:24:20.0035 0x12c8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:24:20.0066 0x12c8 crcdisk - ok
11:24:20.0121 0x12c8 [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:24:20.0191 0x12c8 CryptSvc - ok
11:24:20.0315 0x12c8 [ A5BEA0E5C297F5F3835638A87E512FBA, D9C31AE8661CD8AC87E5F28AFE4126C62B5D4AEB96610C9A2F49CEB288AF673A ] CTDevice_Srv C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
11:24:20.0346 0x12c8 CTDevice_Srv - detected UnsignedFile.Multi.Generic ( 1 )
11:24:20.0707 0x12c8 Detect skipped due to KSN trusted
11:24:20.0708 0x12c8 CTDevice_Srv - ok
11:24:20.0793 0x12c8 [ 8E26D772F53B7883A651E0E4A9598F21, 69A94B643038B874C69998A8BA5C45E04E034D0FF9C21D131BCDA02125BAEE5F ] CTUPnPSv C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe
11:24:20.0839 0x12c8 CTUPnPSv - detected UnsignedFile.Multi.Generic ( 1 )
11:24:21.0186 0x12c8 Detect skipped due to KSN trusted
11:24:21.0186 0x12c8 CTUPnPSv - ok
11:24:21.0406 0x12c8 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:24:21.0517 0x12c8 cvhsvc - ok
11:24:21.0631 0x12c8 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
11:24:21.0756 0x12c8 DcomLaunch - ok
11:24:21.0813 0x12c8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
11:24:21.0962 0x12c8 defragsvc - ok
11:24:22.0015 0x12c8 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:24:22.0075 0x12c8 DfsC - ok
11:24:22.0147 0x12c8 [ 51D50A9A72C18E4629891BF381D123BA, 3C9156F4430A677ACF8F79A648E8FAA668F4A8B58E202B4898CE95396F5A5820 ] DFX11_1 C:\Windows\system32\drivers\dfx11_1x64.sys
11:24:22.0176 0x12c8 DFX11_1 - ok
11:24:22.0249 0x12c8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:24:22.0373 0x12c8 Dhcp - ok
11:24:22.0537 0x12c8 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
11:24:22.0792 0x12c8 DiagTrack - ok
11:24:22.0853 0x12c8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
11:24:22.0970 0x12c8 discache - ok
11:24:23.0024 0x12c8 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
11:24:23.0091 0x12c8 Disk - ok
11:24:23.0159 0x12c8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:24:23.0240 0x12c8 Dnscache - ok
11:24:23.0296 0x12c8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
11:24:23.0464 0x12c8 dot3svc - ok
11:24:23.0671 0x12c8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
11:24:23.0825 0x12c8 DPS - ok
11:24:23.0916 0x12c8 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:24:23.0972 0x12c8 drmkaud - ok
11:24:24.0093 0x12c8 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:24:24.0225 0x12c8 DXGKrnl - ok
11:24:24.0415 0x12c8 [ A0D5450B3D4689DCE4CBBC8268141C37, 86674139314058AB8D8B12BED193828C006329CBA70FA5469E5D39526867B346 ] e.dentifier2 C:\Windows\system32\DRIVERS\aabed2.sys
11:24:24.0585 0x12c8 e.dentifier2 - ok
11:24:24.0652 0x12c8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
11:24:24.0817 0x12c8 EapHost - ok
11:24:25.0647 0x12c8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:24:26.0043 0x12c8 ebdrv - ok
11:24:26.0089 0x12c8 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS C:\Windows\System32\lsass.exe
11:24:26.0193 0x12c8 EFS - ok
11:24:26.0327 0x12c8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:24:26.0469 0x12c8 ehRecvr - ok
11:24:26.0517 0x12c8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
11:24:26.0604 0x12c8 ehSched - ok
11:24:26.0675 0x12c8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:24:26.0760 0x12c8 elxstor - ok
11:24:26.0786 0x12c8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:24:26.0847 0x12c8 ErrDev - ok
11:24:26.0915 0x12c8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
11:24:27.0055 0x12c8 EventSystem - ok
11:24:27.0108 0x12c8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
11:24:27.0245 0x12c8 exfat - ok
11:24:27.0297 0x12c8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:24:27.0440 0x12c8 fastfat - ok
11:24:27.0472 0x12c8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
11:24:27.0530 0x12c8 fdc - ok
11:24:27.0619 0x12c8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
11:24:27.0745 0x12c8 fdPHost - ok
11:24:27.0767 0x12c8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
11:24:27.0892 0x12c8 FDResPub - ok
11:24:27.0933 0x12c8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:24:27.0969 0x12c8 FileInfo - ok
11:24:27.0992 0x12c8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:24:28.0115 0x12c8 Filetrace - ok
11:24:28.0149 0x12c8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:24:28.0252 0x12c8 flpydisk - ok
11:24:28.0287 0x12c8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:24:28.0337 0x12c8 FltMgr - ok
11:24:28.0465 0x12c8 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
11:24:28.0629 0x12c8 FontCache - ok
11:24:28.0726 0x12c8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:24:28.0752 0x12c8 FontCache3.0.0.0 - ok
11:24:28.0787 0x12c8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:24:28.0815 0x12c8 FsDepends - ok
11:24:28.0850 0x12c8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:24:28.0882 0x12c8 Fs_Rec - ok
11:24:28.0947 0x12c8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:24:29.0001 0x12c8 fvevol - ok
11:24:29.0022 0x12c8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:24:29.0058 0x12c8 gagp30kx - ok
11:24:29.0129 0x12c8 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
11:24:29.0265 0x12c8 gpsvc - ok
11:24:29.0291 0x12c8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:24:29.0358 0x12c8 hcw85cir - ok
11:24:29.0448 0x12c8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:24:29.0558 0x12c8 HdAudAddService - ok
11:24:29.0579 0x12c8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:24:29.0659 0x12c8 HDAudBus - ok
11:24:29.0717 0x12c8 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:24:29.0743 0x12c8 HECIx64 - ok
11:24:29.0822 0x12c8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:24:29.0926 0x12c8 HidBatt - ok
11:24:29.0987 0x12c8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:24:30.0080 0x12c8 HidBth - ok
11:24:30.0103 0x12c8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
11:24:30.0170 0x12c8 HidIr - ok
11:24:30.0210 0x12c8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
11:24:30.0327 0x12c8 hidserv - ok
11:24:30.0378 0x12c8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
11:24:30.0453 0x12c8 HidUsb - ok
11:24:30.0494 0x12c8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:24:30.0632 0x12c8 hkmsvc - ok
11:24:30.0723 0x12c8 [ 3E85697EF2BF6D447C5CA2C8E4D15BB0, 583B82C66DD501E6A1F14E35F5F87C25D78BD78F1188A8BE3CB789FA99CCC45A ] hmpalert C:\Windows\system32\drivers\hmpalert.sys
11:24:30.0782 0x12c8 hmpalert - ok
11:24:31.0258 0x12c8 [ ADB038237CC1B7B5B7E7B12695B39CA4, D4F3B9593BE74983AE195168C2163E793FEDB746698612A902AC24D7C65D329F ] hmpalertsvc C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
11:24:31.0609 0x12c8 hmpalertsvc - ok
11:24:31.0705 0x12c8 [ 501F58C6611C4373852C735DFCB2D75D, BDF41CA4933163745FCA86B876BA932BE284E4478BEC5D3949F5D02C2B38AC05 ] hmpnet C:\Windows\system32\drivers\hmpnet.sys
11:24:31.0749 0x12c8 hmpnet - ok
11:24:31.0813 0x12c8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:24:31.0882 0x12c8 HomeGroupListener - ok
11:24:31.0934 0x12c8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:24:32.0047 0x12c8 HomeGroupProvider - ok
11:24:32.0134 0x12c8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:24:32.0165 0x12c8 HpSAMD - ok
11:24:32.0270 0x12c8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:24:32.0442 0x12c8 HTTP - ok
11:24:32.0810 0x12c8 [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
11:24:32.0846 0x12c8 HWiNFO32 - ok
11:24:32.0884 0x12c8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:24:32.0917 0x12c8 hwpolicy - ok
11:24:32.0930 0x12c8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:24:32.0976 0x12c8 i8042prt - ok
11:24:33.0053 0x12c8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:24:33.0126 0x12c8 iaStorV - ok
11:24:33.0243 0x12c8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:24:33.0356 0x12c8 idsvc - ok
11:24:33.0385 0x12c8 IEEtwCollectorService - ok
11:24:33.0424 0x12c8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:24:33.0455 0x12c8 iirsp - ok
11:24:33.0554 0x12c8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
11:24:33.0687 0x12c8 IKEEXT - ok
11:24:34.0089 0x12c8 [ 00D0BAD638E321E12A0A1F0D0CFF96B6, 5A315284FE9393E11057FB036EB3120E4151212EB5595C1F079D622408F92E81 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:24:34.0592 0x12c8 IntcAzAudAddService - ok
11:24:34.0655 0x12c8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
11:24:34.0689 0x12c8 intelide - ok
11:24:34.0755 0x12c8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:24:34.0841 0x12c8 intelppm - ok
11:24:34.0926 0x12c8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:24:35.0079 0x12c8 IPBusEnum - ok
11:24:35.0127 0x12c8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:24:35.0238 0x12c8 IpFilterDriver - ok
11:24:35.0315 0x12c8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:24:35.0473 0x12c8 iphlpsvc - ok
11:24:35.0531 0x12c8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:24:35.0574 0x12c8 IPMIDRV - ok
11:24:35.0612 0x12c8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:24:35.0766 0x12c8 IPNAT - ok
11:24:35.0823 0x12c8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:24:35.0876 0x12c8 IRENUM - ok
11:24:35.0913 0x12c8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:24:35.0946 0x12c8 isapnp - ok
11:24:36.0015 0x12c8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:24:36.0072 0x12c8 iScsiPrt - ok
11:24:36.0138 0x12c8 [ D51DECFEE26EEB855D065A2B87713BC6, 78C2B3D6FD73CF3A4DE465EEB4E3522828B45D58286A95FA980F4DC96F275A5D ] k57nd C:\Windows\system32\DRIVERS\k57amd64.sys
11:24:36.0202 0x12c8 k57nd - ok
11:24:36.0304 0x12c8 [ 779010324CCB6B974C4D737DDAABB2D5, 3D8591069D02F0888517C54A4C52E3174771EE86D3DA272C14FCE1B27DCB8613 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
11:24:36.0376 0x12c8 k57nd60a - ok
11:24:36.0433 0x12c8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:24:36.0470 0x12c8 kbdclass - ok
11:24:36.0501 0x12c8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:24:36.0570 0x12c8 kbdhid - ok
11:24:36.0694 0x12c8 [ 8799983720576D5DE3214C1AF14C67BD, A3FC975762F6D754C18A1C2C37D84F70247BE0ED1C6E99671B04A48DAC75ABEB ] keycrypt C:\Windows\system32\DRIVERS\KeyCrypt64.sys
11:24:36.0733 0x12c8 keycrypt - ok
11:24:36.0767 0x12c8 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso C:\Windows\system32\lsass.exe
11:24:36.0807 0x12c8 KeyIso - ok
11:24:36.0851 0x12c8 [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:24:36.0889 0x12c8 KSecDD - ok
11:24:36.0914 0x12c8 [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:24:36.0956 0x12c8 KSecPkg - ok
11:24:37.0012 0x12c8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:24:37.0118 0x12c8 ksthunk - ok
11:24:37.0173 0x12c8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
11:24:37.0315 0x12c8 KtmRm - ok
11:24:37.0392 0x12c8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:24:37.0516 0x12c8 LanmanServer - ok
11:24:37.0573 0x12c8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:24:37.0711 0x12c8 LanmanWorkstation - ok
11:24:37.0761 0x12c8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:24:37.0941 0x12c8 lltdio - ok
11:24:38.0027 0x12c8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:24:38.0158 0x12c8 lltdsvc - ok
11:24:38.0174 0x12c8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:24:38.0291 0x12c8 lmhosts - ok
11:24:38.0363 0x12c8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:24:38.0399 0x12c8 LSI_FC - ok
11:24:38.0431 0x12c8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:24:38.0468 0x12c8 LSI_SAS - ok
11:24:38.0535 0x12c8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:24:38.0568 0x12c8 LSI_SAS2 - ok
11:24:38.0588 0x12c8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:24:38.0624 0x12c8 LSI_SCSI - ok
11:24:38.0654 0x12c8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
11:24:38.0783 0x12c8 luafv - ok
11:24:39.0191 0x12c8 [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
11:24:39.0602 0x12c8 MBAMService - ok
11:24:39.0696 0x12c8 [ F8E8B0977741F114407494174522B71A, 6A3FE40D4649D89ABED007FFF13C38F021284265EC692C6190FF0EF8BDECF99C ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:24:39.0748 0x12c8 MBAMSwissArmy - ok
11:24:39.0786 0x12c8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:24:39.0832 0x12c8 Mcx2Svc - ok
11:24:39.0925 0x12c8 [ 39DFF42E57C53A58C162F4760A75EA84, 16B58900FCB8C542BEE82A90B679DA513A1E11532451F29F62D08C218FC0B341 ] MDA_NTDRV C:\Windows\system32\MDA_NTDRV.sys
11:24:40.0027 0x12c8 MDA_NTDRV - ok
11:24:40.0093 0x12c8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
11:24:40.0125 0x12c8 megasas - ok
11:24:40.0178 0x12c8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:24:40.0232 0x12c8 MegaSR - ok
11:24:40.0275 0x12c8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
11:24:40.0441 0x12c8 MMCSS - ok
11:24:40.0486 0x12c8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
11:24:40.0567 0x12c8 Modem - ok
11:24:40.0595 0x12c8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:24:40.0656 0x12c8 monitor - ok
11:24:40.0677 0x12c8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:24:40.0713 0x12c8 mouclass - ok
11:24:40.0755 0x12c8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\drivers\mouhid.sys
11:24:40.0797 0x12c8 mouhid - ok
11:24:40.0854 0x12c8 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:24:40.0893 0x12c8 mountmgr - ok
11:24:40.0982 0x12c8 [ 3F3D10A165EC7E9B8298DD308512452D, 565AE2B47543446B41455400B4C8FBCC202E584436921BE332FC01D4080BA17A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:24:41.0027 0x12c8 MozillaMaintenance - ok
11:24:41.0070 0x12c8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
11:24:41.0114 0x12c8 mpio - ok
11:24:41.0143 0x12c8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:24:41.0252 0x12c8 mpsdrv - ok
11:24:41.0340 0x12c8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:24:41.0536 0x12c8 MpsSvc - ok
11:24:41.0592 0x12c8 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:24:41.0696 0x12c8 MRxDAV - ok
11:24:41.0737 0x12c8 [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:24:41.0800 0x12c8 mrxsmb - ok
11:24:41.0852 0x12c8 [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:24:41.0925 0x12c8 mrxsmb10 - ok
11:24:41.0952 0x12c8 [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:24:41.0995 0x12c8 mrxsmb20 - ok
11:24:42.0030 0x12c8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
11:24:42.0060 0x12c8 msahci - ok
11:24:42.0107 0x12c8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:24:42.0144 0x12c8 msdsm - ok
11:24:42.0169 0x12c8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
11:24:42.0232 0x12c8 MSDTC - ok
11:24:42.0263 0x12c8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:24:42.0385 0x12c8 Msfs - ok
11:24:42.0434 0x12c8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:24:42.0557 0x12c8 mshidkmdf - ok
11:24:42.0589 0x12c8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:24:42.0623 0x12c8 msisadrv - ok
11:24:42.0681 0x12c8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:24:42.0814 0x12c8 MSiSCSI - ok
11:24:42.0829 0x12c8 msiserver - ok
11:24:42.0874 0x12c8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:24:42.0978 0x12c8 MSKSSRV - ok
11:24:43.0017 0x12c8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:24:43.0145 0x12c8 MSPCLOCK - ok
11:24:43.0173 0x12c8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:24:43.0278 0x12c8 MSPQM - ok
11:24:43.0315 0x12c8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:24:43.0384 0x12c8 MsRPC - ok
11:24:43.0400 0x12c8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:24:43.0432 0x12c8 mssmbios - ok
11:24:43.0472 0x12c8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:24:43.0588 0x12c8 MSTEE - ok
11:24:43.0615 0x12c8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:24:43.0666 0x12c8 MTConfig - ok
11:24:43.0714 0x12c8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
11:24:43.0747 0x12c8 Mup - ok
11:24:43.0806 0x12c8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
11:24:43.0947 0x12c8 napagent - ok
11:24:44.0013 0x12c8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:24:44.0102 0x12c8 NativeWifiP - ok
11:24:44.0213 0x12c8 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:24:44.0325 0x12c8 NDIS - ok
11:24:44.0370 0x12c8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:24:44.0478 0x12c8 NdisCap - ok
11:24:44.0547 0x12c8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:24:44.0672 0x12c8 NdisTapi - ok
11:24:44.0708 0x12c8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:24:44.0826 0x12c8 Ndisuio - ok
11:24:44.0851 0x12c8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:24:44.0973 0x12c8 NdisWan - ok
11:24:44.0989 0x12c8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:24:45.0082 0x12c8 NDProxy - ok
11:24:45.0107 0x12c8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:24:45.0216 0x12c8 NetBIOS - ok
11:24:45.0276 0x12c8 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:24:45.0367 0x12c8 NetBT - ok
11:24:45.0400 0x12c8 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon C:\Windows\system32\lsass.exe
11:24:45.0434 0x12c8 Netlogon - ok
11:24:45.0502 0x12c8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
11:24:45.0693 0x12c8 Netman - ok
11:24:45.0770 0x12c8 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:24:45.0830 0x12c8 NetMsmqActivator - ok
11:24:45.0846 0x12c8 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:24:45.0891 0x12c8 NetPipeActivator - ok
11:24:45.0957 0x12c8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
11:24:46.0116 0x12c8 netprofm - ok
11:24:46.0145 0x12c8 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:24:46.0190 0x12c8 NetTcpActivator - ok
11:24:46.0203 0x12c8 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:24:46.0249 0x12c8 NetTcpPortSharing - ok
11:24:46.0329 0x12c8 [ 94C08DF0F07C509D99FEA7CFC486C335, 0AAE40D7B5D57AED2A897161601A08123E64088033B03527DC1BA2B55E7A4E9A ] NetTimeSvc C:\Program Files (x86)\NetTime\NetTimeService.exe
11:24:46.0407 0x12c8 NetTimeSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:24:46.0759 0x12c8 Detect skipped due to KSN trusted
11:24:46.0759 0x12c8 NetTimeSvc - ok
11:24:46.0827 0x12c8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:24:46.0864 0x12c8 nfrd960 - ok
11:24:46.0932 0x12c8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
11:24:47.0048 0x12c8 NlaSvc - ok
11:24:47.0102 0x12c8 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf C:\Windows\system32\drivers\npf.sys
11:24:47.0131 0x12c8 npf - ok
11:24:47.0187 0x12c8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:24:47.0294 0x12c8 Npfs - ok
11:24:47.0351 0x12c8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
11:24:47.0466 0x12c8 nsi - ok
11:24:47.0479 0x12c8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:24:47.0602 0x12c8 nsiproxy - ok
11:24:47.0780 0x12c8 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:24:47.0964 0x12c8 Ntfs - ok
11:24:48.0007 0x12c8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
11:24:48.0115 0x12c8 Null - ok
11:24:48.0182 0x12c8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:24:48.0217 0x12c8 nvraid - ok
11:24:48.0256 0x12c8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:24:48.0291 0x12c8 nvstor - ok
11:24:48.0326 0x12c8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:24:48.0358 0x12c8 nv_agp - ok
11:24:48.0408 0x12c8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:24:48.0443 0x12c8 ohci1394 - ok
11:24:48.0587 0x12c8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:24:48.0625 0x12c8 ose - ok
11:24:48.0979 0x12c8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:24:49.0436 0x12c8 osppsvc - ok
11:24:49.0518 0x12c8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:24:49.0623 0x12c8 p2pimsvc - ok
11:24:49.0691 0x12c8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
11:24:49.0785 0x12c8 p2psvc - ok
11:24:49.0839 0x12c8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
11:24:49.0885 0x12c8 Parport - ok
11:24:49.0948 0x12c8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:24:49.0980 0x12c8 partmgr - ok
11:24:50.0037 0x12c8 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
11:24:50.0162 0x12c8 PcaSvc - ok
11:24:50.0233 0x12c8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
11:24:50.0278 0x12c8 pci - ok
11:24:50.0324 0x12c8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
11:24:50.0358 0x12c8 pciide - ok
11:24:50.0408 0x12c8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:24:50.0456 0x12c8 pcmcia - ok
11:24:50.0484 0x12c8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
11:24:50.0519 0x12c8 pcw - ok
11:24:50.0575 0x12c8 [ 0F21ECCF2287BB402FDBAE37050AD393, 704B5AF57CD250C6F3408E9E9046E6F71C9E5AFB952586C59B9FE3661D96B190 ] PCWinSoft C:\Windows\system32\DRIVERS\scrcamhrdrv_x64.sys
11:24:50.0629 0x12c8 PCWinSoft - ok
11:24:50.0693 0x12c8 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:24:50.0796 0x12c8 PEAUTH - ok
11:24:50.0911 0x12c8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:24:50.0968 0x12c8 PerfHost - ok
11:24:51.0123 0x12c8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
11:24:51.0330 0x12c8 pla - ok
11:24:51.0395 0x12c8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:24:51.0506 0x12c8 PlugPlay - ok
11:24:51.0611 0x12c8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:24:51.0743 0x12c8 PNRPAutoReg - ok
11:24:51.0931 0x12c8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:24:51.0992 0x12c8 PNRPsvc - ok
11:24:52.0070 0x12c8 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:24:52.0191 0x12c8 PolicyAgent - ok
11:24:52.0257 0x12c8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
11:24:52.0392 0x12c8 Power - ok
11:24:52.0435 0x12c8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:24:52.0554 0x12c8 PptpMiniport - ok
11:24:52.0588 0x12c8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
11:24:52.0647 0x12c8 Processor - ok
11:24:52.0705 0x12c8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
11:24:52.0783 0x12c8 ProfSvc - ok
11:24:52.0811 0x12c8 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
11:24:52.0858 0x12c8 ProtectedStorage - ok
11:24:52.0906 0x12c8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:24:53.0026 0x12c8 Psched - ok
11:24:53.0156 0x12c8 [ 2DC444DA17A1F4632631ED68A3C1F97D, 4A7F78841B0ACB122C47B6C5D391AE52FF618D2A69567078B567EB798B574FAB ] QHActiveDefense C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
11:24:53.0249 0x12c8 QHActiveDefense - ok
11:24:53.0391 0x12c8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:24:53.0572 0x12c8 ql2300 - ok
11:24:53.0634 0x12c8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:24:53.0674 0x12c8 ql40xx - ok
11:24:53.0734 0x12c8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
11:24:53.0811 0x12c8 QWAVE - ok
11:24:53.0851 0x12c8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:24:53.0931 0x12c8 QWAVEdrv - ok
11:24:53.0952 0x12c8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:24:54.0078 0x12c8 RasAcd - ok
11:24:54.0123 0x12c8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:24:54.0231 0x12c8 RasAgileVpn - ok
11:24:54.0280 0x12c8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
11:24:54.0403 0x12c8 RasAuto - ok
11:24:54.0454 0x12c8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:24:54.0594 0x12c8 Rasl2tp - ok
11:24:54.0640 0x12c8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
11:24:54.0767 0x12c8 RasMan - ok
11:24:54.0799 0x12c8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:24:54.0919 0x12c8 RasPppoe - ok
11:24:54.0933 0x12c8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:24:55.0101 0x12c8 RasSstp - ok
11:24:55.0137 0x12c8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:24:55.0261 0x12c8 rdbss - ok
11:24:55.0313 0x12c8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:24:55.0389 0x12c8 rdpbus - ok
11:24:55.0421 0x12c8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:24:55.0538 0x12c8 RDPCDD - ok
11:24:55.0633 0x12c8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:24:55.0742 0x12c8 RDPENCDD - ok
11:24:55.0800 0x12c8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:24:55.0911 0x12c8 RDPREFMP - ok
11:24:56.0032 0x12c8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:24:56.0095 0x12c8 RdpVideoMiniport - ok
11:24:56.0152 0x12c8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:24:56.0235 0x12c8 RDPWD - ok
11:24:56.0281 0x12c8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:24:56.0322 0x12c8 rdyboost - ok
11:24:56.0363 0x12c8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:24:56.0479 0x12c8 RemoteAccess - ok
11:24:56.0543 0x12c8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:24:56.0647 0x12c8 RemoteRegistry - ok
11:24:56.0668 0x12c8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:24:56.0795 0x12c8 RpcEptMapper - ok
11:24:56.0841 0x12c8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
11:24:56.0884 0x12c8 RpcLocator - ok
11:24:56.0952 0x12c8 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
11:24:57.0031 0x12c8 RpcSs - ok
11:24:57.0088 0x12c8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:24:57.0200 0x12c8 rspndr - ok
11:24:57.0223 0x12c8 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs C:\Windows\system32\lsass.exe
11:24:57.0262 0x12c8 SamSs - ok
11:24:57.0311 0x12c8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:24:57.0349 0x12c8 sbp2port - ok
11:24:57.0403 0x12c8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:24:57.0534 0x12c8 SCardSvr - ok
11:24:57.0585 0x12c8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:24:57.0705 0x12c8 scfilter - ok
11:24:57.0813 0x12c8 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
11:24:57.0962 0x12c8 Schedule - ok
11:24:58.0003 0x12c8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:24:58.0097 0x12c8 SCPolicySvc - ok
11:24:58.0145 0x12c8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:24:58.0229 0x12c8 SDRSVC - ok
11:24:58.0279 0x12c8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:24:58.0357 0x12c8 secdrv - ok
11:24:58.0402 0x12c8 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
11:24:58.0479 0x12c8 seclogon - ok
11:24:58.0547 0x12c8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
11:24:58.0679 0x12c8 SENS - ok
11:24:58.0724 0x12c8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:24:58.0809 0x12c8 SensrSvc - ok
11:24:58.0873 0x12c8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:24:58.0933 0x12c8 Serenum - ok
11:24:59.0016 0x12c8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
11:24:59.0093 0x12c8 Serial - ok
11:24:59.0163 0x12c8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:24:59.0204 0x12c8 sermouse - ok
11:24:59.0281 0x12c8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
11:24:59.0441 0x12c8 SessionEnv - ok
11:24:59.0485 0x12c8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:24:59.0562 0x12c8 sffdisk - ok
11:24:59.0589 0x12c8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:24:59.0639 0x12c8 sffp_mmc - ok
11:24:59.0708 0x12c8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:24:59.0750 0x12c8 sffp_sd - ok
11:24:59.0803 0x12c8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:24:59.0858 0x12c8 sfloppy - ok
11:25:00.0008 0x12c8 [ 9242988D74674C2819D454F001457BAD, D353A30D224940B0C7750161782CE98D4C47ABC5C4E04B100F8ABB6A3402B5AD ] Sftfs C:\Windows\system32\DRIVERS\Sftfswin7.sys
11:25:00.0135 0x12c8 Sftfs - ok
11:25:00.0234 0x12c8 [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:25:00.0337 0x12c8 sftlist - ok
11:25:00.0374 0x12c8 [ 44391FA910901E2B8A2F831340FD707A, 9ACAD655DCCCAF562CEDE9180B187C229FFCAF97BA87D78225253C7868698CB8 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaywin7.sys
11:25:00.0427 0x12c8 Sftplay - ok
11:25:00.0468 0x12c8 [ 8654DBDC8ED8ED7257618D11B6C590BE, 1A410CCB7CDE99C607662E21054E959D3349647C5BD810CE744DA59EEB9C3FA2 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirwin7.sys
11:25:00.0498 0x12c8 Sftredir - ok
11:25:00.0530 0x12c8 [ 648F0152A7BAE175905C22E8BD839760, 6E3FC032212FD1F39FEE96D230F47BB25355587E8A73E34776CAEA8C0C1FB58E ] Sftvol C:\Windows\system32\DRIVERS\Sftvolwin7.sys
11:25:00.0559 0x12c8 Sftvol - ok
11:25:00.0797 0x12c8 [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:25:00.0845 0x12c8 sftvsa - ok
11:25:00.0927 0x12c8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:25:01.0126 0x12c8 SharedAccess - ok
11:25:01.0229 0x12c8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:25:01.0434 0x12c8 ShellHWDetection - ok
11:25:01.0485 0x12c8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:25:01.0520 0x12c8 SiSRaid2 - ok
11:25:01.0558 0x12c8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:25:01.0596 0x12c8 SiSRaid4 - ok
11:25:01.0640 0x12c8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:25:01.0766 0x12c8 Smb - ok
11:25:01.0832 0x12c8 [ 8CAC3432AD7B3634A765B042AD2E3607, 4980EE619A1BADE2A555A583C5C4732E8C0A82504912AE088F649227A0D3ECC3 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
11:25:01.0861 0x12c8 SmbDrvI - ok
11:25:01.0913 0x12c8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:25:01.0971 0x12c8 SNMPTRAP - ok
11:25:01.0997 0x12c8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
11:25:02.0031 0x12c8 spldr - ok
11:25:02.0080 0x12c8 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
11:25:02.0232 0x12c8 Spooler - ok
11:25:02.0463 0x12c8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
11:25:02.0839 0x12c8 sppsvc - ok
11:25:02.0868 0x12c8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:25:03.0015 0x12c8 sppuinotify - ok
11:25:03.0106 0x12c8 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:25:03.0236 0x12c8 srv - ok
11:25:03.0320 0x12c8 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:25:03.0402 0x12c8 srv2 - ok
11:25:03.0452 0x12c8 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:25:03.0539 0x12c8 srvnet - ok
11:25:03.0628 0x12c8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:25:03.0764 0x12c8 SSDPSRV - ok
11:25:03.0803 0x12c8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:25:03.0936 0x12c8 SstpSvc - ok
11:25:03.0981 0x12c8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:25:04.0016 0x12c8 stexstor - ok
11:25:04.0114 0x12c8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
11:25:04.0233 0x12c8 stisvc - ok
11:25:04.0264 0x12c8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:25:04.0295 0x12c8 swenum - ok
11:25:04.0361 0x12c8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
11:25:04.0517 0x12c8 swprv - ok
11:25:04.0655 0x12c8 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
11:25:04.0853 0x12c8 SysMain - ok
11:25:04.0911 0x12c8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:25:04.0982 0x12c8 TabletInputService - ok
11:25:05.0037 0x12c8 [ FEB710154EDF9B2A15E863E262B5BEE1, F05126CBC5688AB48086DB85CD50A84150EAFFCA779B662E21F2E395BD0E5466 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
11:25:05.0069 0x12c8 tap0901 - ok
11:25:05.0112 0x12c8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
11:25:05.0262 0x12c8 TapiSrv - ok
11:25:05.0433 0x12c8 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:25:05.0624 0x12c8 Tcpip - ok
11:25:05.0782 0x12c8 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:25:05.0928 0x12c8 TCPIP6 - ok
11:25:05.0985 0x12c8 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:25:06.0085 0x12c8 tcpipreg - ok
11:25:06.0177 0x12c8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:25:06.0258 0x12c8 TDPIPE - ok
11:25:06.0295 0x12c8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:25:06.0351 0x12c8 TDTCP - ok
11:25:06.0408 0x12c8 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:25:06.0470 0x12c8 tdx - ok
11:25:06.0534 0x12c8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:25:06.0570 0x12c8 TermDD - ok
11:25:06.0785 0x12c8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
11:25:06.0919 0x12c8 TermService - ok
11:25:06.0966 0x12c8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
11:25:07.0051 0x12c8 Themes - ok
11:25:07.0109 0x12c8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
11:25:07.0317 0x12c8 THREADORDER - ok
11:25:07.0394 0x12c8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
11:25:07.0520 0x12c8 TrkWks - ok
11:25:07.0625 0x12c8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:25:07.0748 0x12c8 TrustedInstaller - ok
11:25:07.0791 0x12c8 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:25:07.0861 0x12c8 tssecsrv - ok
11:25:07.0910 0x12c8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:25:08.0003 0x12c8 TsUsbFlt - ok
11:25:08.0046 0x12c8 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:25:08.0122 0x12c8 TsUsbGD - ok
11:25:08.0191 0x12c8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:25:08.0321 0x12c8 tunnel - ok
11:25:08.0348 0x12c8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:25:08.0387 0x12c8 uagp35 - ok
11:25:08.0442 0x12c8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:25:08.0608 0x12c8 udfs - ok
11:25:08.0667 0x12c8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:25:08.0728 0x12c8 UI0Detect - ok
11:25:08.0805 0x12c8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:25:08.0841 0x12c8 uliagpkx - ok
11:25:08.0901 0x12c8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:25:08.0985 0x12c8 umbus - ok
11:25:09.0017 0x12c8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
11:25:09.0078 0x12c8 UmPass - ok
11:25:09.0145 0x12c8 [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
11:25:09.0171 0x12c8 UnlockerDriver5 - ok
11:25:09.0244 0x12c8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
11:25:09.0404 0x12c8 upnphost - ok
11:25:09.0452 0x12c8 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
11:25:09.0566 0x12c8 usbccgp - ok
11:25:09.0635 0x12c8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:25:09.0727 0x12c8 usbcir - ok
11:25:09.0761 0x12c8 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:25:09.0823 0x12c8 usbehci - ok
11:25:09.0860 0x12c8 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
11:25:09.0947 0x12c8 usbhub - ok
11:25:09.0986 0x12c8 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:25:10.0039 0x12c8 usbohci - ok
11:25:10.0077 0x12c8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:25:10.0139 0x12c8 usbprint - ok
11:25:10.0183 0x12c8 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
11:25:10.0279 0x12c8 USBSTOR - ok
11:25:10.0312 0x12c8 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:25:10.0372 0x12c8 usbuhci - ok
11:25:10.0445 0x12c8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:25:10.0570 0x12c8 usbvideo - ok
11:25:10.0637 0x12c8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
11:25:10.0752 0x12c8 UxSms - ok
11:25:10.0777 0x12c8 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc C:\Windows\system32\lsass.exe
11:25:10.0829 0x12c8 VaultSvc - ok
11:25:10.0911 0x12c8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:25:10.0944 0x12c8 vdrvroot - ok
11:25:11.0019 0x12c8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
11:25:11.0158 0x12c8 vds - ok
11:25:11.0183 0x12c8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:25:11.0226 0x12c8 vga - ok
11:25:11.0234 0x12c8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:25:11.0348 0x12c8 VgaSave - ok
11:25:11.0382 0x12c8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:25:11.0423 0x12c8 vhdmp - ok
11:25:11.0458 0x12c8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
11:25:11.0491 0x12c8 viaide - ok
11:25:11.0552 0x12c8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:25:11.0589 0x12c8 volmgr - ok
11:25:11.0617 0x12c8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:25:11.0673 0x12c8 volmgrx - ok
11:25:11.0709 0x12c8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:25:11.0767 0x12c8 volsnap - ok
11:25:11.0794 0x12c8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:25:11.0838 0x12c8 vsmraid - ok
11:25:11.0974 0x12c8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
11:25:12.0212 0x12c8 VSS - ok
11:25:12.0271 0x12c8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:25:12.0328 0x12c8 vwifibus - ok
11:25:12.0382 0x12c8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:25:12.0437 0x12c8 vwififlt - ok
11:25:12.0515 0x12c8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] w32time C:\Windows\system32\w32time.DLL
11:25:12.0677 0x12c8 w32time - ok
11:25:12.0731 0x12c8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:25:12.0782 0x12c8 WacomPen - ok
11:25:12.0830 0x12c8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:25:12.0955 0x12c8 WANARP - ok
11:25:12.0978 0x12c8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:25:13.0085 0x12c8 Wanarpv6 - ok
11:25:13.0209 0x12c8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:25:13.0347 0x12c8 WatAdminSvc - ok
11:25:13.0485 0x12c8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
11:25:13.0763 0x12c8 wbengine - ok
11:25:13.0858 0x12c8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:25:13.0927 0x12c8 WbioSrvc - ok
11:25:13.0958 0x12c8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:25:14.0064 0x12c8 wcncsvc - ok
11:25:14.0139 0x12c8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:25:14.0236 0x12c8 WcsPlugInService - ok
11:25:14.0281 0x12c8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
11:25:14.0310 0x12c8 Wd - ok
11:25:14.0391 0x12c8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:25:14.0489 0x12c8 Wdf01000 - ok
11:25:14.0546 0x12c8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:25:14.0595 0x12c8 WdiServiceHost - ok
11:25:14.0605 0x12c8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:25:14.0645 0x12c8 WdiSystemHost - ok
11:25:14.0691 0x12c8 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
11:25:14.0777 0x12c8 WebClient - ok
11:25:14.0826 0x12c8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:25:14.0988 0x12c8 Wecsvc - ok
11:25:15.0229 0x12c8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:25:15.0404 0x12c8 wercplsupport - ok
11:25:15.0581 0x12c8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
11:25:15.0832 0x12c8 WerSvc - ok
11:25:15.0930 0x12c8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:25:16.0041 0x12c8 WfpLwf - ok
11:25:16.0184 0x12c8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:25:16.0236 0x12c8 WIMMount - ok
11:25:16.0331 0x12c8 WinDefend - ok
11:25:16.0369 0x12c8 WinHttpAutoProxySvc - ok
11:25:16.0799 0x12c8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:25:16.0941 0x12c8 Winmgmt - ok
11:25:17.0212 0x12c8 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
11:25:17.0515 0x12c8 WinRM - ok
11:25:17.0695 0x12c8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:25:17.0837 0x12c8 Wlansvc - ok
11:25:18.0165 0x12c8 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:25:18.0399 0x12c8 wlidsvc - ok
11:25:18.0456 0x12c8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:25:18.0492 0x12c8 WmiAcpi - ok
11:25:18.0548 0x12c8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:25:18.0596 0x12c8 wmiApSrv - ok
11:25:18.0640 0x12c8 WMPNetworkSvc - ok
11:25:18.0677 0x12c8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:25:18.0731 0x12c8 WPCSvc - ok
11:25:18.0767 0x12c8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:25:18.0849 0x12c8 WPDBusEnum - ok
11:25:18.0887 0x12c8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:25:19.0000 0x12c8 ws2ifsl - ok
11:25:19.0083 0x12c8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
11:25:19.0165 0x12c8 wscsvc - ok
11:25:19.0180 0x12c8 WSearch - ok
11:25:19.0425 0x12c8 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
11:25:19.0685 0x12c8 wuauserv - ok
11:25:19.0751 0x12c8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:25:19.0834 0x12c8 WudfPf - ok
11:25:19.0889 0x12c8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:25:19.0938 0x12c8 WUDFRd - ok
11:25:20.0023 0x12c8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:25:20.0070 0x12c8 wudfsvc - ok
11:25:20.0151 0x12c8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:25:20.0268 0x12c8 WwanSvc - ok
11:25:20.0308 0x12c8 ================ Scan global ===============================
11:25:20.0350 0x12c8 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:25:20.0400 0x12c8 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:25:20.0436 0x12c8 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:25:20.0508 0x12c8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:25:20.0564 0x12c8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:25:20.0586 0x12c8 [ Global ] - ok
11:25:20.0587 0x12c8 ================ Scan MBR ==================================
11:25:20.0643 0x12c8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:25:23.0899 0x12c8 \Device\Harddisk0\DR0 - ok
11:25:23.0922 0x12c8 [ 0519801742033545B239298C04AE2289 ] \Device\Harddisk1\DR1
11:25:24.0114 0x12c8 \Device\Harddisk1\DR1 - ok
11:25:24.0118 0x12c8 ================ Scan VBR ==================================
11:25:24.0158 0x12c8 [ D378509051629AF0D2B093884432E56A ] \Device\Harddisk0\DR0\Partition1
11:25:24.0162 0x12c8 \Device\Harddisk0\DR0\Partition1 - ok
11:25:24.0175 0x12c8 [ F9FE089FE0DA81B34193363F3E8EF982 ] \Device\Harddisk1\DR1\Partition1
11:25:24.0178 0x12c8 \Device\Harddisk1\DR1\Partition1 - ok
11:25:24.0183 0x12c8 ================ Scan generic autorun ======================
11:25:24.0402 0x12c8 [ A7639314CA87DB6FDDD1C407590411ED, 86DB9918453495D7B5A31DBCA3EE99E8875E0F6490744683BE0795F6F1962C4D ] C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
11:25:24.0537 0x12c8 QHSafeTray - ok
11:25:24.0656 0x12c8 [ 60B65F97C12BA30CD36450D376227C02, D06598F2F203CEC7A7A3857F727BC2BA457C1C0CEF2787B90CE553407FBF8536 ] C:\Program Files (x86)\NetTime\NetTime.exe
11:25:24.0806 0x12c8 NetTime - detected UnsignedFile.Multi.Generic ( 1 )
11:25:25.0185 0x12c8 Detect skipped due to KSN trusted
11:25:25.0185 0x12c8 NetTime - ok
11:25:25.0331 0x12c8 [ 1EF473CBBD485BF6EA1F6D3CEE7062A2, 534090689DA752A74F5A62DEDE19C7B09C67ED67C25A0734BA4E959FA1C2F4F0 ] C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe
11:25:25.0427 0x12c8 DefragTaskBar - ok
11:25:25.0430 0x12c8 Sidebar - ok
11:25:25.0480 0x12c8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:25:25.0540 0x12c8 mctadmin - ok
11:25:25.0541 0x12c8 Sidebar - ok
11:25:25.0555 0x12c8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:25:25.0613 0x12c8 mctadmin - ok
11:25:25.0806 0x12c8 [ C1DE156BD17A08A294C61C28981CCAD5, BCB8351A3F00126F0DD70C9FD72ED8CBEA692E76D1C377ECF8762E822DC31DDF ] C:\Users\Lon\AppData\Local\FluxSoftware\Flux\flux.exe
11:25:25.0911 0x12c8 f.lux - ok
11:25:26.0154 0x12c8 [ AAE92457F50F4DD74E2D502ADB9549EE, 70C8FBE410FE388D6B85334215EBE3393C16E8F8B19F5A8BA50DB6DF23196D50 ] C:\Users\Lon\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:25:26.0304 0x12c8 OneDrive - ok
11:25:26.0795 0x12c8 [ C75D54CB620CE0054413D2A0197A45D4, A7E4A1B0F6059D4FB46499718A77FFC686EAAD55F55A71644AD0455AF0B0CC27 ] C:\Users\Lon\AppData\Local\RadioSure\RadioSure.exe
11:25:26.0972 0x12c8 RadioSure - detected UnsignedFile.Multi.Generic ( 1 )
11:25:27.0178 0x12c8 Detect skipped due to KSN trusted
11:25:27.0178 0x12c8 RadioSure - ok
11:25:27.0179 0x12c8 Waiting for KSN requests completion. In queue: 6
11:25:28.0279 0x12c8 AV detected via SS2: 360 Total Security, C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ( 8.8.0.1001 ), 0x51000 ( enabled : updated )
11:25:28.0316 0x12c8 Win FW state via NFP2: enabled ( trusted )
11:25:28.0551 0x12c8 ============================================================
11:25:28.0551 0x12c8 Scan finished
11:25:28.0551 0x12c8 ============================================================
11:25:28.0569 0x1260 Detected object count: 0
11:25:28.0569 0x1260 Actual detected object count: 0
 
Download
51c590ce361e7-ComboFix_resized_2.png
ComboFix via n van deze locaties:
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!

Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
ComboFix opstarten:
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op ComboFix.exe en kies voor "Als Administrator uitvoeren".
ComboFix is opgestart:
  • Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
  • Combofix sluit tijdens de scan de internet verbinding probeer deze tussentijds niet te herstellen!
  • Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
  • Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
  • Post de inhoud van dit logbestand via DDRMMR's kleurcodeerder in je volgende bericht.
  • Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt
Belangrijke opmerking:
  • Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Start dan de computer opnieuw op.
 
[hjt]
combofix 17-02-24.01 - lon 08-03-2017 13:00:54.1.2 - x64
microsoft windows 7 home premium 6.1.7601.1.1252.31.1043.18.3956.2532 [gmt 1:00]
gestart vanuit: c:\users\lon\desktop\combofix.exe
av: 360 total security *disabled/updated* {2b66ee1e-e5c8-c2f7-648f-4e55ac68d37d}
sp: 360 total security *disabled/updated* {90070ffa-c3f2-cd79-5e3f-7527d7ef99c0}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
.
(((((((((((((((((((((((((((((((((( andere verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\syswow64\packet.dll
c:\windows\syswow64\pthreadvc.dll
c:\windows\syswow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( drivers/services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\legacy_npf
-------\service_npf
.
.
(((((((((((((((((((( bestanden gemaakt van 2017-02-08 to 2017-03-08 ))))))))))))))))))))))))))))))
.
.
2017-03-08 11:56 . 2017-03-08 11:56 -------- d-----r- c:\superdelete
2017-03-08 10:15 . 2017-03-08 10:15 -------- d-----w- c:\onedrivetemp
2017-03-07 16:02 . 2017-03-07 16:02 613320 ----a-w- c:\program files\mozilla firefox\minidump-analyzer.exe
2017-03-07 15:48 . 2017-03-07 15:48 -------- d-----r- c:\users\lon\searches
2017-03-07 14:50 . 2017-03-07 15:51 -------- d-----w- c:\program files\processexplorer
2017-03-06 20:17 . 2017-03-06 21:33 -------- d-----w- c:\frst
2017-03-03 11:52 . 2017-03-03 11:52 -------- d-----w- c:\users\lon\appdata\roaming\donationcoder
2017-03-02 11:48 . 2017-03-06 19:32 -------- d--h--w- c:\users\lon\nieuwe map f
2017-03-01 12:55 . 2017-03-01 12:55 -------- d-----w- c:\users\lon\appdata\roaming\cinchaudiorecorder
2017-03-01 12:55 . 2017-03-01 12:55 -------- d-----w- c:\cinch solutions
2017-03-01 12:55 . 2017-03-01 12:55 -------- d-----w- c:\program files (x86)\cinch audio recorder
2017-02-28 11:41 . 2017-02-28 11:41 -------- d-----w- c:\users\lon\appdata\roaming\kc softwares
2017-02-28 11:41 . 2017-02-28 11:41 -------- d-----w- c:\program files (x86)\kc softwares
2017-02-25 14:11 . 2017-02-25 14:11 -------- d-----w- c:\users\lon\appdata\local\video enhancer
2017-02-25 14:10 . 2012-07-21 11:54 122880 ----a-w- c:\windows\syswow64\ac3acm.acm
2017-02-25 14:10 . 2016-05-08 15:19 3621888 ----a-w- c:\windows\syswow64\x264vfw.dll
2017-02-25 14:09 . 2017-02-25 14:10 -------- d-----w- c:\program files (x86)\video enhancer 2
2017-02-23 08:37 . 2017-02-02 16:32 1285632 ----a-w- c:\windows\system32\aeinv.dll
2017-02-23 08:37 . 2016-12-31 15:36 233984 ----a-w- c:\windows\system32\aepic.dll
2017-02-23 08:37 . 2016-12-31 15:36 1609216 ----a-w- c:\windows\system32\appraiser.dll
2017-02-23 08:37 . 2017-02-02 14:06 650752 ----a-w- c:\windows\system32\generaltel.dll
2017-02-23 08:37 . 2016-12-31 15:36 335360 ----a-w- c:\windows\system32\invagent.dll
2017-02-23 08:37 . 2016-12-31 15:36 556544 ----a-w- c:\windows\system32\devinv.dll
2017-02-23 08:37 . 2016-12-31 15:36 293376 ----a-w- c:\windows\system32\centel.dll
2017-02-23 08:37 . 2017-02-02 16:36 84712 ----a-w- c:\windows\system32\compattelrunner.exe
2017-02-23 08:37 . 2016-12-31 15:36 133632 ----a-w- c:\windows\system32\acmigration.dll
2017-02-22 09:50 . 2017-02-22 11:43 -------- d-----w- c:\users\lon\appdata\local\black bird cleaner software
2017-02-22 09:49 . 2017-02-22 09:49 -------- d-----w- c:\program files (x86)\black bird cleaner
2017-02-19 19:24 . 2017-02-19 19:24 -------- d-----w- c:\users\lon\appdata\local\crashrpt
2017-02-19 15:47 . 2017-02-19 15:47 -------- d-----w- c:\users\lon\appdata\local\eset
2017-02-19 10:22 . 2017-02-19 10:27 -------- d-----w- c:\program files (x86)\meesoft
2017-02-19 10:05 . 2017-02-19 10:05 -------- d-----w- c:\program files\stinger
2017-02-17 15:52 . 2017-02-17 15:52 -------- d-----w- c:\users\lon\appdata\local\chromium
2017-02-17 15:52 . 2017-02-17 16:19 -------- d-----w- c:\program files\srware iron (64-bit)
2017-02-13 19:09 . 2017-03-07 10:34 -------- d-----w- c:\users\lon\appdata\roaming\everything
2017-02-13 19:09 . 2017-02-13 19:09 -------- d-----w- c:\program files\everything
2017-02-10 11:57 . 2017-02-10 11:57 859080 ----a-w- c:\windows\yowindow.scr
2017-02-09 10:19 . 2017-02-09 10:19 -------- d-----w- c:\users\lon\appdata\local\4kdownload.com
2017-02-09 10:18 . 2017-02-09 10:18 -------- d-----w- c:\program files (x86)\4kdownload
2017-02-07 19:01 . 2009-08-24 20:13 34304 ----a-w- c:\windows\system32\dfsdkbt.exe
2017-02-07 09:31 . 2017-02-07 09:31 -------- d-----w- c:\users\lon\appdata\roaming\crystalidea software
.
.
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-03-05 13:23 . 2016-12-24 21:49 251840 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2017-03-02 09:16 . 2017-02-04 16:26 92712 ----a-w- c:\windows\system32\drivers\hmpnet.sys
2017-03-02 09:16 . 2017-02-04 16:26 909448 ----a-w- c:\windows\system32\hmpalert.dll
2017-03-02 09:16 . 2017-02-04 16:26 840328 ----a-w- c:\windows\syswow64\hmpalert.dll
2017-03-02 09:16 . 2017-02-04 16:26 274816 ----a-w- c:\windows\system32\drivers\hmpalert.sys
2017-02-24 05:23 . 2016-12-24 21:48 77408 ----a-w- c:\windows\system32\drivers\mbae64.sys
2017-02-23 08:39 . 2016-05-12 03:56 138020592 -c--a-w- c:\windows\system32\mrt.exe
2017-02-17 15:54 . 2016-05-10 12:09 802904 ----a-w- c:\windows\syswow64\flashplayerapp.exe
2017-02-17 15:54 . 2016-05-10 12:09 144472 ----a-w- c:\windows\syswow64\flashplayercplapp.cpl
2017-01-20 11:30 . 2016-10-12 16:22 27552 ----a-w- c:\windows\syswow64\drivers\hwinfo64a.sys
2017-01-07 08:50 . 2012-07-17 13:37 24800 ----a-w- c:\programdata\microsoft\identitycrl\production\ppcrlconfig600.dll
2017-01-05 18:55 . 2017-01-11 09:38 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-01-05 18:55 . 2017-01-11 09:38 154856 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-01-05 18:52 . 2017-01-11 09:38 210432 ----a-w- c:\windows\system32\wdigest.dll
2017-01-05 18:52 . 2017-01-11 09:38 86528 ----a-w- c:\windows\system32\tspkg.dll
2017-01-05 18:52 . 2017-01-11 09:38 28672 ----a-w- c:\windows\system32\sspisrv.dll
2017-01-05 18:52 . 2017-01-11 09:38 135680 ----a-w- c:\windows\system32\sspicli.dll
2017-01-05 18:52 . 2017-01-11 09:38 345600 ----a-w- c:\windows\system32\schannel.dll
2017-01-05 18:52 . 2017-01-11 09:38 1212928 ----a-w- c:\windows\system32\rpcrt4.dll
2017-01-05 18:52 . 2017-01-11 09:38 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-01-05 18:52 . 2017-01-11 09:38 28160 ----a-w- c:\windows\system32\secur32.dll
2017-01-05 18:52 . 2017-01-11 09:38 312320 ----a-w- c:\windows\system32\ncrypt.dll
2017-01-05 18:52 . 2017-01-11 09:38 316928 ----a-w- c:\windows\system32\msv1_0.dll
2017-01-05 18:52 . 2017-01-11 09:38 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-01-05 18:52 . 2017-01-11 09:38 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-01-05 18:52 . 2017-01-11 09:38 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2017-01-05 18:52 . 2017-01-11 09:38 730624 ----a-w- c:\windows\system32\kerberos.dll
2017-01-05 18:52 . 2017-01-11 09:38 43520 ----a-w- c:\windows\system32\cryptbase.dll
2017-01-05 18:52 . 2017-01-11 09:38 22016 ----a-w- c:\windows\system32\credssp.dll
2017-01-05 18:52 . 2017-01-11 09:38 463872 ----a-w- c:\windows\system32\certcli.dll
2017-01-05 18:52 . 2017-01-11 09:38 123904 ----a-w- c:\windows\system32\bcrypt.dll
2017-01-05 18:52 . 2017-01-11 09:38 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-01-05 17:43 . 2017-01-11 09:38 96768 ----a-w- c:\windows\syswow64\sspicli.dll
2017-01-05 17:43 . 2017-01-11 09:38 666112 ----a-w- c:\windows\syswow64\rpcrt4.dll
2017-01-05 17:43 . 2017-01-11 09:38 82944 ----a-w- c:\windows\syswow64\bcrypt.dll
2017-01-05 17:43 . 2017-01-11 09:38 172032 ----a-w- c:\windows\syswow64\wdigest.dll
2017-01-05 17:43 . 2017-01-11 09:38 65536 ----a-w- c:\windows\syswow64\tspkg.dll
2017-01-05 17:43 . 2017-01-11 09:38 254464 ----a-w- c:\windows\syswow64\schannel.dll
2017-01-05 17:43 . 2017-01-11 09:38 22016 ----a-w- c:\windows\syswow64\secur32.dll
2017-01-05 17:43 . 2017-01-11 09:38 141312 ----a-w- c:\windows\syswow64\rpchttp.dll
2017-01-05 17:43 . 2017-01-11 09:38 261120 ----a-w- c:\windows\syswow64\msv1_0.dll
2017-01-05 17:43 . 2017-01-11 09:38 223232 ----a-w- c:\windows\syswow64\ncrypt.dll
2017-01-05 17:43 . 2017-01-11 09:38 60416 ----a-w- c:\windows\syswow64\msobjs.dll
2017-01-05 17:43 . 2017-01-11 09:38 146432 ----a-w- c:\windows\syswow64\msaudite.dll
2017-01-05 17:43 . 2017-01-11 09:38 553472 ----a-w- c:\windows\syswow64\kerberos.dll
2017-01-05 17:43 . 2017-01-11 09:38 17408 ----a-w- c:\windows\syswow64\credssp.dll
2017-01-05 17:43 . 2017-01-11 09:38 342528 ----a-w- c:\windows\syswow64\certcli.dll
2017-01-05 17:42 . 2017-01-11 09:38 690688 ----a-w- c:\windows\syswow64\adtschema.dll
2017-01-05 17:32 . 2017-01-11 09:38 64000 ----a-w- c:\windows\system32\auditpol.exe
2017-01-05 17:25 . 2017-01-11 09:38 159744 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2017-01-05 17:24 . 2017-01-11 09:38 291328 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2017-01-05 17:24 . 2017-01-11 09:38 129536 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2017-01-05 17:24 . 2017-01-11 09:38 30720 ----a-w- c:\windows\system32\lsass.exe
2017-01-05 17:23 . 2017-01-11 09:38 50176 ----a-w- c:\windows\syswow64\auditpol.exe
2017-01-05 17:19 . 2017-01-11 09:38 36352 ----a-w- c:\windows\syswow64\cryptbase.dll
2016-12-24 21:49 . 2016-12-24 21:49 102856 ----a-w- c:\windows\system32\drivers\farflt.sys
2016-12-24 21:49 . 2016-12-24 21:49 81696 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-12-24 21:49 . 2016-12-24 21:49 43968 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-12-22 08:00 . 2016-08-10 11:04 660128 ----a-w- c:\windows\msvcp120.dll
2012-05-11 12:16 . 2012-05-11 12:16 171520 ----a-w- c:\program files (x86)\common files\dsfoggdemux2.dll
2011-04-18 20:51 . 2011-04-18 20:51 653136 ----a-w- c:\program files (x86)\common files\msvcr90.dll
2011-04-18 20:51 . 2011-04-18 20:51 569680 ----a-w- c:\program files (x86)\common files\msvcp90.dll
2011-01-12 00:00 . 2011-01-12 00:00 30208 ----a-w- c:\program files (x86)\common files\wmpinfo.dll
2011-01-12 00:00 . 2011-01-12 00:00 240128 ----a-w- c:\program files (x86)\common files\dsfvorbisdecoder.dll
2011-01-12 00:00 . 2011-01-12 00:00 146944 ----a-w- c:\program files (x86)\common files\dsfflacdecoder.dll
2011-01-12 00:00 . 2011-01-12 00:00 221184 ----a-w- c:\program files (x86)\common files\dsfflacencoder.dll
2011-01-12 00:00 . 2011-01-12 00:00 204800 ----a-w- c:\program files (x86)\common files\dsfnativeflacsource.dll
2010-12-16 19:39 . 2010-12-16 19:39 302592 ----a-w- c:\program files (x86)\common files\webmmux.dll
2010-12-16 19:39 . 2010-12-16 19:39 701440 ----a-w- c:\program files (x86)\common files\vp8encoder.dll
2010-12-16 19:39 . 2010-12-16 19:39 412672 ----a-w- c:\program files (x86)\common files\vp8decoder.dll
2010-12-16 19:39 . 2010-12-16 19:39 292352 ----a-w- c:\program files (x86)\common files\webmsplit.dll
.
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ mega (pending)]
@="{056d528d-ce28-4194-9ba3-ba2e9197ff8c}"
[hkey_classes_root\clsid\{056d528d-ce28-4194-9ba3-ba2e9197ff8c}]
2016-12-15 10:51 564736 ----a-w- c:\programdata\megasync\shellextx32.dll
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ mega (synced)]
@="{05b38830-f4e9-4329-978b-1dd28605d202}"
[hkey_classes_root\clsid\{05b38830-f4e9-4329-978b-1dd28605d202}]
2016-12-15 10:51 564736 ----a-w- c:\programdata\megasync\shellextx32.dll
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ mega (syncing)]
@="{0596c850-7bdd-4c9d-afdf-873be6890637}"
[hkey_classes_root\clsid\{0596c850-7bdd-4c9d-afdf-873be6890637}]
2016-12-15 10:51 564736 ----a-w- c:\programdata\megasync\shellextx32.dll
.
[hkey_current_user\software\microsoft\windows\currentversion\run]
"f.lux"=c:\users\lon\appdata\local\fluxsoftware\flux\flux.exe [2016-12-06 1024240]
"onedrive"=c:\users\lon\appdata\local\microsoft\onedrive\onedrive.exe [2017-03-04 1518304]
"radiosure"=c:\users\lon\appdata\local\radiosure\radiosure.exe [2016-01-28 2876416]
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run]
"qhsafetray"=c:\program files (x86)\360\total security\safemon\qhsafetray.exe [2016-08-10 1153448]
"nettime"=c:\program files (x86)\nettime\nettime.exe [2012-05-12 772096]
"defragtaskbar"=c:\program files (x86)\ashampoo\ashampoo magical defrag 3\defragtaskbar.exe [2009-12-16 927072]
.
c:\users\lon\appdata\roaming\microsoft\windows\start menu\programs\startup\
yowindow.lnk - c:\program files (x86)\yowindow\yowindow.exe -mt [2017-2-10 1141192]
.
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioruser"= 3 (0x3)
"enableuiadesktoptoggle"= 0 (0x0)
.
[hkey_current_user\software\microsoft\windows\currentversion\policies\explorer]
"nosimplenetidlist"= 1 (0x1)
"noresolvetrack"= 0
.
[hkey_local_machine\software\policies\microsoft\windows\windowsupdate\au]
"noautoupdate"=
.
[hkey_local_machine\software\wow6432node\microsoft\windows nt\currentversion\windows]
"loadappinit_dlls"=1 (0x1)
.
[hkey_local_machine\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\hitmanpro37]
@=""
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\hitmanpro37.sys]
@=""
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\mbamservice]
@="service"
.
r2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [x]
r3 360avflt;360avflt mini-filter driver;c:\windows\system32\drivers\360avflt.sys;c:\windows\sysnative\drivers\360avflt.sys [x]
r3 360box64;360box mini-filter driver;c:\windows\system32\drivers\360box64.sys;c:\windows\sysnative\drivers\360box64.sys [x]
r3 becwssvr;e.dentifier2 connector service;c:\program files (x86)\abn amro e.dentifier2\wss\becwssvr.exe;c:\program files (x86)\abn amro e.dentifier2\wss\becwssvr.exe [x]
r3 cvhsvc;client virtualization handler;c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe;c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe [x]
r3 dfx11_1;dfx audio enhancer 11.1;c:\windows\system32\drivers\dfx11_1x64.sys;c:\windows\sysnative\drivers\dfx11_1x64.sys [x]
r3 e.dentifier2;smartcard reader abn amro e.dentifier2;c:\windows\system32\drivers\aabed2.sys;c:\windows\sysnative\drivers\aabed2.sys [x]
r3 ieetwcollectorservice;internet explorer etw collector service;c:\windows\system32\ieetwcollector.exe;c:\windows\sysnative\ieetwcollector.exe [x]
r3 k57nd;broadcom netlink gigabit ethernet;c:\windows\system32\drivers\k57amd64.sys;c:\windows\sysnative\drivers\k57amd64.sys [x]
r3 keycrypt;keycrypt;c:\windows\system32\drivers\keycrypt64.sys;c:\windows\sysnative\drivers\keycrypt64.sys [x]
r3 mbamservice;malwarebytes service;c:\program files\malwarebytes\anti-malware\mbamservice.exe;c:\program files\malwarebytes\anti-malware\mbamservice.exe [x]
r3 mda_ntdrv;mda_ntdrv;c:\windows\system32\mda_ntdrv.sys;c:\windows\sysnative\mda_ntdrv.sys [x]
r3 pcwinsoft;screencamera video camera;c:\windows\system32\drivers\scrcamhrdrv_x64.sys;c:\windows\sysnative\drivers\scrcamhrdrv_x64.sys [x]
r3 rdpvideominiport;remote desktop video miniport driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\sysnative\drivers\rdpvideominiport.sys [x]
r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\sysnative\drivers\tsusbflt.sys [x]
r3 tsusbgd;remote desktop generic usb device;c:\windows\system32\drivers\tsusbgd.sys;c:\windows\sysnative\drivers\tsusbgd.sys [x]
r3 watadminsvc;windows activation technologies-service;c:\windows\system32\wat\watadminsvc.exe;c:\windows\sysnative\wat\watadminsvc.exe [x]
r4 amd external events utility;amd external events utility;c:\windows\system32\atiesrxx.exe;c:\windows\sysnative\atiesrxx.exe [x]
r4 ctupnpsv;creative centrale media server;c:\program files (x86)\creative\creative centrale\ctupnpsv.exe;c:\program files (x86)\creative\creative centrale\ctupnpsv.exe [x]
s0 mbamswissarmy;mbamswissarmy;c:\windows\system32\drivers\mbamswissarmy.sys;c:\windows\sysnative\drivers\mbamswissarmy.sys [x]
s1 360camera;360safe camera filter service;c:\windows\system32\drivers\360camera64.sys;c:\windows\sysnative\drivers\360camera64.sys [x]
s1 360fsflt;360fsflt mini-filter driver;c:\windows\system32\drivers\360fsflt.sys;c:\windows\sysnative\drivers\360fsflt.sys [x]
s1 bapidrv;bapidrv;c:\windows\system32\drivers\bapidrv64.sys;c:\windows\sysnative\drivers\bapidrv64.sys [x]
s1 hwinfo32;hwinfo32/64 kernel driver;c:\windows\syswow64\drivers\hwinfo64a.sys;c:\windows\syswow64\drivers\hwinfo64a.sys [x]
s2 ashampoo defrag service;ashampoo defrag service;c:\program files (x86)\ashampoo\ashampoo magical defrag 3\defragservice.exe;c:\program files (x86)\ashampoo\ashampoo magical defrag 3\defragservice.exe [x]
s2 diagtrack;diagnostics tracking service;c:\windows\system32\svchost.exe;c:\windows\sysnative\svchost.exe [x]
s2 hmpalertsvc;hitmanpro.alert service;c:\program files (x86)\hitmanpro.alert\hmpalert.exe;c:\program files (x86)\hitmanpro.alert\hmpalert.exe [x]
s2 nettimesvc;nettime;c:\program files (x86)\nettime\nettimeservice.exe;c:\program files (x86)\nettime\nettimeservice.exe [x]
s2 qhactivedefense;360 total security;c:\program files (x86)\360\total security\safemon\qhactivedefense.exe;c:\program files (x86)\360\total security\safemon\qhactivedefense.exe [x]
s2 sftlist;application virtualization client;c:\program files (x86)\microsoft application virtualization client\sftlist.exe;c:\program files (x86)\microsoft application virtualization client\sftlist.exe [x]
s3 360antihacker;360safe anti hacker service;c:\windows\system32\drivers\360antihacker64.sys;c:\windows\sysnative\drivers\360antihacker64.sys [x]
s3 atihdaudioservice;amd function driver for hd audio service;c:\windows\system32\drivers\atihdw76.sys;c:\windows\sysnative\drivers\atihdw76.sys [x]
s3 hecix64;intel(r) management engine interface;c:\windows\system32\drivers\hecix64.sys;c:\windows\sysnative\drivers\hecix64.sys [x]
s3 hmpalert;hitmanpro.alert support driver;c:\windows\system32\drivers\hmpalert.sys;c:\windows\sysnative\drivers\hmpalert.sys [x]
s3 hmpnet;hitmanpro.alert network driver;c:\windows\system32\drivers\hmpnet.sys;c:\windows\sysnative\drivers\hmpnet.sys [x]
s3 k57nd60a;broadcom netlink (tm) gigabit ethernet - ndis 6.0;c:\windows\system32\drivers\k57nd60a.sys;c:\windows\sysnative\drivers\k57nd60a.sys [x]
s3 sftfs;sftfs;c:\windows\system32\drivers\sftfswin7.sys;c:\windows\sysnative\drivers\sftfswin7.sys [x]
s3 sftplay;sftplay;c:\windows\system32\drivers\sftplaywin7.sys;c:\windows\sysnative\drivers\sftplaywin7.sys [x]
s3 sftredir;sftredir;c:\windows\system32\drivers\sftredirwin7.sys;c:\windows\sysnative\drivers\sftredirwin7.sys [x]
s3 sftvol;sftvol;c:\windows\system32\drivers\sftvolwin7.sys;c:\windows\sysnative\drivers\sftvolwin7.sys [x]
s3 sftvsa;application virtualization service agent;c:\program files (x86)\microsoft application virtualization client\sftvsa.exe;c:\program files (x86)\microsoft application virtualization client\sftvsa.exe [x]
s3 smbdrvi;smbdrvi;c:\windows\system32\drivers\smb_driver_intel.sys;c:\windows\sysnative\drivers\smb_driver_intel.sys [x]
.
.
[hkey_local_machine\software\wow6432node\microsoft\windows nt\currentversion\svchost]
localserviceandnoimpersonation reg_multi_sz ssdpsrv upnphost scardsvr qwave wcncsvc
.
.
--------- x64 entries -----------
.
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ onedrive1]
@="{bbacc218-34ea-4666-9d7a-c78f2274a524}"
[hkey_classes_root\clsid\{bbacc218-34ea-4666-9d7a-c78f2274a524}]
2017-03-04 10:27 2170592 ----a-w- c:\users\lon\appdata\local\microsoft\onedrive\17.3.6798.0207\amd64\filesyncshell64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ onedrive2]
@="{5ab7172c-9c11-405c-8dd5-af20f3606282}"
[hkey_classes_root\clsid\{5ab7172c-9c11-405c-8dd5-af20f3606282}]
2017-03-04 10:27 2170592 ----a-w- c:\users\lon\appdata\local\microsoft\onedrive\17.3.6798.0207\amd64\filesyncshell64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ onedrive3]
@="{a78ed123-ab77-406b-9962-2a5d9d2f7f30}"
[hkey_classes_root\clsid\{a78ed123-ab77-406b-9962-2a5d9d2f7f30}]
2017-03-04 10:27 2170592 ----a-w- c:\users\lon\appdata\local\microsoft\onedrive\17.3.6798.0207\amd64\filesyncshell64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ onedrive4]
@="{f241c880-6982-4ce5-8cf7-7085ba96da5a}"
[hkey_classes_root\clsid\{f241c880-6982-4ce5-8cf7-7085ba96da5a}]
2017-03-04 10:27 2170592 ----a-w- c:\users\lon\appdata\local\microsoft\onedrive\17.3.6798.0207\amd64\filesyncshell64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ onedrive5]
@="{a0396a93-dc06-4aef-bee9-95ffccaef20e}"
[hkey_classes_root\clsid\{a0396a93-dc06-4aef-bee9-95ffccaef20e}]
2017-03-04 10:27 2170592 ----a-w- c:\users\lon\appdata\local\microsoft\onedrive\17.3.6798.0207\amd64\filesyncshell64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ ocerror]
@="{0960f090-f328-48a3-b746-276b1e3c3722}"
[hkey_classes_root\clsid\{0960f090-f328-48a3-b746-276b1e3c3722}]
2016-09-30 13:18 174592 ----a-w- c:\program files (x86)\stack\shellext\ocoverlays_x64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ ocok]
@="{0960f092-f328-48a3-b746-276b1e3c3722}"
[hkey_classes_root\clsid\{0960f092-f328-48a3-b746-276b1e3c3722}]
2016-09-30 13:18 174592 ----a-w- c:\program files (x86)\stack\shellext\ocoverlays_x64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ ocokshared]
@="{0960f093-f328-48a3-b746-276b1e3c3722}"
[hkey_classes_root\clsid\{0960f093-f328-48a3-b746-276b1e3c3722}]
2016-09-30 13:18 174592 ----a-w- c:\program files (x86)\stack\shellext\ocoverlays_x64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ ocsync]
@="{0960f094-f328-48a3-b746-276b1e3c3722}"
[hkey_classes_root\clsid\{0960f094-f328-48a3-b746-276b1e3c3722}]
2016-09-30 13:18 174592 ----a-w- c:\program files (x86)\stack\shellext\ocoverlays_x64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ ocwarning]
@="{0960f096-f328-48a3-b746-276b1e3c3722}"
[hkey_classes_root\clsid\{0960f096-f328-48a3-b746-276b1e3c3722}]
2016-09-30 13:18 174592 ----a-w- c:\program files (x86)\stack\shellext\ocoverlays_x64.dll
.
------- bijkomende scan -------
.
ulocal page = c:\windows\system32\blank.htm
ustart page =
uinternet settings,proxyserver = http=;ftp=;https=;
trusted zone: localhost
tcp: dhcpnameserver = 192.168.1.1
ff - profilepath - c:\users\lon\appdata\roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\
ff - prefs.js: browser.startup.homepage - hxxps://www.startpage.com/do/mypage.pl?prf=560e1f9228a853dfa11efc40434bb365
.
- - - - orphans verwijderd - - - -
.
addremove-creative centrale - c:\programdata\{b7fa0661-862b-4ae4-a12a-f08d226ed546}\setup.exe
addremove-creative software update - c:\programdata\{26d901a1-2540-4430-81dc-0317f01bd7be}\setup.exe
addremove-{4442ab48-dec4-4b39-b067-1f75bf8017e7} - c:\programdata\{b7fa0661-862b-4ae4-a12a-f08d226ed546}\setup.exe
addremove-{86604c06-da30-425e-aece-47304fe81c45} - c:\programdata\{26d901a1-2540-4430-81dc-0317f01bd7be}\setup.exe
.
.
.
--------------------- vergrendelde register sleutels ---------------------
.
[hkey_users\.default\software\ecnbw4uijzr3u2]
@denied: (b 2 3) (everyone)
.
[hkey_users\.default\software\locky]
@denied: (b 2 3) (everyone)
.
[hkey_users\.default\software\microsoft\windows\currentversion\explorer\fileexts\.eml\userchoice]
@denied: (2) (localsystem)
"progid"="windowslivemail.email.1"
.
[hkey_users\.default\software\microsoft\windows\currentversion\explorer\fileexts\.vcf\userchoice]
@denied: (2) (localsystem)
"progid"="windowslivemail.vcard.1"
.
[hkey_users\s-1-5-21-3985488779-3452437005-2477218925-1000\software\ecnbw4uijzr3u2]
@denied: (b 2 3) (everyone)
.
[hkey_users\s-1-5-21-3985488779-3452437005-2477218925-1000\software\locky]
@denied: (b 2 3) (everyone)
.
[hkey_users\s-1-5-21-3985488779-3452437005-2477218925-1000_classes\software\ecnbw4uijzr3u2]
@denied: (b 2 3) (everyone)
.
[hkey_users\s-1-5-21-3985488779-3452437005-2477218925-1000_classes\software\locky]
@denied: (b 2 3) (everyone)
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}]
@denied: (a 2) (everyone)
@="flashbroker"
"localizedstring"="@c:\\windows\\system32\\macromed\\flash\\flashutil64_24_0_0_221_activex.exe,-101"
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\elevation]
"enabled"=dword:00000001
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\localserver32]
@=c:\\windows\\system32\\macromed\\flash\\flashutil64_24_0_0_221_activex.exe
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
.
[hkey_local_machine\software\classes\interface\{299817da-1fac-4ce2-8f48-a108237013bd}]
@denied: (a 2) (everyone)
@="iflashbroker6"
.
[hkey_local_machine\software\classes\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\proxystubclsid32]
@="{00020424-0000-0000-c000-000000000046}"
.
[hkey_local_machine\software\classes\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
"version"="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}]
@denied: (a 2) (everyone)
@="flashbroker"
"localizedstring"="@c:\\windows\\syswow64\\macromed\\flash\\flashutil32_24_0_0_221_activex.exe,-101"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\elevation]
"enabled"=dword:00000001
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\localserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flashutil32_24_0_0_221_activex.exe
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}]
@denied: (a 2) (everyone)
@="shockwave flash object"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\inprocserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_24_0_0_221.ocx
"threadingmodel"="apartment"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\miscstatus]
@="0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\progid]
@="shockwaveflash.shockwaveflash.24"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_24_0_0_221.ocx, 1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\typelib]
@="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\version]
@="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
@="shockwaveflash.shockwaveflash"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}]
@denied: (a 2) (everyone)
@="macromedia flash factory object"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\inprocserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_24_0_0_221.ocx
"threadingmodel"="apartment"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\progid]
@="flashfactory.flashfactory.1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_24_0_0_221.ocx, 1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\typelib]
@="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\version]
@="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
@="flashfactory.flashfactory"
.
[hkey_local_machine\software\classes\wow6432node\interface\{299817da-1fac-4ce2-8f48-a108237013bd}]
@denied: (a 2) (everyone)
@="iflashbroker6"
.
[hkey_local_machine\software\classes\wow6432node\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\proxystubclsid32]
@="{00020424-0000-0000-c000-000000000046}"
.
[hkey_local_machine\software\classes\wow6432node\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
"version"="1.0"
.
[hkey_local_machine\system\controlset001\control\pcw\security]
@denied: (full) (everyone)
.
------------------------ andere aktieve processen ------------------------
.
c:\program files (x86)\creative\shared files\ctdevsrv.exe
c:\program files (x86)\ashampoo\ashampoo magical defrag 3\defragmonitorservice.exe
c:\program files (x86)\ashampoo\ashampoo magical defrag 3\defragactivitymonitor.exe
c:\program files (x86)\360\total security\safemon\qhwatchdog.exe
.
**************************************************************************
.
voltooingstijd: 2017-03-08 13:23:13 - machine werd herstart
combofix-quarantined-files.txt 2017-03-08 12:23
.
pre-run: 335.170.514.944 bytes beschikbaar
post-run: 334.809.600.000 bytes beschikbaar
.
- - end of file - - 9161b19e53e3a36d923c5f788c2c5c2d
a36c5e4f47e84449ff07ed3517b43a31

[/hjt]
 
Op zich gaat het goed, dank u. Het regent wel erg veel vandaag.

Geen geheugen waarschuwingen meer gehad.
 
Een uitstekend idee, Abraham54!

Over enkele dagen zal ik mij nog eens melden en alvast hartelijk dank tot nu toe.
 
Hallo Abraham54,

Inmiddels zijn wij 6 dagen ouder geworden, maar de meldingen over onvoldoende geheugen blijven onverminderd komen, juist zoals op de dagen voordat deze draad een aanvang nam.

Firefox, SRWare Iron, Windows, zij allen melden regelmatig onvoldoende geheugen te hebben en gisteren werd bijvoorbeeld zomaar uBlock Origin afgesloten en later hield Firefox er uit zichzelf mee op. Ik ben inmiddels van Qihu 360 Total Security Essential overgegaan naar Avast Free Antivirus, omdat Qihu een alsmaar zwaarder programma lijkt te worden. Dit heeft geen verschil gemaakt. Het lukte mij overigens niet om Panda te installeren, dat vond ik ook vreemd.
 
Doe het volgende:

System File Checker
Ga naar Start en typ in de zoekregel cmd - bovenaan in het startmenu zie je nu de betreffende snelkoppeling.
Klik deze snelkoppeling met rechts aan en kies voor Als administrator uitvoeren.

In het zwarte venster typ je nu sfc /scannow gevolgd door indrukken van de Entertoets.
Denk wel aan de spatie na 'sfc'.
In het zwarte venster zie je vervolgens de voortgang van de scan.
SFC (SystemFileChecker) houdt in dat systeembestanden gecontroleerd worden op juist funktioneren, zo nodig volgt reparatie.
Let goed op de laatste meldingen in het venster: indien aangegeven wordt, dat herstel afhankelijk is van opnieuw opstarten, doe dit dan.

Is de scan klaar en hoeft er niet gerebooted te worden, typ je Exit gevolgd door indrukken van de Entertoets.
Laat wel weten wat de melding in het zwarte venster na de scan was.
 
Nog nooit in mijn lange leven heb ik 'Exit' getypt (er zit gewoon een afsluitkruisje in) na afloop van 'sfc /scannow', een test die ik enkele keren per week uitvoer, gevolgd door het aanmaken van een herstelpunt.

Ook deze keer werden er gelukkig weer "geen schendingen van de integriteit" gevonden en ook nu heb ik weer een herstelpunt gemaakt.
 
Download Dr.Web CureIt en sla het op je bureaublad op.
  • Dubbelklik op drweb-cureit.exe en sta het tool toe om te express scan te starten.
    Zodra er een popup verschijnt met het voorstel tot kopen/50% korting mag je dezepopup sluiten.
  • De express scan zal de bestanden scannen die momenteel in het geheugen geladen zijn. Wanneer er iets gevonden wordt klik op 'alles selecteren' kies nu voor 'repareren' en in het kleine menutje dat verschijnt, kies je 'verplaatsen'.
  • Kies bovenaan in het menu voor Language/Taal en wijzig deze naar Dutch (Nederlands) indien deze bij jou anders staat ingesteld.
  • Druk op F9, kies daarna voor het tabblad Acties en stel daar het volgende in onder Malware:
    • Adware: Verplaats
    • Dialers: Verplaats
    • Jokes: Rapportage
    • Riskware: Rapportage
    • Hacktools: Verplaats
    • Haal dan het vinkje weg bij 'Prompt bij actie'.
  • Kies daarna voor het tabblad Scan en verwijder het vinkje bij Heuristische analyse.
    Druk vervolgens op Toepassen gevolgd door OK.
  • Eenmaal als de korte scan is beindigd vink je aan: Volledige scan.
    Druk daarna op het groene pijltje (start knop) om de scan te starten.
  • Gevonden bestanden worden naar '%USERPROFILE%\DocterWeb\Quarantine' -map verplaatst indien het herstellen niet mogelijk is.
  • Nadat de scan gedaan is ga dan naar Bestand en kies Rapportage lijst opslaan.
    Bewaar deze op je bureaublad en sluit daarna Dr.Web CureIt.
  • Herstart vervolgens de computer!! Dit is een belangrijke stap want het kan zijn dat Dr.Web CureIt bestanden zal verplaatsen/verwijderen tijdens herstart.
  • Na het herstarten, kopieer de inhoud van dat log en plak de inhoud daarvan mee in jouw volgende antwoord.
[/quote]
 
Er heeft een scan plaats gevonden. Er werden 14 bedreigingen gevonden: 1 van Ashampoo Magical Defrag (Boot time defragmentatie. Defragmenteren tijdens de opstart is nooit mijn bedoeling geweest) en 13 van iObit Uninstaller. Deze heb ik pas 3 dagen of zo en deze oninstalleerder kan dan ook niet de oorzaak zijn van het geheugenprobleem. Overigens had ik wel al geprobeerd de Uninstaller Monitor uit te schakelen, maar dit schijnt onmogelijk te zijn.

Overigens doet Dr. Web niet wat in de instructie staat: het enige wat verschijnt is "Neutralize". Dat heb ik gedaan en de 14 bedreigingen staan nu in quarantaine. Er is wel een log beschikbaar. Dit kan niet worden ge-upload via Beheer bijlagen, dus probeer ik de tekst te kopiren/plakken.

Resultaat: de tekst is te lang.

Start curing
-----------------------------------------------------------------------------

\Device\HarddiskVolume1\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe - quarantined, reboot required
\device\harddiskvolume1\program files (x86)\iobit\iobit uninstaller\uninstallexplorer.dll - quarantined, reboot required
\device\harddiskvolume1\program files (x86)\iobit\iobit uninstaller\iuservice.exe - quarantined
\device\harddiskvolume1\program files (x86)\iobit\iobit uninstaller\uninstallmenuright.dll - quarantined
\Device\HarddiskVolume1\Program Files (x86)\IObit\IObit Uninstaller\webres.dll - quarantined
\Device\HarddiskVolume1\Program Files (x86)\IObit\IObit Uninstaller\madexcept_.bpl - quarantined
\Device\HarddiskVolume1\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl - quarantined
\Device\HarddiskVolume1\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl - quarantined
\Device\HarddiskVolume1\Program Files (x86)\IObit\IObit Uninstaller\vclx120.bpl - quarantined
\Device\HarddiskVolume1\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll - quarantined
\Device\HarddiskVolume1\Program Files (x86)\IObit\IObit Uninstaller\rtl120.bpl - quarantined
\Device\HarddiskVolume1\Program Files (x86)\IObit\IObit Uninstaller\ExtPkg.dll - quarantined
\Device\HarddiskVolume1\Program Files (x86)\IObit\IObit Uninstaller\vcl120.bpl - quarantined
C:\Windows\system32\SmartDefragBootTime.exe - quarantined, reboot required

Total 8768201601 bytes in 34772 files scanned (45808 objects)
Total 34788 files (45758 objects) are clean
Total 14 files are infected
Total 14 files are neutralized
Total 36 files are raised error condition
Scan time is 00:45:29.815

Error to send CureIt! statistics: De naam of het adres van de server kan niet worden omgezet
(12007)
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan