• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

mijn computer valt geregeld uit....vroeger deeed hij dat niet..wel al oude computer

Status
Niet open voor verdere reacties.

pitrak

Vaak hier
Lid geworden
21 jul 2008
Berichten
684
Waarderingsscore
0
Hallo iedereen,


Mijn computer valt geregeld uit is wel al een oude maar kan dit zomaar of kan dit door spam zijn die ergens diep geworteld zit?


Ik moet hem dan telkens opnieuw opstarten..

Momenbteel geen budget voor nieuwe computer.


Iemand die weet hoe dit kan?
 
Je krijgt van mij twee opdrachten:

Stap 1
Post enkel de link, die je via onderstaand tool verkrijgt.

Download
51ec442687372-sp_64_Canned.png
Speccy van Piriform


Bij de installatie van "Speccy" wordt gevraagd om de Google Chrome webbrowser mee te installeren.
Indien je dit niet wenst, verwijder dan de vinkjes.

Speccy van Piriform opstarten:
  • Windows 2000 en Windows XP: start "Speccy" middels dubbelklikken.
  • Windows Vista, Windows 7, Windows 8/8.1 en Windows 10: start "Speccy" middels rechtsklik en dan kiezen voor Als Administrator uitvoeren.

Speccy van Piriform gebruiken:
  • nadat de analyse van Windows klaar is, plaatst "Speccy" de uitkomst daarvan in een nieuw venster.
  • Klik nu in de menubalk op Bestand (File) en kies voor Publiceren (Publish Snapshot)
  • Bevestig het publiceren door JA (Yes) te klikken.
  • Nu zal een pop-upvenster openen met daarin de vraag voor wel of niet publiceren.
    [*]Bevestig dat eerste dus.
    [*]Kopieer nu de link in het nieuw geopende webvenster en plak die link in jouw volgende bericht.

Stap 2
Download
51ec4de7e6926-MiniToolbox_Canned.png
MiniToolBox en plaats dit tool op jouw bureaublad.

Farbar MiniToolBox gebruiken:
  • Sluit nu eerst alle nog openstaande programmavensters!
    • Windows 2000 en Windows XP: start "MiniToolBox.exe" via dubbelklikken.
    • Windows Vista, Windows 7, Windows 8 en Windows 10: start "MiniToolBox.exe" via rechtsklik Als Administrator uitvoeren.
Vink de volgende onderdelen aan:
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices - Only Problems
  • List Users, Partitions and Memory size
  • List Minidump Files
    • Klik nu op de knop "Go".
    • Aansluitend wordt een log aangemaakt (Result.txt) in de zelfde map waar "MiniToolBox.exe" in zit.
    • Kopieer en plak de inhoud van het log in jouw volgende bericht.
 
duurt dat lang voor spccify..ik zie niet of hij nog bezig is en nog geen nieuw venster geopend

--- Update ---

http://speccy.piriform.com/results/quMgPuixU60aMtDqX5iUa4t




MiniToolBox by Farbar Version: 17-06-2016
Ran by Pat (administrator) on 21-02-2017 at 12:10:51
Running from "C:\Users\Pat\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Model: Aspire 7738 Manufacturer: Acer
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/21/2017 10:30:00 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: ExpressVpn.exe, versie: 6.0.5.1061, tijdstempel: 0x5852049f
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23392, tijdstempel: 0x56eb2fb9
Uitzonderingscode: 0xe0434352
Foutoffset: 0x0000845d
Id van proces met fout: 0xc40
Starttijd van toepassing met fout: 0xExpressVpn.exe0
Pad naar toepassing met fout: ExpressVpn.exe1
Pad naar module met fout: ExpressVpn.exe2
Rapport-id: ExpressVpn.exe3

Error: (02/21/2017 10:30:00 AM) (Source: .NET Runtime) (User: )
Description: Toepassing: ExpressVpn.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.Net.Sockets.SocketException
bij System.Net.Sockets.Socket.DoBind(System.Net.EndPoint, System.Net.SocketAddress)
bij System.Net.Sockets.Socket.Bind(System.Net.EndPoint)
bij System.Net.Sockets.TcpListener.Start(Int32)
bij ExpressVpn.Client.EngineProxy.Transport.TcpSequentialListener.Start()

Uitzonderingsinformatie: System.InvalidOperationException
bij ExpressVpn.Client.EngineProxy.Transport.TcpSequentialListener.Start()
bij ExpressVpn.Client.EngineProxy.JsonRpcEventsListener`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Start()
bij ExpressVpn.Client.EngineProxy.XvpnEngineService.<ScheduleListenerStart>b__7_1(ExpressVpn.Client.Engine.Services.VpnStatusEvent)
bij System.Reactive.AnonymousSafeObserver`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.FirstAsync`1+FirstAsyncImpl[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.DistinctUntilChanged`2+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[ExpressVpn.Client.Engine.ApplicationStatus, ExpressVpn.Client.Engine, Version=6.0.5.1061, Culture=neutral, PublicKeyToken=null]].OnNext(System.__Canon)
bij System.Reactive.Subjects.BehaviorSubject`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.SafeObserver`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Dematerialize`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.Reactive.Notification`1<System.__Canon>)
bij System.Reactive.Linq.ObservableImpl.Where`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Do`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Materialize`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Catch`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Merge`1+_+Iter[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij ExpressVpn.Client.EngineProxy.XvpnEngineService.RefreshStatus()
bij ExpressVpn.Client.EngineProxy.XvpnEngineService.<ScheduleListenerStart>b__7_1(ExpressVpn.Client.Engine.Services.VpnStatusEvent)
bij System.Reactive.AnonymousSafeObserver`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.FirstAsync`1+FirstAsyncImpl[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.DistinctUntilChanged`2+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[ExpressVpn.Client.Engine.ApplicationStatus, ExpressVpn.Client.Engine, Version=6.0.5.1061, Culture=neutral, PublicKeyToken=null]].OnNext(System.__Canon)
bij System.Reactive.Subjects.BehaviorSubject`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.SafeObserver`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Dematerialize`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.Reactive.Notification`1<System.__Canon>)
bij System.Reactive.Linq.ObservableImpl.Where`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Do`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Materialize`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Catch`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Merge`1+_+Iter[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij ExpressVpn.Client.EngineProxy.XvpnEngineService.RefreshStatus()
bij ExpressVpn.Client.EngineProxy.XvpnEngineService.<BindToEvents>b__5_6(Int64)
bij System.Reactive.AnonymousSafeObserver`1[[System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(Int64)
bij System.Reactive.Linq.ObservableImpl.Timer+TimerImpl.Tick(Int64)
bij System.Reactive.Concurrency.DefaultScheduler+<>c__DisplayClass9`1[[System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].<SchedulePeriodic>b__7()
bij System.Reactive.Concurrency.AsyncLock.Wait(System.Action)
bij System.Reactive.Concurrency.DefaultScheduler+<>c__DisplayClass9`1[[System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].<SchedulePeriodic>b__6()
bij System.Reactive.Concurrency.DefaultConcurrencyAbstractionLayer+PeriodicTimer.Tick(System.Object)
bij System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bij System.Threading.TimerQueueTimer.CallCallback()
bij System.Threading.TimerQueueTimer.Fire()
bij System.Threading.TimerQueue.FireNextTimers()
bij System.Threading.TimerQueue.AppDomainTimerCallback()

Error: (02/21/2017 10:28:17 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/21/2017 10:25:45 AM) (Source: PostgreSQL) (User: )
Description: 2017-02-21 10:25:45 CETFATAL: the database system is starting up

Error: (02/21/2017 10:25:44 AM) (Source: PostgreSQL) (User: )
Description: 2017-02-21 10:25:44 CETFATAL: the database system is starting up

Error: (02/21/2017 10:25:43 AM) (Source: PostgreSQL) (User: )
Description: 2017-02-21 10:25:43 CETFATAL: the database system is starting up

Error: (02/21/2017 10:25:34 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: lmgrd.foundry.exe, versie: 10.8.7.0, tijdstempel: 0x47fe34e0
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000
Id van proces met fout: 0x1bc
Starttijd van toepassing met fout: 0xlmgrd.foundry.exe0
Pad naar toepassing met fout: lmgrd.foundry.exe1
Pad naar module met fout: lmgrd.foundry.exe2
Rapport-id: lmgrd.foundry.exe3

Error: (02/21/2017 10:25:18 AM) (Source: nssm) (User: )
Description: Failed to read registry value AppDirectory:
De bewerking is voltooid.

Error: (02/21/2017 09:35:45 AM) (Source: System Restore) (User: )
Description: Er kan geen herstelpunt worden gemaakt (proces = C:\Users\Pat\AppData\Local\Temp\vc_redist.x86.exe /install /quiet /norestart; beschrijving = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215; fout = 0x80070514).

Error: (02/21/2017 09:25:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/21/2017 10:35:11 AM) (Source: Service Control Manager) (User: )
Description: De Windows Update-service is bij het starten vastgelopen.

Error: (02/21/2017 10:27:37 AM) (Source: Service Control Manager) (User: )
Description: De Internet Connection Sharing (ICS)-service is bij het starten vastgelopen.

Error: (02/21/2017 10:25:21 AM) (Source: Service Control Manager) (User: )
Description: De Service Installer TrueKey-service kan vanwege de volgende fout niet worden gestart:
%%2 = Het systeem kan het opgegeven bestand niet vinden.


Error: (02/21/2017 10:24:37 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalStarten{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)

Error: (02/21/2017 10:23:03 AM) (Source: EventLog) (User: )
Description: De vorige afsluiting van het systeem om 10:20:49 op ?21-?2-?2017 is onverwacht gebeurd.

Error: (02/21/2017 09:34:47 AM) (Source: Service Control Manager) (User: )
Description: De Windows Update-service is bij het starten vastgelopen.

Error: (02/21/2017 09:30:33 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is ontvangen: 70.

Error: (02/21/2017 09:30:33 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is ontvangen: 70.

Error: (02/21/2017 09:25:28 AM) (Source: Service Control Manager) (User: )
Description: De Intel Security True Key Scheduler-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 1400464715 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (02/21/2017 09:23:39 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalStarten{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)


Microsoft Office Sessions:
=========================
Error: (02/21/2017 10:30:00 AM) (Source: Application Error)(User: )
Description: ExpressVpn.exe6.0.5.10615852049fKERNELBASE.dll6.1.7601.2339256eb2fb9e04343520000845dc4001d28c2444da161eC:\Program Files\ExpressVPN\xvpn-ui\ExpressVpn.exeC:\Windows\system32\KERNELBASE.dll50b5d0a6-f818-11e6-b538-001f16afe9ed

Error: (02/21/2017 10:30:00 AM) (Source: .NET Runtime)(User: )
Description: Toepassing: ExpressVpn.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.Net.Sockets.SocketException
bij System.Net.Sockets.Socket.DoBind(System.Net.EndPoint, System.Net.SocketAddress)
bij System.Net.Sockets.Socket.Bind(System.Net.EndPoint)
bij System.Net.Sockets.TcpListener.Start(Int32)
bij ExpressVpn.Client.EngineProxy.Transport.TcpSequentialListener.Start()

Uitzonderingsinformatie: System.InvalidOperationException
bij ExpressVpn.Client.EngineProxy.Transport.TcpSequentialListener.Start()
bij ExpressVpn.Client.EngineProxy.JsonRpcEventsListener`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Start()
bij ExpressVpn.Client.EngineProxy.XvpnEngineService.<ScheduleListenerStart>b__7_1(ExpressVpn.Client.Engine.Services.VpnStatusEvent)
bij System.Reactive.AnonymousSafeObserver`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.FirstAsync`1+FirstAsyncImpl[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.DistinctUntilChanged`2+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[ExpressVpn.Client.Engine.ApplicationStatus, ExpressVpn.Client.Engine, Version=6.0.5.1061, Culture=neutral, PublicKeyToken=null]].OnNext(System.__Canon)
bij System.Reactive.Subjects.BehaviorSubject`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.SafeObserver`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Dematerialize`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.Reactive.Notification`1<System.__Canon>)
bij System.Reactive.Linq.ObservableImpl.Where`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Do`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Materialize`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Catch`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Merge`1+_+Iter[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij ExpressVpn.Client.EngineProxy.XvpnEngineService.RefreshStatus()
bij ExpressVpn.Client.EngineProxy.XvpnEngineService.<ScheduleListenerStart>b__7_1(ExpressVpn.Client.Engine.Services.VpnStatusEvent)
bij System.Reactive.AnonymousSafeObserver`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.FirstAsync`1+FirstAsyncImpl[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.DistinctUntilChanged`2+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[ExpressVpn.Client.Engine.ApplicationStatus, ExpressVpn.Client.Engine, Version=6.0.5.1061, Culture=neutral, PublicKeyToken=null]].OnNext(System.__Canon)
bij System.Reactive.Subjects.BehaviorSubject`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.SafeObserver`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Dematerialize`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.Reactive.Notification`1<System.__Canon>)
bij System.Reactive.Linq.ObservableImpl.Where`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Do`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Materialize`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Catch`1+_[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij System.Reactive.Linq.ObservableImpl.Merge`1+_+Iter[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
bij ExpressVpn.Client.EngineProxy.XvpnEngineService.RefreshStatus()
bij ExpressVpn.Client.EngineProxy.XvpnEngineService.<BindToEvents>b__5_6(Int64)
bij System.Reactive.AnonymousSafeObserver`1[[System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(Int64)
bij System.Reactive.Linq.ObservableImpl.Timer+TimerImpl.Tick(Int64)
bij System.Reactive.Concurrency.DefaultScheduler+<>c__DisplayClass9`1[[System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].<SchedulePeriodic>b__7()
bij System.Reactive.Concurrency.AsyncLock.Wait(System.Action)
bij System.Reactive.Concurrency.DefaultScheduler+<>c__DisplayClass9`1[[System.Int64, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].<SchedulePeriodic>b__6()
bij System.Reactive.Concurrency.DefaultConcurrencyAbstractionLayer+PeriodicTimer.Tick(System.Object)
bij System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bij System.Threading.TimerQueueTimer.CallCallback()
bij System.Threading.TimerQueueTimer.Fire()
bij System.Threading.TimerQueue.FireNextTimers()
bij System.Threading.TimerQueue.AppDomainTimerCallback()

Error: (02/21/2017 10:28:17 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/21/2017 10:25:45 AM) (Source: PostgreSQL)(User: )
Description: 2017-02-21 10:25:45 CETFATAL: the database system is starting up

Error: (02/21/2017 10:25:44 AM) (Source: PostgreSQL)(User: )
Description: 2017-02-21 10:25:44 CETFATAL: the database system is starting up

Error: (02/21/2017 10:25:43 AM) (Source: PostgreSQL)(User: )
Description: 2017-02-21 10:25:43 CETFATAL: the database system is starting up

Error: (02/21/2017 10:25:34 AM) (Source: Application Error)(User: )
Description: lmgrd.foundry.exe10.8.7.047fe34e0unknown0.0.0.000000000c0000005000000001bc01d28c246aa9f95bC:\Program Files\The Foundry\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exeunknownb23463f0-f817-11e6-b538-001f16afe9ed

Error: (02/21/2017 10:25:18 AM) (Source: nssm)(User: )
Description: AppDirectoryDe bewerking is voltooid.

Error: (02/21/2017 09:35:45 AM) (Source: System Restore)(User: )
Description: C:\Users\Pat\AppData\Local\Temp\vc_redist.x86.exe /install /quiet /norestartMicrosoft Visual C++ 2015 Redistributable (x86) - 14.0.242150x80070514

Error: (02/21/2017 09:25:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2016-08-01 08:03:06.479
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-01 08:03:06.307
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-25 22:17:09.210
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-25 22:17:08.976
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-25 21:55:13.616
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-25 21:55:13.429
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-24 13:07:04.903
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-24 13:07:04.622
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-17 17:24:51.446
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-17 17:24:51.321
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.


=========================== Installed Programs ============================

5KPlayer 2.2 (HKLM\...\5KPlayer_is1) (Version: - DearMob, Inc.)
Adobe Acrobat DC (HKLM\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe After Effects 7.0 (HKLM\...\{DD362256-A7A2-4524-9457-213DDC2AFC2A}) (Version: 7.0.0.244 - Adobe Systems, Inc.) Hidden
Adobe After Effects 7.0 (HKLM\...\Adobe After Effects 7.0) (Version: 7.0.0.244 - Adobe Systems, Inc.)
Adobe AIR (HKLM\...\{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}) (Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824211354}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AmericasCardroom (HKLM\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk 3ds Max 2010 32-bit (HKLM\...\{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}) (Version: 12.0 - Autodesk)
Autodesk 3ds Max 2010 32-bit Components (HKLM\...\{60A08432-00DD-0409-AC2C-143C75460878}) (Version: 12.0 - Autodesk)
Autodesk 3ds Max 2010 Tutorials Files (HKLM\...\{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}) (Version: 12.0 - Autodesk)
Autodesk Backburner 2008.1 (HKLM\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2008.1.1 - Autodesk, Inc.)
Autodesk FBX Plugin 2009.4 - 3ds Max 2010 (HKLM\...\Autodesk FBX Plugin 2009.4 - 3ds Max 2010) (Version: - Autodesk)
Autodesk FBX Plug-in 2013.1 - Maya 2013 (HKLM\...\Autodesk FBX Plug-in 2013.1 - Maya 2013) (Version: - Autodesk)
Autodesk Maya 2013 32-bit (HKLM\...\{D9345CD7-D0F8-4674-90CF-A0AB41EEF440}) (Version: 15.0.0.0 - Autodesk) Hidden
Autodesk Maya 2013 32-bit (HKLM\...\Autodesk Maya 2013 32-bit) (Version: 15.0.0.0 - Autodesk)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
BackgammonMasters Client (HKLM\...\BackgammonMasters_is1) (Version: - )
Belgium e-ID middleware 4.1.10 (build 1698) (HKLM\...\{4DDF16AE-8D5D-4027-A2D1-8CBB498E1698}) (Version: 4.1.1698 - Belgian Government)
BGroom (HKLM\...\BGroom) (Version: - )
Binary Options Trader (HKLM\...\{2D38C785-05CE-4C1D-91DD-FC0AC07EE191}) (Version: 1.4.0 - TradeTools FX)
BlackChipPoker (HKLM\...\FE4D6F94-B3D5-484b-94F7-8BC45DEB7A82) (Version: 16.6 - IGSoft)
Blender (HKLM\...\{4DB84B5C-A382-43A3-AC58-320747DDA983}) (Version: 2.78.1 - Blender Foundation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
CameraTracker 1.0v9-CC for AE (HKLM\...\CameraTracker 1.0v9-CC for AE_is1) (Version: - The Foundry)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Click Install if prompted (HKLM\...\{E97D07E8-0830-40FF-A9DD-861199E99D7E}) (Version: 1.0.0.0 - ExpressVpn) Hidden
Core FTP LE (HKLM\...\CoreFTP) (Version: - )
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 3.0.0.0310 - Disc Soft Ltd)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Earth & Sky Forex System Installer 2014 Pierre Du Plessis (HKLM\...\Earth & Sky Forex System Installer 2014 Pierre Du Plessis) (Version: - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
EuroMillions Generator version 1.0.1 (HKLM\...\{7DB5DEDA-2533-496B-A544-5100828C6350}_is1) (Version: 1.0.1 - Dmitrijs Volkovs, Esmistudio.com)
ExpressVPN (HKLM\...\{50FF7CAE-061D-4EAA-843E-8F0E2B42B5B7}) (Version: 6.0.5.1061 - ExpressVPN) Hidden
eXtreme Gammon 2 (HKLM\...\{2F5AF5E1-E021-4832-A423-EF480EC58A0B}_is1) (Version: 2.10 - GameSite 2000, Ltd.)
FBS Trader 4 (HKLM\...\FBS Trader 4) (Version: 4.00 - MetaQuotes Software Corp.)
File Association Helper (HKLM\...\{8975E3CB-A762-4B14-BD62-A3972A098E82}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
FLT 7.0v2 (HKLM\...\FLT 7.0v2_is1) (Version: - The Foundry)
Forex Income Boss SRT Profit System (HKLM\...\Forex Income Boss SRT Profit System) (Version: - )
Forex Lines 7 + Forex Lines EA (HKLM\...\Forex Lines 7 + Forex Lines EA) (Version: - )
ForexProfitBoost (HKLM\...\ForexProfitBoost) (Version: - )
FreshForex Terminal (HKLM\...\FreshForex Terminal) (Version: 6.00 - MetaQuotes Software Corp.)
FX Triple Profit (HKLM\...\FX Triple Profit) (Version: - )
FXNewsAlert v3.2 (HKLM\...\{6B910800-2D4E-4093-B6F1-A212BEAF1FB8}) (Version: 3.2 - FXNewsAlert)
GNU Backgammon (MAIN branch, 20121023 code) (HKLM\...\GNU Backgammon_is1) (Version: - Free Software Foundation)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
Governor of Poker (HKLM\...\{6972FD5E-01D0-4742-8EB0-A0D351CF28FF}) (Version: 1.0.0 - Youdagames)
Governor of Poker 2 (HKLM\...\Governor of Poker 21.0) (Version: 1.0 - Foxy Games)
GoWin!The Football Forecaster Deluxe Edition 2016 (HKLM\...\GoWin!The Football Forecaster Deluxe Edition 2016) (Version: 2016 - GoWin! Software)
Gyazo 3.3.0 (HKLM\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Holdem Indicator 2.5.3 (HKLM\...\Holdem Indicator_is1) (Version: - http://www.HoldemIndicator.com)
Holdem Manager 2 (HKLM\...\HoldemManager2) (Version: - )
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5510 series Basissoftware van het apparaat (HKLM\...\{499DF7DD-0CEB-40ED-AEEF-3C3F92DE2719}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Haelp (HKLM\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510 series Productverbeteringsonderzoek (HKLM\...\{0406AD49-066E-4418-849C-1FFF3DA7D9DC}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510d series Basissoftware van het apparaat (HKLM\...\{FA311D0D-EC05-44E7-82D5-FAC9887AB960}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510d series Haelp (HKLM\...\{E59ADA18-03DB-44F5-9EF5-0FA25E4D4384}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510d series Productverbeteringsonderzoek (HKLM\...\{2164CC25-F6FA-4F5A-9F68-BDDBCBEF1F4B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HTID (HKLM\...\HTID) (Version: - )
InertiaTrader EURUSD M5 (HKLM\...\{370C5EF8-FBDB-679C-F67B-090A54FDF685}) (Version: 1.0.0.0 - InertiaTrader.com)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.12.108.1 - Intel Security)
IQ Option (HKLM\...\IQ Option) (Version: 1.0 - IQOption)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kodi (HKCU\...\Kodi) (Version: - XBMC-Foundation)
Ladbrokes Poker (HKCU\...\Ladbrokes.be Poker) (Version: - )
Levelator (HKLM\...\Levelator) (Version: - )
Lynda.com Desktop App (HKCU\...\6043ff57df569209) (Version: 1.3.1.87 - Lynda.com)
Malwarebytes Anti-Malware versie 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
MetaTrader 4 (HKLM\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 Admiral Markets AS (HKLM\...\MetaTrader 4 Admiral Markets AS) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movavi Screen Capture Studio 4 (HKLM\...\Movavi Screen Capture Studio 4) (Version: 4.3.3 - MOVAVI)
Movie Maker (HKLM\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2015 (HKLM\...\{407A3427-28FA-4383-8472-972AE71E3262}) (Version: 16.0.03000 - Nero AG)
Nero Burning Core (HKLM\...\{2B3D9A2C-581B-4CE4-B16A-82BB2A8A0A39}) (Version: 16.0.11000 - Nero AG) Hidden
Nero Burning ROM (HKLM\...\{B3756FCF-13D3-460B-88D5-33CB88CE6CFA}) (Version: 16.0.11000 - Nero AG) Hidden
Nero Burning ROM_Nero Express (HKLM\...\Nero Burning ROM_Nero Express) (Version: - )
Nero BurningROM 2015 (HKLM\...\{0F450417-F5B1-4D9C-B93B-4DC81F3EA954}) (Version: 16.0.01600 - Nero AG)
Nero ControlCenter (HKLM\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.2.0008 - Nero AG) Hidden
Nero Core Components (HKLM\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.4.0012 - Nero AG) Hidden
Nero Disc Menus Basic (HKLM\...\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}) (Version: 16.0.10002 - Nero AG) Hidden
Nero Effects Basic (HKLM\...\{29F67D84-3A70-456E-806A-52301B02070B}) (Version: 16.0.10002 - Nero AG) Hidden
Nero Info (HKLM\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG) Hidden
Nero Kwik Themes Basic (HKLM\...\{1B6F5E51-575E-4693-BCA2-7543570D076D}) (Version: 16.0.10002 - Nero AG) Hidden
Nero Launcher (HKLM\...\{9D780839-6E97-4E2A-A5F7-711AF221B609}) (Version: 16.0.8000 - Nero AG) Hidden
Nero PiP Effects Basic (HKLM\...\{ACE49D50-19CD-44A6-B192-46F985283B26}) (Version: 16.0.10002 - Nero AG) Hidden
Nero SharedVideoCodecs (HKLM\...\{2432E589-6256-4513-B0BF-EFA8E325D5F0}) (Version: 1.0.16006 - Nero AG) Hidden
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video Samples (HKLM\...\{05C6B128-1B40-4495-9CB9-090B368BFA0A}) (Version: 16.0.10002 - Nero AG) Hidden
NoaFX Trader (HKLM\...\NoaFX Trader) (Version: 4.00 - MetaQuotes Software Corp.)
Nuke 8.0v1 (HKLM\...\Nuke 8.0v1_is1) (Version: - The Foundry)
NVIDIA Grafisch stuurprogramma 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
OpenOffice 4.1.0 (HKLM\...\{E8A54536-FC41-45AB-9E24-114A0127118C}) (Version: 4.10.9764 - Apache Software Foundation)
Photo Common (HKLM\...\{C3538BF4-735B-45F3-B09E-C541A007E4E8}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM\...\{F4DEB840-B638-4BCE-AC6B-057EF31E0012}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PokerStars.be (HKLM\...\PokerStars.be) (Version: - PokerStars.be)
PokerTracker 4 (remove only) (HKLM\...\PokerTracker4) (Version: - )
PostgreSQL 8.4 (HKLM\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PowerISO (HKLM\...\PowerISO) (Version: 6.7 - Power Software Ltd)
Prerequisite installer (HKLM\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0000 - Nero AG) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapid Dollar System (HKLM\...\Rapid Dollar System) (Version: - )
RARBG Player (remove only) (HKLM\...\RARBG Player) (Version: - )
RealFlow 2014 (HKLM\...\RealFlow 2014) (Version: - )
Robbie's Reversals (HKLM\...\{37170A7A-651E-E83E-1A73-721CAA81EB4B}) (Version: 1.7.0.0 - Trade with Robbie)
ROULETTE INTERCEPTOR (HKLM\...\ROULETTE INTERCEPTOR) (Version: - )
ROULETTE INTERCEPTOR 3.0 (HKLM\...\ROULETTE INTERCEPTOR 3.0) (Version: - )
Roulette Sniper Version 2.0 (HKLM\...\{91FA5123-41A2-401D-9A60-7A0E075A9A5E}) (Version: 2.00.0000 - Roulette Sniper)
Roulette Xtreme 2.0 (HKLM\...\{27BB3F5D-CC40-5B41-DCF2-C759CFD38A8D}) (Version: 2.4.3.52 - UX Software)
SafeZone Stable 1.51.2220.62 (HKLM\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scalper Mastery X (HKLM\...\Scalper Mastery X) (Version: - )
ScalpTraderPRO 2.70 (HKLM\...\ScalpTraderPRO) (Version: 2.70 - ScalpraderPRO.com)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype 7.33 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
Smilebox (HKCU\...\Smilebox) (Version: 1.0.0.31276 - Smilebox, Inc.)
Soccer Match Predictor 1.6.7 (Demo Version) (HKLM\...\Soccer_0) (Version: 1.6.7 (Demo Version) - NeuralBet)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
Swing Trader PRO (HKLM\...\Swing Trader PRO) (Version: - )
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TC2000 v16 (HKCU\...\TC2000 v16 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)
TC2000 v16 (HKLM\...\{A6A526E4-A376-4772-897D-508FB2473C91}) (Version: 1.0.0 - Worden Brothers, Inc.) Hidden
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Tickmill MT4 Client Terminal (HKLM\...\Tickmill MT4 Client Terminal) (Version: 4.00 - MetaQuotes Software Corp.)
Todbot version 2.21 (HKLM\...\{6A07C805-00FF-437E-A7E9-283BB1A6FA8C}_is1) (Version: 2.21 - Cardinal)
Tournament Indicator 2.2.4 (HKLM\...\Tournament Indicator_is1) (Version: - http://www.TournamentIndicator.com)
Traders Way MetaTrader 4 (HKLM\...\Traders Way MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vicon boujou 5.0.2 (HKLM\...\{C071157F-AB34-4D3F-A0DF-9AC544B3732E}) (Version: 5.0.2 - Vicon Motion Systems)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
VT Trader (HKCU\...\VT Trader) (Version: - VT Systems, LLC)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)
Win@Baccarat Online with the Predictor System 6.2.10 (HKLM\...\Win@Baccarat Online with the Predictor System fo~A847703F_is1) (Version: 6.2.10 - Smart Casino Player, Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winner Poker (HKCU\...\winnerpoker) (Version: - )
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E6}) (Version: 19.0.11294 - WinZip Computing, S.L. )
WSOP.com (HKLM\...\WSOP.com) (Version: - )
XM MT4 (HKLM\...\XM MT4) (Version: 4.00 - MetaQuotes Software Corp.)
ZBrush 4R7 (HKLM\...\ZBrush 4R7 4R7) (Version: 4R7 - Pixologic)
ZHPDiag 2015 (HKLM\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

========================= Devices: ================================

Name: ExpressVPN Tap Adapter
Description: ExpressVPN Tap Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Device ID: ROOT\NET\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling-adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: ACPI\WEC1040\4&891F657&0
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: FingerPrinter Reader
Description: FingerPrinter Reader
Class Guid:
Manufacturer:
Service:
Device ID: USB\VID_1C7A&PID_0801\00000000000006
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 3066.84 MB
Available physical RAM: 2018.58 MB
Total Virtual: 6132 MB
Available Virtual: 3576 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:461.67 GB) (Free:57.09 GB) NTFS
4 Drive g: (20130910_101536) (CDROM) (Total:1.62 GB) (Free:0 GB) CDFS

========================= Users: ========================================

Gebruikersaccounts voor \\PAT-PC

Administrator Gast Pat
postgres UpdatusUser
De opdracht is voltooid.

========================= Minidump Files ==================================

C:\Windows\Minidump\011317-44600-01.dmp
========================= Restore Points ==================================

18-02-2017 20:29:19 Windows Update

**** End of log ****
 
Verwijder Java via Start Configuratiescherm Programma's en onderdelen.
De Java in jouw Windows is antiek en het beveiligingsrisico dus hoog.
Na verwijdering dien je jouw notebook opnieuw op te starten.


Download
52063a40e2e64-Farbar_Recovery_Scan_Tool_canned.png
Farbar Recovery Scan Tool 32 of 64 bit van n van de onderstaande links
Farbar Recovery Scan Tool 32 bit (x86)
Farbar Recovery Scan Tool 64 bit (x64)
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
Opmerkingen: Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

Antivirusprogramma en actieve malwarescanners dienen al voor je FRST.exe start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

FRST opstarten:
  • Windows 2000 en Windows XP: dubbelklik op FRST.exe.
  • Windows Vista, Windows 7, Windows 8/8.1 en Windows 10: via rechtsklik op FRST.exe of FRST64.exe en kies voor "Als Administrator uitvoeren".

FRST start op:
  • Wanneer het programma is geopend klik dan op de knop Yes bij de disclaimer.
  • Druk vervolgens op de Scan knop.
  • Aansluitend zal een logbestand - FRST.txt en Addition-txt aangemaakt worden en op het bureaublad opgeslagen worden.
  • Post de inhoud van beide logbestanden in jouw volgende bericht.
.

In geval de inhoud van een van de logs of van beide logs te groot is om te posten, kijk dan hier: Hoe een bijlage toevoegen?
 
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x86) Versie: 19-02-2017
Gestart door Pat (Beheerder) op PAT-PC (21-02-2017 15:50:09)
Gestart vanaf C:\Users\Pat\Desktop
Geladen Profielen: Pat & postgres & UpdatusUser (Beschikbare Profielen: Pat & postgres & UpdatusUser)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe
(Reprise Software Inc.) C:\Program Files\The Foundry\LicensingTools7.0\bin\RLM\rlm.foundry.exe
() C:\Program Files\ExpressVPN\xvpnd\xvpnd.exe
() C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
() C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Farbar) C:\Users\Pat\Desktop\FRST (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Register (gefilterd) ====================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [406664 2016-10-02] (Power Software Ltd)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-12-30] (Samsung Electronics)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3731728 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [Gyazo] => C:\Program Files\Gyazo\GyStation.exe [5077792 2017-02-03] (Nota Inc.)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [SmileboxTray] => C:\Users\Pat\AppData\Roaming\Smilebox\SmileboxTray.exe [350152 2017-01-30] (Smilebox, Inc.)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [ExpressVPN4] => C:\Program Files\ExpressVPN\xvpn-ui\ExpressVpn.exe [807928 2016-12-15] (ExpressVPN)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-09-08] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restrictie - Windows Defender <======= AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

ProxyServer: [S-1-5-21-3375664254-514751222-1770273801-1000] => 127.0.0.1:8118
AutoConfigURL: [S-1-5-21-3375664254-514751222-1770273801-1000] => 127.0.0.1:8118
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Er zijn meer dan n item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5
Tcpip\..\Interfaces\{64A09E13-98C1-4260-AA80-1641DF14C1A3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{66A104D6-A509-4ADE-9538-069138875F96}: [DhcpNameServer] 10.16.0.1
Tcpip\..\Interfaces\{FF9AC627-4C0F-4D7F-AED8-D6BCB97B6EC2}: [DhcpNameServer] 195.130.131.5 195.130.130.5

Internet Explorer:
==================
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3375664254-514751222-1770273801-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-28] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Toolbar: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Toolbar: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\zoz98h5j.default-1457083289649 [2017-02-21]
FF Extension: (MEGA) - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\zoz98h5j.default-1457083289649\Extensions\firefox@mega.co.nz.xpi [2016-08-19]
FF Extension: (Belgium eID) - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2016-04-27] [niet getekend]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF HKLM\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [Geen bestand]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.be/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=INCOH2&PC=IC03&PTAG=ICO-ca195f9e&q={searchTerms}
CHR DefaultSearchKeyword: Default -> search provided by bing.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default [2017-02-21]
CHR Extension: (Google Presentaties) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-19]
CHR Extension: (Google Documenten) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-19]
CHR Extension: (Google Drive) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-19]
CHR Extension: (YouTube) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-19]
CHR Extension: () - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2017-02-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Spreadsheets) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-19]
CHR Extension: (Offline Documenten) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Skype) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-28]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (TradingView Free Quotes and Chat) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ommjfbdmijjlbhlhnnnfkmbnkpnjpipj [2016-03-29]
CHR Extension: (Gmail) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-08] (Adobe Systems) [Bestand niet getekend]
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-08] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2541248 2016-12-28] (Microsoft Corporation)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2015-02-27] (Disc Soft Ltd)
R2 ExpressVpnService; C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe [294912 2016-12-15] () [Bestand niet getekend]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2015-10-28] (Flexera Software, Inc.)
S2 Foundry FLEXlm Server; C:\Program Files\The Foundry\\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exe [1392016 2012-10-30] (Acresso Software Inc.)
R2 Foundry License Server; C:\Program Files\The Foundry\\LicensingTools7.0\bin\RLM\rlm.foundry.exe [1474560 2015-04-17] (Reprise Software Inc.) [Bestand niet getekend]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [272136 2017-01-19] (McAfee, Inc.)
R2 mi-raysat_3dsmax2010_32; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [86016 2009-03-12] () [Bestand niet getekend]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-14] (Nero AG)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Bestand niet getekend]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996336 2017-01-05] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [17304 2017-01-05] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [73968 2017-01-05] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [65344 2016-09-24] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
S3 cpuz140; C:\Users\Pat\AppData\Local\Temp\cpuz140\cpuz140_x32.sys [44352 2017-02-21] (CPUID) <==== AANDACHT
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [25104 2015-04-27] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [123968 2016-10-02] (Power Software Ltd)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [23040 2016-12-15] (The OpenVPN Project)
S3 catchme; \??\C:\Users\Pat\AppData\Local\Temp\catchme.sys [X] <==== AANDACHT
S3 eapihdrv; \??\C:\Users\Pat\AppData\Local\Temp\ehdrv.sys [X] <==== AANDACHT
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Gemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-02-21 15:50 - 2017-02-21 15:52 - 00025154 _____ C:\Users\Pat\Desktop\FRST.txt
2017-02-21 14:49 - 2017-02-21 14:49 - 01764864 _____ (Farbar) C:\Users\Pat\Desktop\FRST (1).exe
2017-02-21 13:20 - 2017-02-21 13:20 - 00333526 _____ C:\Users\Pat\Documents\Scan0014.pdf
2017-02-21 13:19 - 2017-02-21 13:19 - 00326104 _____ C:\Users\Pat\Documents\Scan0003.pdf
2017-02-21 12:10 - 2017-02-21 12:11 - 00049561 _____ C:\Users\Pat\Desktop\MTB.txt
2017-02-21 11:29 - 2017-02-21 11:29 - 00000897 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-02-21 11:29 - 2017-02-21 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-02-21 11:28 - 2017-02-21 11:29 - 00000000 ____D C:\Program Files\Speccy
2017-02-21 11:26 - 2017-02-21 11:26 - 06293184 _____ (Piriform Ltd) C:\Users\Pat\Downloads\spsetup130.exe
2017-02-21 11:26 - 2017-02-21 11:26 - 00892416 _____ (Farbar) C:\Users\Pat\Desktop\MiniToolBox.exe
2017-02-21 09:57 - 2017-02-21 09:59 - 00080682 _____ C:\Users\Pat\Downloads\fxr_sr_zones_ver2.9.2.ex4
2017-02-21 09:39 - 2017-02-21 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-21 09:39 - 2017-02-21 09:39 - 00000000 ___RD C:\Program Files\Skype
2017-02-21 09:39 - 2017-02-21 09:39 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-02-20 13:38 - 2014-11-29 09:45 - 03984152 _____ C:\Users\Pat\Desktop\154940729-80-Percenter-Handbook (1).pdf
2017-02-20 12:42 - 2017-02-20 10:18 - 00196384 _____ C:\Users\Pat\Desktop\Robbie's Reversals.ex4
2017-02-20 10:18 - 2017-02-20 10:18 - 00000000 ____D C:\Users\Pat\AppData\Roaming\ROBBIE'S REVERSALS
2017-02-20 10:14 - 2017-02-20 10:15 - 40019859 _____ (Fx1 Inc) C:\Users\Pat\Downloads\RobbiesReversalsSetup-1-7.exe
2017-02-16 14:09 - 2017-02-16 14:10 - 00000000 ____D C:\Users\Pat\Desktop\trendreversalpoint
2017-02-16 14:05 - 2017-02-16 14:06 - 00014056 _____ C:\Users\Pat\Downloads\trendreversalpoints (1).zip
2017-02-16 11:24 - 2017-02-16 11:24 - 00000000 ____D C:\Users\Pat\Desktop\crack
2017-02-16 11:23 - 2017-02-16 11:23 - 00611294 _____ C:\Users\Pat\Downloads\crack.zip
2017-02-16 11:22 - 2017-02-16 11:22 - 00002177 _____ C:\Users\Public\Desktop\Soccer Match Predictor Demo.lnk
2017-02-16 11:22 - 2017-02-16 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeuralBet
2017-02-16 11:22 - 2017-02-16 11:22 - 00000000 ____D C:\Program Files\NeuralBet
2017-02-16 11:20 - 2017-02-16 11:20 - 24157020 _____ (NeuralBet) C:\Users\Pat\Downloads\smp.exe
2017-02-16 10:40 - 2017-02-16 10:40 - 20522250 _____ (CgmBet ) C:\Users\Pat\Downloads\CgmBetSetup (1).exe
2017-02-16 01:01 - 2017-02-16 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTID
2017-02-16 01:01 - 2017-02-16 01:01 - 00000000 ____D C:\Program Files\HTID
2017-02-15 11:24 - 2017-02-15 11:24 - 20359768 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2017-02-13 01:51 - 2017-02-13 01:51 - 00044473 _____ C:\Users\Pat\Downloads\RSI_Extreme_Binary_System.rar
2017-02-09 16:20 - 2017-02-09 16:21 - 00177394 _____ C:\Users\Pat\Downloads\2be064a0-9b6b-4423-a482-072346dd78b8.pkpass
2017-02-08 23:29 - 2017-02-08 23:29 - 00177394 _____ C:\Users\Pat\Downloads\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f (1).pkpass
2017-02-08 22:29 - 2017-02-08 22:08 - 00177394 _____ C:\Users\Pat\Desktop\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f.pkpass
2017-02-08 22:13 - 2017-02-08 22:13 - 00161854 _____ C:\Users\Pat\Desktop\Confirmation.pdf
2017-02-08 22:08 - 2017-02-08 22:08 - 00177394 _____ C:\Users\Pat\Downloads\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f.pkpass
2017-02-08 22:07 - 2017-02-08 22:07 - 00177393 _____ C:\Users\Pat\Downloads\e65581be-b978-438c-8211-9b8a70ddd4ef.pkpass
2017-02-08 22:07 - 2017-02-08 22:07 - 00177392 _____ C:\Users\Pat\Downloads\b220a597-d6fe-4acc-a8ff-421258045cb6.pkpass
2017-02-01 19:23 - 2017-02-01 19:23 - 00002005 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-02-01 19:23 - 2017-02-01 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-01-31 23:50 - 2017-01-31 23:50 - 00050511 _____ C:\Users\Pat\Downloads\SYSTEMS 1 TO 5 (1).xlsx
2017-01-31 23:37 - 2017-02-06 09:05 - 00000000 ____D C:\Users\Pat\Desktop\bettingsoftware
2017-01-28 12:15 - 2017-01-28 12:15 - 00000165 ____H C:\Users\Pat\Downloads\~$Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-28 12:15 - 2017-01-28 12:12 - 22070814 _____ C:\Users\Pat\Desktop\Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-28 12:12 - 2017-01-28 12:12 - 22070814 _____ C:\Users\Pat\Downloads\Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-27 22:46 - 2017-01-27 22:46 - 00000165 ____H C:\Users\Pat\Downloads\~$Forecast Model - Sammy Eisen v17_Q1.xlsx
2017-01-27 22:41 - 2017-01-27 22:41 - 22070814 _____ C:\Users\Pat\Downloads\Forecast Model - Sammy Eisen v17_Q1.xlsx
2017-01-25 23:32 - 2017-01-25 23:33 - 00041660 _____ C:\Users\Pat\Downloads\PZ_DoubleTopBottom.ex4

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-02-21 15:50 - 2015-12-23 17:41 - 00000000 ____D C:\FRST
2017-02-21 15:24 - 2014-12-07 17:27 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-21 14:55 - 2009-07-14 05:34 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-21 14:55 - 2009-07-14 05:34 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-21 14:43 - 2015-04-17 20:51 - 00000000 ____D C:\ProgramData\Reprise
2017-02-21 14:40 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-21 14:37 - 2013-10-13 14:13 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Skype
2017-02-21 13:20 - 2010-11-21 00:57 - 00745674 _____ C:\Windows\system32\perfh013.dat
2017-02-21 13:20 - 2010-11-21 00:57 - 00153594 _____ C:\Windows\system32\perfc013.dat
2017-02-21 13:20 - 2010-11-20 22:01 - 01669560 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-21 13:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-02-21 10:29 - 2014-06-01 16:35 - 00000000 ____D C:\Users\Pat\AppData\Local\Adobe
2017-02-21 09:41 - 2013-10-13 14:13 - 00000000 ____D C:\ProgramData\Skype
2017-02-21 09:35 - 2014-10-11 18:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-20 13:41 - 2016-11-18 16:34 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Vantage FX Trader
2017-02-20 13:41 - 2015-10-27 14:37 - 00593920 _____ (Fx1 Inc) C:\Windows\Metasetup.dll
2017-02-20 11:35 - 2016-11-08 23:39 - 00000000 ____D C:\Program Files\FBS Trader 4
2017-02-20 11:35 - 2016-08-14 18:10 - 00000000 ____D C:\Program Files\Traders Way MetaTrader 4
2017-02-20 10:18 - 2016-03-16 19:28 - 00000000 ____D C:\Program Files\NoaFX Trader
2017-02-19 15:39 - 2016-03-28 08:43 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Kodi
2017-02-19 09:52 - 2016-03-28 09:08 - 00000000 ____D C:\Users\UpdatusUser
2017-02-19 09:47 - 2014-11-02 14:42 - 00000000 ____D C:\Users\postgres
2017-02-17 09:18 - 2016-10-17 19:46 - 00000000 ____D C:\Program Files\TrueKey
2017-02-16 18:06 - 2016-10-17 19:58 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-02-16 00:18 - 2015-12-24 15:37 - 00000000 ____D C:\Windows\rescache
2017-02-15 11:24 - 2014-09-09 22:46 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-02-15 11:24 - 2013-11-29 20:37 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-02-15 11:24 - 2013-11-29 20:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-13 13:24 - 2015-04-28 10:42 - 00000000 ____D C:\Program Files\Gyazo
2017-02-08 22:12 - 2013-10-16 09:21 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Adobe
2017-02-07 15:31 - 2016-03-19 19:36 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 15:31 - 2016-03-19 19:36 - 00002109 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-02 15:19 - 2016-12-24 10:11 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Smilebox
2017-02-01 19:23 - 2016-10-17 19:47 - 00000000 ____D C:\Program Files\McAfee Security Scan

==================== Bestanden in de root van sommige mappen =======

2016-03-19 19:35 - 2016-03-19 19:35 - 6871040 _____ () C:\Program Files\GUT1CFF.tmp
2015-02-14 11:23 - 2015-02-14 11:23 - 0001222 _____ () C:\Program Files\suit.log
2017-01-06 12:44 - 2017-01-06 12:44 - 0000000 ____H () C:\Users\Pat\AppData\Local\BITE9B2.tmp
2015-02-14 22:16 - 2015-02-14 22:16 - 0007602 _____ () C:\Users\Pat\AppData\Local\Resmon.ResmonCfg
2017-01-06 12:44 - 2017-01-06 12:44 - 0000000 _____ () C:\Users\Pat\AppData\Local\{94A47416-2072-4DC4-87C8-333D4FF2E49F}
2014-12-27 18:34 - 2014-12-27 18:34 - 0000107 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-09-03 12:46 - 2016-09-03 12:46 - 0004970 _____ () C:\ProgramData\xgneqrwu.hrx

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend

LastRegBack: 2017-02-16 00:10

==================== Eind van FRST.txt ============================


Extra scanresultaten van Farbar Recovery Scan Tool (x86) Versie: 19-02-2017
Gestart door Pat (21-02-2017 15:53:26)
Gestart vanaf C:\Users\Pat\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-10-13 13:02:19)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3375664254-514751222-1770273801-500 - Administrator - Disabled)
Gast (S-1-5-21-3375664254-514751222-1770273801-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3375664254-514751222-1770273801-1002 - Limited - Enabled)
Pat (S-1-5-21-3375664254-514751222-1770273801-1000 - Administrator - Enabled) => C:\Users\Pat
postgres (S-1-5-21-3375664254-514751222-1770273801-1004 - Limited - Enabled) => C:\Users\postgres
UpdatusUser (S-1-5-21-3375664254-514751222-1770273801-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Genstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

5KPlayer 2.2 (HKLM\...\5KPlayer_is1) (Version: - DearMob, Inc.)
Adobe Acrobat DC (HKLM\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe After Effects 7.0 (HKLM\...\Adobe After Effects 7.0) (Version: 7.0.0.244 - Adobe Systems, Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
AmericasCardroom (HKLM\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk 3ds Max 2010 32-bit (HKLM\...\{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}) (Version: 12.0 - Autodesk)
Autodesk 3ds Max 2010 32-bit Components (HKLM\...\{60A08432-00DD-0409-AC2C-143C75460878}) (Version: 12.0 - Autodesk)
Autodesk 3ds Max 2010 Tutorials Files (HKLM\...\{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}) (Version: 12.0 - Autodesk)
Autodesk Backburner 2008.1 (HKLM\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2008.1.1 - Autodesk, Inc.)
Autodesk FBX Plugin 2009.4 - 3ds Max 2010 (HKLM\...\Autodesk FBX Plugin 2009.4 - 3ds Max 2010) (Version: - Autodesk)
Autodesk FBX Plug-in 2013.1 - Maya 2013 (HKLM\...\Autodesk FBX Plug-in 2013.1 - Maya 2013) (Version: - Autodesk)
Autodesk Maya 2013 32-bit (HKLM\...\Autodesk Maya 2013 32-bit) (Version: 15.0.0.0 - Autodesk)
Autodesk Maya 2013 32-bit (Version: 15.0.0.0 - Autodesk) Hidden
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
BackgammonMasters Client (HKLM\...\BackgammonMasters_is1) (Version: - )
Belgium e-ID middleware 4.1.10 (build 1698) (HKLM\...\{4DDF16AE-8D5D-4027-A2D1-8CBB498E1698}) (Version: 4.1.1698 - Belgian Government)
BGroom (HKLM\...\BGroom) (Version: - )
Binary Options Trader (HKLM\...\{2D38C785-05CE-4C1D-91DD-FC0AC07EE191}) (Version: 1.4.0 - TradeTools FX)
BlackChipPoker (HKLM\...\FE4D6F94-B3D5-484b-94F7-8BC45DEB7A82) (Version: 16.6 - IGSoft)
Blender (HKLM\...\{4DB84B5C-A382-43A3-AC58-320747DDA983}) (Version: 2.78.1 - Blender Foundation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
CameraTracker 1.0v9-CC for AE (HKLM\...\CameraTracker 1.0v9-CC for AE_is1) (Version: - The Foundry)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Click Install if prompted (Version: 1.0.0.0 - ExpressVpn) Hidden
Core FTP LE (HKLM\...\CoreFTP) (Version: - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 3.0.0.0310 - Disc Soft Ltd)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Earth & Sky Forex System Installer 2014 Pierre Du Plessis (HKLM\...\Earth & Sky Forex System Installer 2014 Pierre Du Plessis) (Version: - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
EuroMillions Generator version 1.0.1 (HKLM\...\{7DB5DEDA-2533-496B-A544-5100828C6350}_is1) (Version: 1.0.1 - Dmitrijs Volkovs, Esmistudio.com)
ExpressVPN (Version: 6.0.5.1061 - ExpressVPN) Hidden
eXtreme Gammon 2 (HKLM\...\{2F5AF5E1-E021-4832-A423-EF480EC58A0B}_is1) (Version: 2.10 - GameSite 2000, Ltd.)
FBS Trader 4 (HKLM\...\FBS Trader 4) (Version: 4.00 - MetaQuotes Software Corp.)
File Association Helper (HKLM\...\{8975E3CB-A762-4B14-BD62-A3972A098E82}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
FLT 7.0v2 (HKLM\...\FLT 7.0v2_is1) (Version: - The Foundry)
Forex Income Boss SRT Profit System (HKLM\...\Forex Income Boss SRT Profit System) (Version: - )
Forex Lines 7 + Forex Lines EA (HKLM\...\Forex Lines 7 + Forex Lines EA) (Version: - )
ForexProfitBoost (HKLM\...\ForexProfitBoost) (Version: - )
FreshForex Terminal (HKLM\...\FreshForex Terminal) (Version: 6.00 - MetaQuotes Software Corp.)
FX Triple Profit (HKLM\...\FX Triple Profit) (Version: - )
FXNewsAlert v3.2 (HKLM\...\{6B910800-2D4E-4093-B6F1-A212BEAF1FB8}) (Version: 3.2 - FXNewsAlert)
GNU Backgammon (MAIN branch, 20121023 code) (HKLM\...\GNU Backgammon_is1) (Version: - Free Software Foundation)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Governor of Poker (HKLM\...\{6972FD5E-01D0-4742-8EB0-A0D351CF28FF}) (Version: 1.0.0 - Youdagames)
Governor of Poker 2 (HKLM\...\Governor of Poker 21.0) (Version: 1.0 - Foxy Games)
GoWin!The Football Forecaster Deluxe Edition 2016 (HKLM\...\GoWin!The Football Forecaster Deluxe Edition 2016) (Version: 2016 - GoWin! Software)
Gyazo 3.3.0 (HKLM\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Holdem Indicator 2.5.3 (HKLM\...\Holdem Indicator_is1) (Version: - hxxp://www.HoldemIndicator.com)
Holdem Manager 2 (HKLM\...\HoldemManager2) (Version: - )
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5510 series Basissoftware van het apparaat (HKLM\...\{499DF7DD-0CEB-40ED-AEEF-3C3F92DE2719}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Haelp (HKLM\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510 series Productverbeteringsonderzoek (HKLM\...\{0406AD49-066E-4418-849C-1FFF3DA7D9DC}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510d series Basissoftware van het apparaat (HKLM\...\{FA311D0D-EC05-44E7-82D5-FAC9887AB960}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510d series Haelp (HKLM\...\{E59ADA18-03DB-44F5-9EF5-0FA25E4D4384}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510d series Productverbeteringsonderzoek (HKLM\...\{2164CC25-F6FA-4F5A-9F68-BDDBCBEF1F4B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HTID (HKLM\...\HTID) (Version: - )
InertiaTrader EURUSD M5 (HKLM\...\{370C5EF8-FBDB-679C-F67B-090A54FDF685}) (Version: 1.0.0.0 - InertiaTrader.com)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.12.108.1 - Intel Security)
IQ Option (HKLM\...\IQ Option) (Version: 1.0 - IQOption)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Kodi) (Version: - XBMC-Foundation)
Ladbrokes Poker (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Ladbrokes.be Poker) (Version: - )
Levelator (HKLM\...\Levelator) (Version: - )
Lynda.com Desktop App (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\6043ff57df569209) (Version: 1.3.1.87 - Lynda.com)
Malwarebytes Anti-Malware versie 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
MetaTrader 4 (HKLM\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 Admiral Markets AS (HKLM\...\MetaTrader 4 Admiral Markets AS) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movavi Screen Capture Studio 4 (HKLM\...\Movavi Screen Capture Studio 4) (Version: 4.3.3 - MOVAVI)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2015 (HKLM\...\{407A3427-28FA-4383-8472-972AE71E3262}) (Version: 16.0.03000 - Nero AG)
Nero Burning ROM_Nero Express (HKLM\...\Nero Burning ROM_Nero Express) (Version: - )
Nero BurningROM 2015 (HKLM\...\{0F450417-F5B1-4D9C-B93B-4DC81F3EA954}) (Version: 16.0.01600 - Nero AG)
NoaFX Trader (HKLM\...\NoaFX Trader) (Version: 4.00 - MetaQuotes Software Corp.)
Nuke 8.0v1 (HKLM\...\Nuke 8.0v1_is1) (Version: - The Foundry)
NVIDIA Grafisch stuurprogramma 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
OpenOffice 4.1.0 (HKLM\...\{E8A54536-FC41-45AB-9E24-114A0127118C}) (Version: 4.10.9764 - Apache Software Foundation)
PokerStars.be (HKLM\...\PokerStars.be) (Version: - PokerStars.be)
PokerTracker 4 (remove only) (HKLM\...\PokerTracker4) (Version: - )
PostgreSQL 8.4 (HKLM\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PowerISO (HKLM\...\PowerISO) (Version: 6.7 - Power Software Ltd)
Prerequisite installer (Version: 16.0.0000 - Nero AG) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapid Dollar System (HKLM\...\Rapid Dollar System) (Version: - )
RARBG Player (remove only) (HKLM\...\RARBG Player) (Version: - )
RealFlow 2014 (HKLM\...\RealFlow 2014) (Version: - )
Robbie's Reversals (HKLM\...\{37170A7A-651E-E83E-1A73-721CAA81EB4B}) (Version: 1.7.0.0 - Trade with Robbie)
ROULETTE INTERCEPTOR (HKLM\...\ROULETTE INTERCEPTOR) (Version: - )
ROULETTE INTERCEPTOR 3.0 (HKLM\...\ROULETTE INTERCEPTOR 3.0) (Version: - )
Roulette Sniper Version 2.0 (HKLM\...\{91FA5123-41A2-401D-9A60-7A0E075A9A5E}) (Version: 2.00.0000 - Roulette Sniper)
Roulette Xtreme 2.0 (HKLM\...\{27BB3F5D-CC40-5B41-DCF2-C759CFD38A8D}) (Version: 2.4.3.52 - UX Software)
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scalper Mastery X (HKLM\...\Scalper Mastery X) (Version: - )
ScalpTraderPRO 2.70 (HKLM\...\ScalpTraderPRO) (Version: 2.70 - ScalpraderPRO.com)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype 7.33 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
Smilebox (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Smilebox) (Version: 1.0.0.31276 - Smilebox, Inc.)
Soccer Match Predictor 1.6.7 (Demo Version) (HKLM\...\Soccer_0) (Version: 1.6.7 (Demo Version) - NeuralBet)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
Swing Trader PRO (HKLM\...\Swing Trader PRO) (Version: - )
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TC2000 v16 (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\TC2000 v16 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)
TC2000 v16 (Version: 1.0.0 - Worden Brothers, Inc.) Hidden
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Tickmill MT4 Client Terminal (HKLM\...\Tickmill MT4 Client Terminal) (Version: 4.00 - MetaQuotes Software Corp.)
Todbot version 2.21 (HKLM\...\{6A07C805-00FF-437E-A7E9-283BB1A6FA8C}_is1) (Version: 2.21 - Cardinal)
Tournament Indicator 2.2.4 (HKLM\...\Tournament Indicator_is1) (Version: - hxxp://www.TournamentIndicator.com)
Traders Way MetaTrader 4 (HKLM\...\Traders Way MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Unity Web Player (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vicon boujou 5.0.2 (HKLM\...\{C071157F-AB34-4D3F-A0DF-9AC544B3732E}) (Version: 5.0.2 - Vicon Motion Systems)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
VT Trader (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\VT Trader) (Version: - VT Systems, LLC)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)
Win@Baccarat Online with the Predictor System 6.2.10 (HKLM\...\Win@Baccarat Online with the Predictor System fo~A847703F_is1) (Version: 6.2.10 - Smart Casino Player, Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winner Poker (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\winnerpoker) (Version: - )
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E6}) (Version: 19.0.11294 - WinZip Computing, S.L. )
WSOP.com (HKLM\...\WSOP.com) (Version: - )
XM MT4 (HKLM\...\XM MT4) (Version: 4.00 - MetaQuotes Software Corp.)
ZBrush 4R7 (HKLM\...\ZBrush 4R7 4R7) (Version: 4R7 - Pixologic)
ZHPDiag 2015 (HKLM\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{0F130AC8-CDF1-4DAA-AA9B-7B4083F49EA4}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\PtContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuthLib.dll ()
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{2D6BD2F0-5F84-4a06-924F-AEE0598B6272}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{40D7C9AD-E126-4D66-A5FE-B9D589DC3C84}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\widgets\minigames\minigamesctrl.ocx (Playtech Ltd. All rights reserved.)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Pat\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{492042A2-4432-44A1-9A39-85B2D3C0119E}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\PtContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba}\InprocServer32 -> C:\Program Files\thinkorswim\npthinkorswim.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{876FA801-2B5E-4201-9E6B-2EF2C05A5C6B}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{89425F5E-A2BD-44CD-9E4F-F1498522F0E5}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\WidgetbarManagerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{9642D229-6B2E-49FD-B6BB-43B37BD97B6B}\localserver32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\PTContainerOle.exe (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{97836AB9-12C5-4C30-A128-B75196DD1787}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{dcc9a6f3-492c-5f51-a65d-3dd92b26c165}\InprocServer32 -> C:\Program Files\thinkorswim\nptossc.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{F6F8856F-374D-4397-BB1C-80AB57E60529}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{2D6BD2F0-5F84-4a06-924F-AEE0598B6272}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\postgres\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba}\InprocServer32 -> C:\Program Files\thinkorswim\npthinkorswim.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{97836AB9-12C5-4C30-A128-B75196DD1787}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\Pat\AppData\Local\Chrome\Application\41.0.2231.0\delegate_execute.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{dcc9a6f3-492c-5f51-a65d-3dd92b26c165}\InprocServer32 -> C:\Program Files\thinkorswim\nptossc.dll => Geen bestand

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {0443B391-AB6C-4C52-8263-7B368F0DAFA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-19] (Google Inc.)
Task: {1755773A-6DE5-4894-BABD-E670FA6B0C73} - System32\Tasks\{907F642C-DB53-4DA9-967D-031C9AA6A748} => Chrome.exe hxxp://ui.skype.com/ui/0/7.10.85.101/nl/abandoninstall?page=tsProgressBar
Task: {19003073-8E5D-432B-A587-1E899132303D} - \Upload Installer Service -> Geen bestand <==== AANDACHT
Task: {1CAD3E39-C408-4BF9-A929-22BE6A6E3DC5} - System32\Tasks\{8441BC88-55CB-4B73-8EBA-0BA79D560AF8} => Chrome.exe hxxp://ui.skype.com/ui/0/7.3.59.101/nl/abandoninstall?page=tsProgressBar
Task: {1E0CC3AF-09FC-4E07-9088-3A96A66ABD34} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {220C838E-FD90-46C6-A231-8581E4AB2C15} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2E6D9F1B-A763-451E-91E8-90EBD2DEFDDE} - System32\Tasks\{8E55F1B7-DA14-4A0F-B0A0-554E3A7B135C} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.106/nl/abandoninstall?page=tsProgressBar
Task: {31F0863A-CA26-43EC-9AE5-682501B2F665} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files\Gyazo\GyazoUpdate.exe [2017-02-03] ()
Task: {378DD419-4FC9-42E4-9DF3-7ED38261706E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {420915A0-A8FB-48EB-BAD0-1DAB0F305A4A} - System32\Tasks\{62128EE0-21CD-423F-A80E-BB2C9AAC6E17} => pcalua.exe -a C:\Users\Pat\Videos\area51\areafx51\areafx51.exe -d C:\Users\Pat\Videos\area51\areafx51
Task: {4CECF071-785D-46D5-950A-D515C74A4FFC} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {54DC2DAB-F71F-4518-8BB2-27DF9AB56948} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {54E20AD0-F8C3-424E-972B-46BBF82AF172} - System32\Tasks\FreeSomeSpace => c:\programdata\{8f2084c4-7349-992d-8f20-084c47341311}\5342187705976337630e.exe <==== AANDACHT
Task: {5CBA8B03-40CE-4C29-BF7B-222811661F5A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {5FB2DD2E-2237-4ACF-8E40-6E5541FAC8C2} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files\Gyazo\GyazoUpdate.exe [2017-02-03] ()
Task: {64B501A6-62D0-4839-B099-9F4C9264BD7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-19] (Google Inc.)
Task: {703625B2-C8F5-476D-82A6-6CEDFE453F0E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {7D0C928F-8753-4C7E-A753-C83932C94D48} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {8A0FCC73-E42E-4481-B230-E48515DDEF55} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {9DF534C3-CA2C-470C-9245-4AD348336507} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {9E90B722-B7AC-45B4-BD40-023953E63FE1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-08] (AVAST Software)
Task: {A325EFC6-DC31-47A1-A225-57E9C9D0893E} - \LuckyTab -> Geen bestand <==== AANDACHT
Task: {A566FE49-BF9A-4CD5-A0E0-183A87F35939} - System32\Tasks\{2682A35E-8F6B-490D-80B4-9C0B75786039} => pcalua.exe -a C:\Users\uninstall.exe
Task: {A9EBE2C7-DC51-47A1-BA9B-29D2DE981852} - System32\Tasks\{30CEF4AB-41AA-4367-9AD2-224E33DAF752} => C:\Program Files\Nuke8.0v1\Nuke8.0.exe [2013-12-02] ()
Task: {AFCC8D2C-18DB-4408-BD8D-2863986684E7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {B097DBE6-B545-47BB-96B3-A7F5343C9605} - System32\Tasks\HPCustParticipation HP Photosmart 5510d series => C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B0E77B7C-85CC-4AEE-87DD-FCBDC6E6A7C8} - System32\Tasks\{347AD8E2-392C-4915-A277-436370805DF9} => pcalua.exe -a "C:\Program Files\salEprIzeeS\oNQkZgyP71EtVK.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {B4A392F2-AB7C-48F8-BBEF-585241012289} - System32\Tasks\{2DA241DA-602E-4ADC-8BF5-FFBE1A34641F} => Chrome.exe hxxp://ui.skype.com/ui/0/7.5.0.101/nl/abandoninstall?page=tsProgressBar
Task: {B7222754-C90C-4484-B66E-287ED863601D} - System32\Tasks\SafeZone scheduled Autoupdate 1466093125 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {C59E7673-C9DD-4DEC-9D2C-8398988114D4} - System32\Tasks\{2B4CD43E-96FB-4E8B-9906-A17C4A6AC4E1} => pcalua.exe -a "C:\Users\Pat\Pictures\goldeneye profit\GoldenEye.exe" -d "C:\Users\Pat\Pictures\goldeneye profit"
Task: {D172CC70-969C-4064-8225-7DC6E5C77829} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {D4DC79F8-635E-4F1C-BFAF-EFF758ABC162} - \SmartWeb Upgrade Trigger Task -> Geen bestand <==== AANDACHT
Task: {DE9D2595-8981-43C7-A979-CCC216A85E30} - \DNSMOHAWK -> Geen bestand <==== AANDACHT
Task: {F6F42581-D0C7-40AC-8AF6-29617DA245D4} - System32\Tasks\Admin Checker => C:\Users\Pat\AppData\Roaming\Admin Checker\Admin Checker.exe <==== AANDACHT

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

==================== Geladen Modules (gefilterd) ==============

2016-03-28 09:08 - 2013-08-30 00:08 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2016-09-08 20:54 - 2016-09-08 20:54 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-21 10:32 - 2017-02-21 10:32 - 05876224 _____ () C:\Program Files\AVAST Software\Avast\defs\17022100\algo.dll
2016-09-08 20:54 - 2016-09-08 20:54 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2016-12-15 10:45 - 2016-12-15 10:45 - 00294912 _____ () C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe
2016-12-15 10:48 - 2016-12-15 10:48 - 08913400 _____ () C:\Program Files\ExpressVPN\xvpnd\xvpnd.exe
2016-12-15 10:49 - 2016-12-15 10:49 - 00445944 _____ () C:\Program Files\ExpressVPN\xvpnd\windows\ExpressVPN.FilterManager.dll
2009-03-12 16:36 - 2009-03-12 16:36 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
2014-11-02 14:41 - 2014-02-18 09:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2014-11-02 14:42 - 2012-08-14 14:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-09-26 14:40 - 2014-09-26 14:40 - 01029280 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
2016-12-24 01:14 - 2016-12-24 01:14 - 00679624 _____ () C:\Users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00746160 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00136368 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CEF\libegl.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)


==================== Hosts Inhoud: ==========================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 03:04 - 2017-02-01 19:23 - 00000064 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
0.0.0.1 mssplus.mcafee.com

==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-3375664254-514751222-1770273801-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.130.131.5 - 195.130.130.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==


==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{3BEF0306-7EF1-4D3A-8B62-4CBAB110F087}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{8E07FB81-1AE4-4036-8697-E0E248F0B10A}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [{50F6B962-4BD0-4E60-B84B-2D176B63CAFD}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{5DECAF2E-A9F2-4BA6-850A-42EF27E005A4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{CB3825C7-2EFC-4C8A-8EAC-BC08EDC49F8D}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{64AC0C81-F5F5-4AB1-AD58-1857A3927D62}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{5128922B-120B-4CE1-9F05-BDC43E25DF1D}] => (Allow) C:\Program Files\Holdem Indicator\HoldemIndicator.exe
FirewallRules: [{75AA2D65-92F9-4EDD-9630-26755F71AE86}] => (Allow) C:\Program Files\Holdem Indicator\HoldemIndicator.exe
FirewallRules: [{4351F824-3E11-4D09-81E4-0031CE9AAF43}] => (Allow) LPort=5432
FirewallRules: [{BA080125-ED85-4D9F-938E-004CB76FCEA4}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{88B398CF-67C5-4609-AF06-349481437672}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E63FED9C-A140-49CD-867A-7A6ECEAD25AD}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{3A00862E-73B5-4CD8-B2D5-5C3546568F2A}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{AF9DD9F0-CCF9-4B3E-9ECE-E59F9AAAC0DF}] => (Allow) C:\Program Files\BurningRom\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{40963433-8FED-401A-A33A-F259FD52B8B6}] => (Allow) C:\Program Files\BurningRom\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{1DB72AAB-36F0-432D-AF9D-542E74E00F64}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\DeviceSetup.exe
FirewallRules: [{0D6B2F07-F861-4373-824F-B99E253B147F}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{A6F730A6-A61E-46FB-9110-9C7908E6934F}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6A47E66D-5037-40FE-9784-1BBC0ABA5F1A}] => (Allow) C:\Users\Pat\AppData\Local\Chrome\Application\chrome.exe
FirewallRules: [{E3608F0F-707F-4715-98D3-3735447D1B57}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3C18B6DB-8F2D-40CF-B055-9AC4C720369C}] => (Allow) LPort=2869
FirewallRules: [{A901A34D-021A-4310-9622-9AAEF5650112}] => (Allow) LPort=1900
FirewallRules: [{2C4B9989-44B3-48E7-B0C0-1BD615C03420}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{20AB0669-F8F7-408F-9B32-5DCDBA99C7C1}C:\program files\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{6CC611DE-B78E-4F61-A908-85BD3C8143B9}C:\program files\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{14960B79-D08E-4DF4-8814-6059E8ECECBD}] => (Allow) C:\Program Files\MetaTrader 5\metatester.exe
FirewallRules: [{79103592-8059-48B0-83AF-3C77E631B823}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{8641D7FC-B35C-4369-B796-52DD25CA7645}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
FirewallRules: [{7F56CA8D-BB73-4ABB-A02C-2F98612FCF59}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{D66B7586-DE05-41D9-BDE3-4B89206E31B7}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{7D959B0F-CE78-4EF4-B01C-98AF8C0891C1}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{DA01D585-D1DA-4D1E-90E8-EED3F392C94E}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{6B4844F5-EA3D-4C82-B4A2-A27B1A3E1BF0}] => (Allow) C:\Program Files\Autodesk\Backburner\monitor.exe
FirewallRules: [{A27253A0-21AC-4A48-AAC3-37BEA449EE1F}] => (Allow) C:\Program Files\Autodesk\Backburner\monitor.exe
FirewallRules: [{41E74B8D-5A09-40C2-A0B5-E4551BBB10AE}] => (Allow) C:\Program Files\Autodesk\Backburner\manager.exe
FirewallRules: [{A6469174-702D-42BF-B648-607F5553BCC7}] => (Allow) C:\Program Files\Autodesk\Backburner\manager.exe
FirewallRules: [{9B7E846F-9101-4A29-BD06-298A244D38D8}] => (Allow) C:\Program Files\Autodesk\Backburner\server.exe
FirewallRules: [{36B4E620-ABED-495D-B503-6576CAB9EC53}] => (Allow) C:\Program Files\Autodesk\Backburner\server.exe
FirewallRules: [{25091CB3-824B-4A8C-9A66-0DFF231B4852}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe
FirewallRules: [{E67DC9F7-DBA7-479D-9776-895236046B11}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe
FirewallRules: [{77C1BAC7-4080-4C5D-81E1-C255E7B6D2C4}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
FirewallRules: [{33F4B3A4-929D-45EF-A7C2-97695E154982}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
FirewallRules: [{6C23388A-E231-4232-8E1E-D7414D15ABF5}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe
FirewallRules: [{A787CFB9-44A0-4ABD-A74C-D2AB1E8F97C3}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe
FirewallRules: [{0EFCD9DD-410B-42D4-928C-8CD4FA7FFAA3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B2B73F11-755C-4D2F-BAEB-DA3CAA63C535}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{112CA5F4-7B17-48DA-A6E0-3A921B70A541}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6B8CC7C9-9E67-4E54-98B4-ABF09FD2A8B6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B2D2FD34-6EE6-4448-83CA-93EE52CC7098}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6BF784E0-0D17-445C-85C9-5A05A2573E2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{800F994B-F934-40AD-B9C9-82553993E527}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{705C64B7-3A7D-4143-8878-93C8F7CCC743}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{5CEB151E-BAE2-4C0F-BC7E-E60156294A88}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{94893AE0-5D08-43FE-AAC1-B9C01C8591DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B6931E26-DA39-482D-A21B-29DAF81EF02C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{45A10545-06BD-4148-8B87-C2DCE39F95DF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{04A7BA3B-2FD6-4EEF-B9F1-030C2915422A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BC75CF57-450D-41EE-BF0F-2C4B990E8369}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{59CAFA30-5EF0-4743-BEE2-9B7D01BA6186}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{EE81BA39-A7D4-4675-8152-34943C01CF8C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Herstelpunten =========================

18-02-2017 21:29:19 Windows Update
21-02-2017 13:35:45 Removed Java 7 Update 55
21-02-2017 14:32:07 Removed Java 7 Update 55

==================== Defecte Apparaatbeheer Apparaten =============

Name: ExpressVPN Tap Adapter
Description: ExpressVPN Tap Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling-adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: FingerPrinter Reader
Description: FingerPrinter Reader
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (02/21/2017 02:44:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma Explorer.EXE, versie 6.1.7601.23537 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.

Proces-id: 5fc

Starttijd: 01d28c481c803212

Eindtijd: 0

Toepassingspad: C:\Windows\Explorer.EXE

Rapport-id: e03d562e-f83b-11e6-9898-001f16afe9ed

Error: (02/21/2017 02:44:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Error: (02/21/2017 02:43:40 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2017-02-21 14:43:40 CETFATAL: the database system is starting up

Error: (02/21/2017 02:43:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: lmgrd.foundry.exe, versie: 10.8.7.0, tijdstempel: 0x47fe34e0
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000
Id van proces met fout: 0xe74
Starttijd van toepassing met fout: 0x01d28c486e3bbfee
Pad naar toepassing met fout: C:\Program Files\The Foundry\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exe
Pad naar module met fout: unknown
Rapport-id: b89d04c4-f83b-11e6-9898-001f16afe9ed

Error: (02/21/2017 02:43:10 PM) (Source: nssm) (EventID: 1018) (User: )
Description: Failed to read registry value AppDirectory:
De bewerking is voltooid.

Error: (02/21/2017 02:28:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2297318

Error: (02/21/2017 02:28:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2297318

Error: (02/21/2017 02:28:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/21/2017 02:28:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2296303

Error: (02/21/2017 02:28:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2296303


Systeemfouten:
=============
Error: (02/21/2017 02:44:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Intel Security True Key-service kan vanwege de volgende fout niet worden gestart:
De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.

Error: (02/21/2017 02:44:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Intel Security True Key.

Error: (02/21/2017 02:43:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Service Installer TrueKey-service kan vanwege de volgende fout niet worden gestart:
Het systeem kan het opgegeven bestand niet vinden.

Error: (02/21/2017 02:42:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.

Error: (02/21/2017 02:37:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

Error: (02/21/2017 02:37:08 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {F9717507-6651-4EDB-BFF7-AE615179BCCF} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

Error: (02/21/2017 01:49:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: TrueKeyScheduler.

Error: (02/21/2017 10:35:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Windows Update-service is bij het starten vastgelopen.

Error: (02/21/2017 10:27:37 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Internet Connection Sharing (ICS)-service is bij het starten vastgelopen.

Error: (02/21/2017 10:25:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Service Installer TrueKey-service kan vanwege de volgende fout niet worden gestart:
Het systeem kan het opgegeven bestand niet vinden.


CodeIntegrity:
===================================
Date: 2016-08-01 08:03:06.479
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-01 08:03:06.307
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-25 22:17:09.210
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-25 22:17:08.976
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-25 21:55:13.616
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-25 21:55:13.429
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-24 13:07:04.903
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-24 13:07:04.622
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-17 17:24:51.446
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-07-17 17:24:51.321
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.


==================== Geheugen info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage geheugen in gebruik: 43%
Totaal fysiek RAM-geheugen: 3066.84 MB
Beschikbaar fysiek RAM-geheugen: 1719.3 MB
Totaal Virtueel geheugen: 6132 MB
Beschikbaar Virtual geheugen: 3885.61 MB

==================== Schijven ================================

Drive c: () (Fixed) (Total:461.67 GB) (Free:57.9 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00045FB4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=461.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4 GB) - (Type=05)

==================== Eind van Addition.txt ============================

--- Update ---

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x86) Versie: 19-02-2017
Gestart door Pat (Beheerder) op PAT-PC (21-02-2017 15:50:09)
Gestart vanaf C:\Users\Pat\Desktop
Geladen Profielen: Pat & postgres & UpdatusUser (Beschikbare Profielen: Pat & postgres & UpdatusUser)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe
(Reprise Software Inc.) C:\Program Files\The Foundry\LicensingTools7.0\bin\RLM\rlm.foundry.exe
() C:\Program Files\ExpressVPN\xvpnd\xvpnd.exe
() C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
() C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Farbar) C:\Users\Pat\Desktop\FRST (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Register (gefilterd) ====================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [406664 2016-10-02] (Power Software Ltd)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-12-30] (Samsung Electronics)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3731728 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [Gyazo] => C:\Program Files\Gyazo\GyStation.exe [5077792 2017-02-03] (Nota Inc.)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [SmileboxTray] => C:\Users\Pat\AppData\Roaming\Smilebox\SmileboxTray.exe [350152 2017-01-30] (Smilebox, Inc.)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [ExpressVPN4] => C:\Program Files\ExpressVPN\xvpn-ui\ExpressVpn.exe [807928 2016-12-15] (ExpressVPN)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-09-08] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restrictie - Windows Defender <======= AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

ProxyServer: [S-1-5-21-3375664254-514751222-1770273801-1000] => 127.0.0.1:8118
AutoConfigURL: [S-1-5-21-3375664254-514751222-1770273801-1000] => 127.0.0.1:8118
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Er zijn meer dan n item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5
Tcpip\..\Interfaces\{64A09E13-98C1-4260-AA80-1641DF14C1A3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{66A104D6-A509-4ADE-9538-069138875F96}: [DhcpNameServer] 10.16.0.1
Tcpip\..\Interfaces\{FF9AC627-4C0F-4D7F-AED8-D6BCB97B6EC2}: [DhcpNameServer] 195.130.131.5 195.130.130.5

Internet Explorer:
==================
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3375664254-514751222-1770273801-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-28] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Toolbar: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Toolbar: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\zoz98h5j.default-1457083289649 [2017-02-21]
FF Extension: (MEGA) - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\zoz98h5j.default-1457083289649\Extensions\firefox@mega.co.nz.xpi [2016-08-19]
FF Extension: (Belgium eID) - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2016-04-27] [niet getekend]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF HKLM\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [Geen bestand]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.be/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=INCOH2&PC=IC03&PTAG=ICO-ca195f9e&q={searchTerms}
CHR DefaultSearchKeyword: Default -> search provided by bing.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default [2017-02-21]
CHR Extension: (Google Presentaties) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-19]
CHR Extension: (Google Documenten) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-19]
CHR Extension: (Google Drive) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-19]
CHR Extension: (YouTube) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-19]
CHR Extension: () - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2017-02-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Spreadsheets) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-19]
CHR Extension: (Offline Documenten) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Skype) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-28]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (TradingView Free Quotes and Chat) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ommjfbdmijjlbhlhnnnfkmbnkpnjpipj [2016-03-29]
CHR Extension: (Gmail) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-08] (Adobe Systems) [Bestand niet getekend]
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-08] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2541248 2016-12-28] (Microsoft Corporation)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2015-02-27] (Disc Soft Ltd)
R2 ExpressVpnService; C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe [294912 2016-12-15] () [Bestand niet getekend]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2015-10-28] (Flexera Software, Inc.)
S2 Foundry FLEXlm Server; C:\Program Files\The Foundry\\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exe [1392016 2012-10-30] (Acresso Software Inc.)
R2 Foundry License Server; C:\Program Files\The Foundry\\LicensingTools7.0\bin\RLM\rlm.foundry.exe [1474560 2015-04-17] (Reprise Software Inc.) [Bestand niet getekend]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [272136 2017-01-19] (McAfee, Inc.)
R2 mi-raysat_3dsmax2010_32; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [86016 2009-03-12] () [Bestand niet getekend]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-14] (Nero AG)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Bestand niet getekend]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996336 2017-01-05] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [17304 2017-01-05] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [73968 2017-01-05] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [65344 2016-09-24] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
S3 cpuz140; C:\Users\Pat\AppData\Local\Temp\cpuz140\cpuz140_x32.sys [44352 2017-02-21] (CPUID) <==== AANDACHT
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [25104 2015-04-27] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [123968 2016-10-02] (Power Software Ltd)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [23040 2016-12-15] (The OpenVPN Project)
S3 catchme; \??\C:\Users\Pat\AppData\Local\Temp\catchme.sys [X] <==== AANDACHT
S3 eapihdrv; \??\C:\Users\Pat\AppData\Local\Temp\ehdrv.sys [X] <==== AANDACHT
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Gemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-02-21 15:50 - 2017-02-21 15:52 - 00025154 _____ C:\Users\Pat\Desktop\FRST.txt
2017-02-21 14:49 - 2017-02-21 14:49 - 01764864 _____ (Farbar) C:\Users\Pat\Desktop\FRST (1).exe
2017-02-21 13:20 - 2017-02-21 13:20 - 00333526 _____ C:\Users\Pat\Documents\Scan0014.pdf
2017-02-21 13:19 - 2017-02-21 13:19 - 00326104 _____ C:\Users\Pat\Documents\Scan0003.pdf
2017-02-21 12:10 - 2017-02-21 12:11 - 00049561 _____ C:\Users\Pat\Desktop\MTB.txt
2017-02-21 11:29 - 2017-02-21 11:29 - 00000897 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-02-21 11:29 - 2017-02-21 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-02-21 11:28 - 2017-02-21 11:29 - 00000000 ____D C:\Program Files\Speccy
2017-02-21 11:26 - 2017-02-21 11:26 - 06293184 _____ (Piriform Ltd) C:\Users\Pat\Downloads\spsetup130.exe
2017-02-21 11:26 - 2017-02-21 11:26 - 00892416 _____ (Farbar) C:\Users\Pat\Desktop\MiniToolBox.exe
2017-02-21 09:57 - 2017-02-21 09:59 - 00080682 _____ C:\Users\Pat\Downloads\fxr_sr_zones_ver2.9.2.ex4
2017-02-21 09:39 - 2017-02-21 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-21 09:39 - 2017-02-21 09:39 - 00000000 ___RD C:\Program Files\Skype
2017-02-21 09:39 - 2017-02-21 09:39 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-02-20 13:38 - 2014-11-29 09:45 - 03984152 _____ C:\Users\Pat\Desktop\154940729-80-Percenter-Handbook (1).pdf
2017-02-20 12:42 - 2017-02-20 10:18 - 00196384 _____ C:\Users\Pat\Desktop\Robbie's Reversals.ex4
2017-02-20 10:18 - 2017-02-20 10:18 - 00000000 ____D C:\Users\Pat\AppData\Roaming\ROBBIE'S REVERSALS
2017-02-20 10:14 - 2017-02-20 10:15 - 40019859 _____ (Fx1 Inc) C:\Users\Pat\Downloads\RobbiesReversalsSetup-1-7.exe
2017-02-16 14:09 - 2017-02-16 14:10 - 00000000 ____D C:\Users\Pat\Desktop\trendreversalpoint
2017-02-16 14:05 - 2017-02-16 14:06 - 00014056 _____ C:\Users\Pat\Downloads\trendreversalpoints (1).zip
2017-02-16 11:24 - 2017-02-16 11:24 - 00000000 ____D C:\Users\Pat\Desktop\crack
2017-02-16 11:23 - 2017-02-16 11:23 - 00611294 _____ C:\Users\Pat\Downloads\crack.zip
2017-02-16 11:22 - 2017-02-16 11:22 - 00002177 _____ C:\Users\Public\Desktop\Soccer Match Predictor Demo.lnk
2017-02-16 11:22 - 2017-02-16 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeuralBet
2017-02-16 11:22 - 2017-02-16 11:22 - 00000000 ____D C:\Program Files\NeuralBet
2017-02-16 11:20 - 2017-02-16 11:20 - 24157020 _____ (NeuralBet) C:\Users\Pat\Downloads\smp.exe
2017-02-16 10:40 - 2017-02-16 10:40 - 20522250 _____ (CgmBet ) C:\Users\Pat\Downloads\CgmBetSetup (1).exe
2017-02-16 01:01 - 2017-02-16 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTID
2017-02-16 01:01 - 2017-02-16 01:01 - 00000000 ____D C:\Program Files\HTID
2017-02-15 11:24 - 2017-02-15 11:24 - 20359768 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2017-02-13 01:51 - 2017-02-13 01:51 - 00044473 _____ C:\Users\Pat\Downloads\RSI_Extreme_Binary_System.rar
2017-02-09 16:20 - 2017-02-09 16:21 - 00177394 _____ C:\Users\Pat\Downloads\2be064a0-9b6b-4423-a482-072346dd78b8.pkpass
2017-02-08 23:29 - 2017-02-08 23:29 - 00177394 _____ C:\Users\Pat\Downloads\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f (1).pkpass
2017-02-08 22:29 - 2017-02-08 22:08 - 00177394 _____ C:\Users\Pat\Desktop\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f.pkpass
2017-02-08 22:13 - 2017-02-08 22:13 - 00161854 _____ C:\Users\Pat\Desktop\Confirmation.pdf
2017-02-08 22:08 - 2017-02-08 22:08 - 00177394 _____ C:\Users\Pat\Downloads\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f.pkpass
2017-02-08 22:07 - 2017-02-08 22:07 - 00177393 _____ C:\Users\Pat\Downloads\e65581be-b978-438c-8211-9b8a70ddd4ef.pkpass
2017-02-08 22:07 - 2017-02-08 22:07 - 00177392 _____ C:\Users\Pat\Downloads\b220a597-d6fe-4acc-a8ff-421258045cb6.pkpass
2017-02-01 19:23 - 2017-02-01 19:23 - 00002005 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-02-01 19:23 - 2017-02-01 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-01-31 23:50 - 2017-01-31 23:50 - 00050511 _____ C:\Users\Pat\Downloads\SYSTEMS 1 TO 5 (1).xlsx
2017-01-31 23:37 - 2017-02-06 09:05 - 00000000 ____D C:\Users\Pat\Desktop\bettingsoftware
2017-01-28 12:15 - 2017-01-28 12:15 - 00000165 ____H C:\Users\Pat\Downloads\~$Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-28 12:15 - 2017-01-28 12:12 - 22070814 _____ C:\Users\Pat\Desktop\Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-28 12:12 - 2017-01-28 12:12 - 22070814 _____ C:\Users\Pat\Downloads\Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-27 22:46 - 2017-01-27 22:46 - 00000165 ____H C:\Users\Pat\Downloads\~$Forecast Model - Sammy Eisen v17_Q1.xlsx
2017-01-27 22:41 - 2017-01-27 22:41 - 22070814 _____ C:\Users\Pat\Downloads\Forecast Model - Sammy Eisen v17_Q1.xlsx
2017-01-25 23:32 - 2017-01-25 23:33 - 00041660 _____ C:\Users\Pat\Downloads\PZ_DoubleTopBottom.ex4

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-02-21 15:50 - 2015-12-23 17:41 - 00000000 ____D C:\FRST
2017-02-21 15:24 - 2014-12-07 17:27 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-21 14:55 - 2009-07-14 05:34 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-21 14:55 - 2009-07-14 05:34 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-21 14:43 - 2015-04-17 20:51 - 00000000 ____D C:\ProgramData\Reprise
2017-02-21 14:40 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-21 14:37 - 2013-10-13 14:13 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Skype
2017-02-21 13:20 - 2010-11-21 00:57 - 00745674 _____ C:\Windows\system32\perfh013.dat
2017-02-21 13:20 - 2010-11-21 00:57 - 00153594 _____ C:\Windows\system32\perfc013.dat
2017-02-21 13:20 - 2010-11-20 22:01 - 01669560 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-21 13:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-02-21 10:29 - 2014-06-01 16:35 - 00000000 ____D C:\Users\Pat\AppData\Local\Adobe
2017-02-21 09:41 - 2013-10-13 14:13 - 00000000 ____D C:\ProgramData\Skype
2017-02-21 09:35 - 2014-10-11 18:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-20 13:41 - 2016-11-18 16:34 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Vantage FX Trader
2017-02-20 13:41 - 2015-10-27 14:37 - 00593920 _____ (Fx1 Inc) C:\Windows\Metasetup.dll
2017-02-20 11:35 - 2016-11-08 23:39 - 00000000 ____D C:\Program Files\FBS Trader 4
2017-02-20 11:35 - 2016-08-14 18:10 - 00000000 ____D C:\Program Files\Traders Way MetaTrader 4
2017-02-20 10:18 - 2016-03-16 19:28 - 00000000 ____D C:\Program Files\NoaFX Trader
2017-02-19 15:39 - 2016-03-28 08:43 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Kodi
2017-02-19 09:52 - 2016-03-28 09:08 - 00000000 ____D C:\Users\UpdatusUser
2017-02-19 09:47 - 2014-11-02 14:42 - 00000000 ____D C:\Users\postgres
2017-02-17 09:18 - 2016-10-17 19:46 - 00000000 ____D C:\Program Files\TrueKey
2017-02-16 18:06 - 2016-10-17 19:58 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-02-16 00:18 - 2015-12-24 15:37 - 00000000 ____D C:\Windows\rescache
2017-02-15 11:24 - 2014-09-09 22:46 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-02-15 11:24 - 2013-11-29 20:37 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-02-15 11:24 - 2013-11-29 20:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-13 13:24 - 2015-04-28 10:42 - 00000000 ____D C:\Program Files\Gyazo
2017-02-08 22:12 - 2013-10-16 09:21 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Adobe
2017-02-07 15:31 - 2016-03-19 19:36 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 15:31 - 2016-03-19 19:36 - 00002109 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-02 15:19 - 2016-12-24 10:11 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Smilebox
2017-02-01 19:23 - 2016-10-17 19:47 - 00000000 ____D C:\Program Files\McAfee Security Scan

==================== Bestanden in de root van sommige mappen =======

2016-03-19 19:35 - 2016-03-19 19:35 - 6871040 _____ () C:\Program Files\GUT1CFF.tmp
2015-02-14 11:23 - 2015-02-14 11:23 - 0001222 _____ () C:\Program Files\suit.log
2017-01-06 12:44 - 2017-01-06 12:44 - 0000000 ____H () C:\Users\Pat\AppData\Local\BITE9B2.tmp
2015-02-14 22:16 - 2015-02-14 22:16 - 0007602 _____ () C:\Users\Pat\AppData\Local\Resmon.ResmonCfg
2017-01-06 12:44 - 2017-01-06 12:44 - 0000000 _____ () C:\Users\Pat\AppData\Local\{94A47416-2072-4DC4-87C8-333D4FF2E49F}
2014-12-27 18:34 - 2014-12-27 18:34 - 0000107 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-09-03 12:46 - 2016-09-03 12:46 - 0004970 _____ () C:\ProgramData\xgneqrwu.hrx

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend

LastRegBack: 2017-02-16 00:10

==================== Eind van FRST.txt ============================

--- Update ---

IK krijg de addition hier niet geplakt omdat het te lang is krijg ik als melding

--- Update ---

IK krijg de addition hier niet geplakt omdat het te lang is krijg ik als melding
 
Ga naar Start Configuratiescherm Programma's en onderdelen en verwijder daar Microsoft Security Essentials - twee antivirusprogramma's leiden tot conflicten in Windows.
Na de verwijdering jouw computer opnieuw opstarten.




Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.


We gaan
51a5c8edc4692-icon1337952077.png


Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programmas\Bureau-accessoires\Kladblok (of Notepad)".
Kopieer en plak de volgende (blauwe tekst in het code-venster) in het lege kladblokvenster.

Code:
[B][color=#0000FF]
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

GroupPolicy: Restrictie - Windows Defender <======= AANDACHT
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba}\InprocServer32 -> C:\Program Files\thinkorswim\npthinkorswim.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba}\InprocServer32 -> C:\Program Files\thinkorswim\npthinkorswim.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{2D6BD2F0-5F84-4a06-924F-AEE0598B6272}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\postgres\AppData\LocalLow\Unity\WebPlayer \loader\UnityWebPluginAX.ocx => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba}\InprocServer32 -> C:\Program Files\thinkorswim\npthinkorswim.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{97836AB9-12C5-4C30-A128-B75196DD1787}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\Pat\AppData\Local\Chrome\Application\41. 0.2231.0\delegate_execute.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{dcc9a6f3-492c-5f51-a65d-3dd92b26c165}\InprocServer32 -> C:\Program Files\thinkorswim\nptossc.dll => Geen bestand
Task: {19003073-8E5D-432B-A587-1E899132303D} - \Upload Installer Service -> Geen bestand <==== AANDACHT
Task: {A325EFC6-DC31-47A1-A225-57E9C9D0893E} - \LuckyTab -> Geen bestand <==== AANDACHT
Task: {D4DC79F8-635E-4F1C-BFAF-EFF758ABC162} - \SmartWeb Upgrade Trigger Task -> Geen bestand <==== AANDACHT
Task: {DE9D2595-8981-43C7-A979-CCC216A85E30} - \DNSMOHAWK -> Geen bestand <==== AANDACHT
Task: {F6F42581-D0C7-40AC-8AF6-29617DA245D4} - System32\Tasks\Admin Checker => C:\Users\Pat\AppData\Roaming\Admin Checker\Admin Checker.exe <==== AANDACHT
hosts:

cmd: ipconfig /flushdns
cmd: netsh winsock reset
[/COLOR][/B]

Sla nu dit kladblokbestand in de dezelfde locatie waar ook FRST.exe aanwezig is op als Fixlist.txt

Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op FRST.exe en kies voor "Als Administrator uitvoeren".
  • Als het programma wordt gestart, klik dan op Ja in de popup.
  • Druk op de Fix knop.
  • Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
  • Post de inhoud van dit logbestand in jouw volgende bericht.
 
Fix resultaat van Farbar Recovery Scan Tool (x86) Versie: 19-02-2017
Gestart door Pat (21-02-2017 20:40:46) Run:2
Gestart vanaf C:\Users\Pat\Desktop
Geladen Profielen: Pat & postgres & UpdatusUser (Beschikbare Profielen: Pat & postgres & UpdatusUser)
Boot Modus: Normal

==============================================

fixlist Inhoud:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

GroupPolicy: Restrictie - Windows Defender <======= AANDACHT
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba}\InprocServer32 -> C:\Program Files\thinkorswim\npthinkorswim.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba}\InprocServer32 -> C:\Program Files\thinkorswim\npthinkorswim.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{2D6BD2F0-5F84-4a06-924F-AEE0598B6272}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\postgres\AppData\LocalLow\Unity\WebPlayer \loader\UnityWebPluginAX.ocx => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba}\InprocServer32 -> C:\Program Files\thinkorswim\npthinkorswim.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{97836AB9-12C5-4C30-A128-B75196DD1787}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\Pat\AppData\Local\Chrome\Application\41. 0.2231.0\delegate_execute.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{dcc9a6f3-492c-5f51-a65d-3dd92b26c165}\InprocServer32 -> C:\Program Files\thinkorswim\nptossc.dll => Geen bestand
Task: {19003073-8E5D-432B-A587-1E899132303D} - \Upload Installer Service -> Geen bestand <==== AANDACHT
Task: {A325EFC6-DC31-47A1-A225-57E9C9D0893E} - \LuckyTab -> Geen bestand <==== AANDACHT
Task: {D4DC79F8-635E-4F1C-BFAF-EFF758ABC162} - \SmartWeb Upgrade Trigger Task -> Geen bestand <==== AANDACHT
Task: {DE9D2595-8981-43C7-A979-CCC216A85E30} - \DNSMOHAWK -> Geen bestand <==== AANDACHT
Task: {F6F42581-D0C7-40AC-8AF6-29617DA245D4} - System32\Tasks\Admin Checker => C:\Users\Pat\AppData\Roaming\Admin Checker\Admin Checker.exe <==== AANDACHT
hosts:

cmd: ipconfig /flushdns
cmd: netsh winsock reset
*****************

Herstelpunt is succesvol gemaakt.
Proces succesvol afgesloten.
C:\Windows\system32\GroupPolicy\Machine => is succesvol verplaatst.
C:\Windows\system32\GroupPolicy\GPT.ini => is succesvol verplaatst.
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => sleutel is succesvol verwijderd.
HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba} => sleutel is succesvol verwijderd.
HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba} => sleutel niet gevonden.
HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{2D6BD2F0-5F84-4a06-924F-AEE0598B6272} => sleutel niet gevonden.
HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394} => sleutel niet gevonden.
HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba} => sleutel niet gevonden.
HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{97836AB9-12C5-4C30-A128-B75196DD1787} => sleutel niet gevonden.
HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160} => sleutel niet gevonden.
HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{dcc9a6f3-492c-5f51-a65d-3dd92b26c165} => sleutel niet gevonden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19003073-8E5D-432B-A587-1E899132303D} => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19003073-8E5D-432B-A587-1E899132303D} => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Upload Installer Service => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A325EFC6-DC31-47A1-A225-57E9C9D0893E} => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A325EFC6-DC31-47A1-A225-57E9C9D0893E} => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LuckyTab => sleutel niet gevonden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4DC79F8-635E-4F1C-BFAF-EFF758ABC162} => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4DC79F8-635E-4F1C-BFAF-EFF758ABC162} => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task => sleutel niet gevonden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{DE9D2595-8981-43C7-A979-CCC216A85E30} => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE9D2595-8981-43C7-A979-CCC216A85E30} => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DNSMOHAWK => sleutel niet gevonden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F6F42581-D0C7-40AC-8AF6-29617DA245D4} => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6F42581-D0C7-40AC-8AF6-29617DA245D4} => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\Admin Checker => is succesvol verplaatst.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Admin Checker => sleutel is succesvol verwijderd.
C:\Windows\System32\Drivers\etc\hosts => is succesvol verplaatst.
Hosts met succes hersteld.

========= ipconfig /flushdns =========


Windows IP-configuratie

De DNS-omzettingscache is leeggemaakt.

========= Eind van CMD: =========


========= netsh winsock reset =========


De Winsock-catalogus is opnieuw ingesteld.
De computer dient opnieuw te worden opgestart om het opnieuw instellen te voltooien.


========= Eind van CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16385444 B
Java, Flash, Steam htmlcache => 940 B
Windows/system/drivers => 141747803 B
Edge => 0 B
Chrome => 239547085 B
Firefox => 12618663 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 7406426 B
Pat => 5198274027 B
postgres => 0 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 5.2 GB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Eind van Fixlog 20:45:16 ====
 
Download
51a46ae42d560-malwarebytes_anti_malware.png
MalwareBytes Anti-Malware.

Let op bij de installatie van MBAM: in het laatste installatievenster staan twee vinkjes bij de meldingen,
haal nu het bovenste vinkje weg (MBAM als volledige demo-versie gebruiken) en maak de installatie af.
Daarna kan je Malwarebytes MBAM als gratis versie telken opnieuw gebruiken!

  • Windows 2000 en Windows XP: dubbelklik op mbam-setup.exe.
  • Windows Vista, Windows 7, Windows 8: en Windows 10: via rechtsklik op mbam-setup.exe en kies voor "Als Administrator uitvoeren".
  • Klik in het menu van Malwarebytes ANTI-MALWARE op Instellingen" en daar op "Detectie en Bescherming" en zet vervolgens een vinkje bij "Scan naar rootkits".
  • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
  • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
  • De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.

  • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
  • Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.

  • Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
  • Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
  • Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
  • Klik op de nieuwste Scan Log.
  • Klik op "Exporteer" en kies de optie "Tekstbestand (*.txt)".
    5557b93ba94ab-Malwarebytes_Exporteer_ScanLog.png
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
    532aab157609a-MBAM-Scan.png

MBAM-Log posten:
  • Kopieer nu de inhoud van het zojuist opgeslagen log en plak dit in uw nieuwe antwoord erbij.
 
Tijdens de scan valt de computer uit...er is dus duidelijk nog iets aan de hand.de scan van mbam kan niet voltooid worden
 
Dan gaan we nu eerst wat anders doen!


Download
51e2903039553-TDSSKiller_Resized.png
TDSSKiller en (ver)plaats de download naar/op het bureaublad.

  • Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).
  • Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"
  • Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
  • Start nu TDSSkiller opnieuw.
  • Klik in het licentiescherm op "Accept" om door te gaan.
  • Vervolgens krijgt u het scherm te zien van het "Kaspersky Security Network Statement" klik hier eveneens op "Accep".
  • Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.

    5247f2ef6060f-TDSSKiller-parameters.jpg

  • Klik op de knop "Start Scan" en volg de instructies.

  • Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.
  • Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
  • Post de inhoud van dit logbestand in jouw volgende bericht.
 
22:58:19.0065 0x1474 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
22:58:23.0733 0x1474 ============================================================
22:58:23.0733 0x1474 Current date / time: 2017/02/22 22:58:23.0733
22:58:23.0733 0x1474 SystemInfo:
22:58:23.0733 0x1474
22:58:23.0733 0x1474 OS Version: 6.1.7601 ServicePack: 1.0
22:58:23.0734 0x1474 Product type: Workstation
22:58:23.0734 0x1474 ComputerName: PAT-PC
22:58:23.0735 0x1474 UserName: Pat
22:58:23.0735 0x1474 Windows directory: C:\Windows
22:58:23.0735 0x1474 System windows directory: C:\Windows
22:58:23.0735 0x1474 Processor architecture: Intel x86
22:58:23.0735 0x1474 Number of processors: 2
22:58:23.0735 0x1474 Page size: 0x1000
22:58:23.0735 0x1474 Boot type: Normal boot
22:58:23.0735 0x1474 CodeIntegrityOptions = 0x00000000
22:58:23.0735 0x1474 ============================================================
22:58:27.0249 0x1474 KLMD registered as C:\Windows\system32\drivers\33524548.sys
22:58:27.0252 0x1474 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x0
22:58:29.0834 0x1474 System UUID: {F26AC3F2-B3B9-92CE-A78D-300CD8B114CB}
22:58:31.0784 0x1474 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:58:31.0795 0x1474 ============================================================
22:58:31.0795 0x1474 \Device\Harddisk0\DR0:
22:58:31.0806 0x1474 MBR partitions:
22:58:31.0807 0x1474 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:58:31.0807 0x1474 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x39B56000
22:58:31.0849 0x1474 ============================================================
22:58:32.0076 0x1474 C: <-> \Device\Harddisk0\DR0\Partition2
22:58:32.0077 0x1474 ============================================================
22:58:32.0077 0x1474 Initialize success
22:58:32.0077 0x1474 ============================================================
22:58:44.0170 0x1578 ============================================================
22:58:44.0170 0x1578 Scan started
22:58:44.0170 0x1578 Mode: Manual; SigCheck; TDLFS;
22:58:44.0170 0x1578 ============================================================
22:58:44.0170 0x1578 KSN ping started
22:58:44.0458 0x1578 KSN ping finished: true
22:58:49.0234 0x1578 ================ Scan system memory ========================
22:58:49.0234 0x1578 System memory - ok
22:58:49.0235 0x1578 ================ Scan services =============================
22:58:49.0557 0x1578 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:58:49.0929 0x1578 1394ohci - ok
22:58:49.0996 0x1578 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:58:50.0211 0x1578 ACPI - ok
22:58:50.0270 0x1578 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:58:50.0458 0x1578 AcpiPmi - ok
22:58:50.0776 0x1578 [ 303C174A7303A7702A68653152FC65A0, A55B4288EFC45E974CB7776AC29A5CD0E33C400214E495414CFBA37C2C3F7045 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:58:50.0813 0x1578 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
22:58:50.0971 0x1578 Detect skipped due to KSN trusted
22:58:50.0971 0x1578 Adobe LM Service - ok
22:58:51.0166 0x1578 [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:58:51.0209 0x1578 AdobeARMservice - ok
22:58:51.0303 0x1578 [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:58:51.0358 0x1578 AdobeFlashPlayerUpdateSvc - ok
22:58:51.0435 0x1578 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:58:51.0569 0x1578 adp94xx - ok
22:58:51.0618 0x1578 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:58:51.0723 0x1578 adpahci - ok
22:58:51.0767 0x1578 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:58:51.0921 0x1578 adpu320 - ok
22:58:51.0964 0x1578 [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:58:52.0008 0x1578 AeLookupSvc - ok
22:58:52.0040 0x1578 [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
22:58:52.0222 0x1578 AFD - ok
22:58:52.0344 0x1578 [ 7E10E3BB9B258AD8A9300F91214D67B9, CE5FAD7BF78234B64EAADF64DB23F3C342AADB9C5E3B0168E57863F494F30318 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
22:58:52.0583 0x1578 AgereSoftModem - ok
22:58:52.0629 0x1578 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
22:58:52.0763 0x1578 agp440 - ok
22:58:53.0785 0x1578 [ F2EB8EB5FC46FB849498BBEF2AD6539D, 6BC9938B3E432963FFAB6A13E9237DA7888A3595522BBE99F2AA556ED06F5651 ] AGSService C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
22:58:54.0071 0x1578 AGSService - ok
22:58:54.0109 0x1578 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:58:54.0246 0x1578 aic78xx - ok
22:58:54.0314 0x1578 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
22:58:54.0385 0x1578 ALG - ok
22:58:54.0424 0x1578 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
22:58:54.0564 0x1578 aliide - ok
22:58:54.0606 0x1578 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:58:54.0744 0x1578 amdagp - ok
22:58:54.0780 0x1578 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
22:58:54.0884 0x1578 amdide - ok
22:58:54.0931 0x1578 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:58:55.0085 0x1578 AmdK8 - ok
22:58:55.0106 0x1578 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:58:55.0195 0x1578 AmdPPM - ok
22:58:55.0244 0x1578 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:58:55.0371 0x1578 amdsata - ok
22:58:55.0419 0x1578 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:58:55.0583 0x1578 amdsbs - ok
22:58:55.0620 0x1578 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:58:55.0745 0x1578 amdxata - ok
22:58:55.0810 0x1578 [ 873F0162D10893E3DF34FA2AC604E6EA, 79655CDB125DBA14DDA01E45A2F8E185788081A3DF8D9E7A6A167C9F0D5C3F62 ] AppID C:\Windows\system32\drivers\appid.sys
22:58:55.0937 0x1578 AppID - ok
22:58:55.0969 0x1578 [ E10F22695EAC1689DED6A9A45D6C352A, 15B10D2E4AB88DE729905E9E4DD24E812163AD45806713E3883E701723D44E3A ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:58:56.0005 0x1578 AppIDSvc - ok
22:58:56.0027 0x1578 [ 5EDA6BA186D1B05D5EF4E96F81F3F3EF, B815998ED90E4AC8F4394992082E1F05076CA07C868A15E616C291DCAAF8A000 ] Appinfo C:\Windows\System32\appinfo.dll
22:58:56.0088 0x1578 Appinfo - ok
22:58:56.0124 0x1578 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:58:56.0180 0x1578 AppMgmt - ok
22:58:56.0226 0x1578 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys
22:58:56.0712 0x1578 arc - ok
22:58:56.0783 0x1578 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:58:56.0943 0x1578 arcsas - ok
22:58:57.0273 0x1578 [ C5BBC8487D89FC1C5D819BB1344F2845, 2265560C9D1DD544C17808F4F2D625B926014EFD5DFE2770BFACF89AB26B54AF ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:58:57.0348 0x1578 aspnet_state - ok
22:58:57.0414 0x1578 [ E07C21E24233EF933DD5D2ECA4F57376, F601A541683EEDD4A2C037281078232388CF78AE970017467F801B5B216AB477 ] aswHdsKe C:\Windows\system32\drivers\aswHdsKe.sys
22:58:57.0468 0x1578 aswHdsKe - ok
22:58:57.0523 0x1578 [ ACE407AF9DCE214772E04894C18BC18B, 5D54569C791520125ED472FFEBC6F5471DFA1D2C0274E488DAEC20824972246C ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
22:58:57.0608 0x1578 aswHwid - ok
22:58:57.0686 0x1578 [ 7393DE24CAE720E128FE61CC1A7632E3, 20EA724AB746973A53FF387F36F7CA445126C006A06858CA329654BED1E7CE6E ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
22:58:57.0778 0x1578 aswKbd - ok
22:58:57.0843 0x1578 [ 9A3BCD9CB36311EC1DB686010CE2E793, 66A9A6B3D23CA2D0D86887223AB4D8EC4F28426CFC950BAFECA9597834FBB915 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:58:57.0900 0x1578 aswMonFlt - ok
22:58:57.0926 0x1578 [ 411E8CF998E01C3247DE094376E3CB3B, 27A430466EB8E655D03B29BFB994DE657CE3878CF1D90EB51A39521BF7767954 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
22:58:58.0079 0x1578 aswRdr - ok
22:58:58.0107 0x1578 [ 39445B2AA5CD7711DA5572E816D5DC86, A63DF762A316CB69B3FD7731197EABDCDFB6BB21F840504A50B4363751EC909E ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
22:58:58.0253 0x1578 aswRvrt - ok
22:58:58.0374 0x1578 [ 03AD952FC1287D5623763E310CE081BA, BACCBDE6E1B98E9502B0ABDA5BBEC2FFDA50820085E08CFC50F81B5C728D843A ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:58:58.0596 0x1578 aswSnx - ok
22:58:58.0651 0x1578 [ E061C8C09103BBE429D9DB222ED7F4C3, 78C5DDB5BE25DED9BB58A4E12C2E3DDD3E798CFF5AC0F87D1BE615FAEC896B0E ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:58:58.0814 0x1578 aswSP - ok
22:58:58.0872 0x1578 [ A084E7BEA9EA4D0BE94357BFE8E987D7, C006EE86A0E6BBDFC6EC1F2708C32722AB571FC64879D6EA1FB6A230E13444B9 ] aswStm C:\Windows\system32\drivers\aswStm.sys
22:58:58.0908 0x1578 aswStm - ok
22:58:58.0981 0x1578 [ 8CA850403483A9373406707E8144EB5C, 58C33AFFB6CA2F52BE2534D3099E6F76134484657413E9B4F8A58CB3F08F8FC8 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
22:58:59.0070 0x1578 aswVmm - ok
22:58:59.0110 0x1578 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:58:59.0185 0x1578 AsyncMac - ok
22:58:59.0223 0x1578 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
22:58:59.0344 0x1578 atapi - ok
22:58:59.0443 0x1578 [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:58:59.0537 0x1578 AudioEndpointBuilder - ok
22:58:59.0610 0x1578 [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:58:59.0658 0x1578 Audiosrv - ok
22:58:59.0761 0x1578 [ F4E0580B5789474385E7ACB189C4AF2C, DB5BE2C852AC102AB8EB186362E582E250B843BA52B3B71AF08A5FDA8A6F91AF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:58:59.0805 0x1578 avast! Antivirus - ok
22:58:59.0863 0x1578 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:58:59.0904 0x1578 AxInstSV - ok
22:58:59.0957 0x1578 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
22:59:00.0123 0x1578 b06bdrv - ok
22:59:00.0228 0x1578 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
22:59:00.0349 0x1578 b57nd60x - ok
22:59:00.0398 0x1578 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
22:59:00.0490 0x1578 BDESVC - ok
22:59:00.0509 0x1578 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
22:59:00.0636 0x1578 Beep - ok
22:59:00.0711 0x1578 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
22:59:00.0781 0x1578 BFE - ok
22:59:00.0830 0x1578 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll
22:59:01.0076 0x1578 BITS - ok
22:59:01.0129 0x1578 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:59:01.0241 0x1578 blbdrive - ok
22:59:01.0367 0x1578 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:59:01.0411 0x1578 Bonjour Service - ok
22:59:01.0457 0x1578 [ 28AF7D4427868B7CE4C00CAB1864C7F6, AAE5303878AF0F7AA18069A8FCD99639EBC34622B456AF86C5E4F27858196E06 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:59:01.0582 0x1578 bowser - ok
22:59:01.0621 0x1578 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:59:01.0669 0x1578 BrFiltLo - ok
22:59:01.0687 0x1578 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:59:01.0747 0x1578 BrFiltUp - ok
22:59:01.0781 0x1578 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:59:01.0970 0x1578 BridgeMP - ok
22:59:02.0020 0x1578 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
22:59:02.0080 0x1578 Browser - ok
22:59:02.0129 0x1578 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:59:02.0172 0x1578 Brserid - ok
22:59:02.0198 0x1578 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:59:02.0251 0x1578 BrSerWdm - ok
22:59:02.0260 0x1578 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:59:02.0297 0x1578 BrUsbMdm - ok
22:59:02.0310 0x1578 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:59:02.0366 0x1578 BrUsbSer - ok
22:59:02.0385 0x1578 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:59:02.0517 0x1578 BTHMODEM - ok
22:59:02.0598 0x1578 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
22:59:02.0661 0x1578 bthserv - ok
22:59:02.0859 0x1578 catchme - ok
22:59:02.0911 0x1578 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:59:03.0049 0x1578 cdfs - ok
22:59:03.0107 0x1578 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:59:03.0258 0x1578 cdrom - ok
22:59:03.0306 0x1578 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
22:59:03.0366 0x1578 CertPropSvc - ok
22:59:03.0391 0x1578 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys
22:59:03.0515 0x1578 circlass - ok
22:59:03.0568 0x1578 [ 1136E4A71849BCFCB057140AD03AAEE6, 9A9615F33E475039382E452052040C21EFA9C6669FB4E95D466C014FCAEF4D74 ] CLFS C:\Windows\system32\CLFS.sys
22:59:03.0718 0x1578 CLFS - ok
22:59:04.0167 0x1578 [ F97E89E61C693492C5351C80C7D9033A, 9BA5E41D372723090D5AC52AB90158250916EA7A2B730A779CC82789EF406679 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
22:59:04.0470 0x1578 ClickToRunSvc - ok
22:59:04.0556 0x1578 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:59:04.0598 0x1578 clr_optimization_v2.0.50727_32 - ok
22:59:04.0643 0x1578 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:59:04.0802 0x1578 clr_optimization_v4.0.30319_32 - ok
22:59:04.0823 0x1578 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:59:04.0872 0x1578 CmBatt - ok
22:59:04.0901 0x1578 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:59:04.0941 0x1578 cmdide - ok
22:59:04.0988 0x1578 [ 7F7D4B16389CEF932950F6B2604D2601, E7C32734DAA75A00866A0F961C945BF7CC7A29D3A9806041D0046BC9FD3ACC5A ] CNG C:\Windows\system32\Drivers\cng.sys
22:59:05.0126 0x1578 CNG - ok
22:59:05.0177 0x1578 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:59:05.0272 0x1578 Compbatt - ok
22:59:05.0301 0x1578 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:59:05.0402 0x1578 CompositeBus - ok
22:59:05.0432 0x1578 COMSysApp - ok
22:59:05.0479 0x1578 cpuz140 - ok
22:59:05.0510 0x1578 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:59:05.0592 0x1578 crcdisk - ok
22:59:05.0662 0x1578 [ 348B3A4DD922F590EB39DB231F7AEE4D, 62341BBB263E8E72436FE008E2645692712C2143964D67CE38D58F47F5DEA8B1 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:59:05.0709 0x1578 CryptSvc - ok
22:59:05.0751 0x1578 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
22:59:05.0945 0x1578 CSC - ok
22:59:06.0003 0x1578 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
22:59:06.0073 0x1578 CscService - ok
22:59:06.0125 0x1578 [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:59:06.0236 0x1578 DcomLaunch - ok
22:59:06.0406 0x1578 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
22:59:06.0563 0x1578 defragsvc - ok
22:59:06.0631 0x1578 [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:59:06.0765 0x1578 DfsC - ok
22:59:06.0873 0x1578 [ 7A5FB3E4E0D77740D56E516EE6B2DC2B, 5B4636EC04903D2E512AC8FB98A484F7CEBE4EE0A081CF897CD13E8491C0D8CC ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
22:59:06.0934 0x1578 dg_ssudbus - ok
22:59:07.0007 0x1578 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:59:07.0086 0x1578 Dhcp - ok
22:59:07.0244 0x1578 [ 58F9BFBAE3C25D1A349DF0C6ECE8F9DF, FF1CFC9B323BCE2CFC06F9B2A98A29396832134FD61A570C1971A7240899E526 ] DiagTrack C:\Windows\system32\diagtrack.dll
22:59:07.0424 0x1578 DiagTrack - ok
22:59:07.0670 0x1578 [ 59AAD2A506A0C61FB8C43D9CA6699D63, 42F233A1FCDD0D76E1195CC93A8D9C35F089022254181215F0BDB861FBE68843 ] Disc Soft Ultra Bus Service C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
22:59:07.0741 0x1578 Disc Soft Ultra Bus Service - ok
22:59:07.0775 0x1578 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
22:59:07.0912 0x1578 discache - ok
22:59:07.0985 0x1578 [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk C:\Windows\system32\drivers\disk.sys
22:59:08.0149 0x1578 Disk - ok
22:59:08.0211 0x1578 [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:59:08.0396 0x1578 dmvsc - ok
22:59:08.0434 0x1578 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:59:08.0491 0x1578 Dnscache - ok
22:59:08.0536 0x1578 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
22:59:08.0592 0x1578 dot3svc - ok
22:59:08.0626 0x1578 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
22:59:08.0689 0x1578 DPS - ok
22:59:08.0727 0x1578 [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:59:08.0927 0x1578 drmkaud - ok
22:59:08.0980 0x1578 [ 010A14A617A092403C330B9857EF713E, A0A1F94909241D024A0107E49175BDA02D91D7185D4ED8B9D6BB1D39525BBBF7 ] dtultrascsibus C:\Windows\system32\DRIVERS\dtultrascsibus.sys
22:59:09.0019 0x1578 dtultrascsibus - ok
22:59:09.0096 0x1578 [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:59:09.0219 0x1578 DXGKrnl - ok
22:59:09.0281 0x1578 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
22:59:09.0341 0x1578 EapHost - ok
22:59:09.0396 0x1578 eapihdrv - ok
22:59:09.0563 0x1578 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
22:59:09.0942 0x1578 ebdrv - ok
22:59:09.0996 0x1578 [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] EFS C:\Windows\System32\lsass.exe
22:59:10.0072 0x1578 EFS - ok
22:59:10.0144 0x1578 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:59:10.0247 0x1578 ehRecvr - ok
22:59:10.0287 0x1578 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
22:59:10.0325 0x1578 ehSched - ok
22:59:10.0381 0x1578 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:59:10.0558 0x1578 elxstor - ok
22:59:10.0587 0x1578 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:59:10.0687 0x1578 ErrDev - ok
22:59:10.0757 0x1578 [ 47DF8A068BA5666A14848C242BF5002B, 7D48FBDB497B07414397008FD5D4021AC8F39131E097EF12B94974409461F65C ] ESProtectionDriver C:\Windows\system32\drivers\mbae.sys
22:59:10.0932 0x1578 ESProtectionDriver - ok
22:59:10.0983 0x1578 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
22:59:11.0065 0x1578 EventSystem - ok
22:59:11.0087 0x1578 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
22:59:11.0305 0x1578 exfat - ok
22:59:11.0399 0x1578 [ D9EC6F3A3B2AC7CD5EEF07BD86E3EFBC, 472232CA821B5C2EF562AB07F53638BC2CC82EAE84CEA13FBE674D6022B6481C ] ExpressVpnService C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe
22:59:11.0422 0x1578 ExpressVpnService - detected UnsignedFile.Multi.Generic ( 1 )
22:59:11.0756 0x1578 Detect skipped due to KSN trusted
22:59:11.0756 0x1578 ExpressVpnService - ok
22:59:11.0794 0x1578 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:59:11.0935 0x1578 fastfat - ok
22:59:12.0007 0x1578 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
22:59:12.0118 0x1578 Fax - ok
22:59:12.0149 0x1578 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\drivers\fdc.sys
22:59:12.0354 0x1578 fdc - ok
22:59:12.0380 0x1578 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
22:59:12.0441 0x1578 fdPHost - ok
22:59:12.0452 0x1578 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
22:59:12.0510 0x1578 FDResPub - ok
22:59:12.0529 0x1578 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:59:12.0628 0x1578 FileInfo - ok
22:59:12.0678 0x1578 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:59:12.0797 0x1578 Filetrace - ok
22:59:12.0923 0x1578 [ ACEFEEA621DCA62EFB7A7EEA59F5E91B, 1D998E25B2C4C2DB51BF5E76BD0EFCA172CFC9BC16AFE7044BFC7A9FCF346154 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:59:12.0982 0x1578 FLEXnet Licensing Service - ok
22:59:13.0005 0x1578 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:59:13.0108 0x1578 flpydisk - ok
22:59:13.0144 0x1578 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:59:13.0251 0x1578 FltMgr - ok
22:59:13.0354 0x1578 [ DF15E8426D02C15422EBFF28BA83F03A, 51BEB315B0E5114906684FB3F460FA7BEA326C1B589C5C35D29795A7C13AB4FB ] FontCache C:\Windows\system32\FntCache.dll
22:59:13.0447 0x1578 FontCache - ok
22:59:13.0510 0x1578 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:59:13.0549 0x1578 FontCache3.0.0.0 - ok
22:59:13.0688 0x1578 [ 618850FF1CE9CDCEDF72632BA7296160, 90B5CC27235F39273C59239838B658BCC6715E5862A52D70F9DAADBE4511FF52 ] Foundry FLEXlm Server C:\Program Files\The Foundry\\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exe
22:59:13.0763 0x1578 Foundry FLEXlm Server - ok
22:59:13.0869 0x1578 [ 93F8CBE201426A17DA78478235AD9954, 695C8EB37EF216FFA0E80CF0670F99239E0A79F8CCC7F334009F1130634761E3 ] Foundry License Server C:\Program Files\The Foundry\\LicensingTools7.0\bin\RLM\rlm.foundry.exe
22:59:13.0927 0x1578 Foundry License Server - detected UnsignedFile.Multi.Generic ( 1 )
22:59:14.0163 0x1578 Detect skipped due to KSN trusted
22:59:14.0164 0x1578 Foundry License Server - ok
22:59:14.0231 0x1578 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:59:14.0317 0x1578 FsDepends - ok
22:59:14.0395 0x1578 [ 2262614848962DDB38FFB7C883E6FB55, 13A0FD679B96A1475FDAD5F64B0A9B07A3B132734888004276481E1060048A59 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
22:59:14.0484 0x1578 fssfltr - ok
22:59:14.0713 0x1578 [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
22:59:14.0791 0x1578 fsssvc - ok
22:59:14.0830 0x1578 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:59:14.0917 0x1578 Fs_Rec - ok
22:59:14.0959 0x1578 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:59:15.0059 0x1578 fvevol - ok
22:59:15.0110 0x1578 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:59:15.0220 0x1578 gagp30kx - ok
22:59:15.0301 0x1578 [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc C:\Windows\System32\gpsvc.dll
22:59:15.0369 0x1578 gpsvc - ok
22:59:15.0485 0x1578 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:59:15.0529 0x1578 gupdate - ok
22:59:15.0537 0x1578 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:59:15.0570 0x1578 gupdatem - ok
22:59:15.0602 0x1578 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:59:15.0763 0x1578 hcw85cir - ok
22:59:15.0841 0x1578 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:59:16.0006 0x1578 HdAudAddService - ok
22:59:16.0027 0x1578 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:59:16.0160 0x1578 HDAudBus - ok
22:59:16.0195 0x1578 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:59:16.0449 0x1578 HidBatt - ok
22:59:16.0494 0x1578 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:59:16.0641 0x1578 HidBth - ok
22:59:16.0697 0x1578 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys
22:59:16.0856 0x1578 HidIr - ok
22:59:16.0910 0x1578 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
22:59:16.0978 0x1578 hidserv - ok
22:59:17.0045 0x1578 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:59:17.0253 0x1578 HidUsb - ok
22:59:17.0301 0x1578 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
22:59:17.0392 0x1578 hkmsvc - ok
22:59:17.0428 0x1578 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:59:17.0509 0x1578 HomeGroupListener - ok
22:59:17.0558 0x1578 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:59:17.0774 0x1578 HomeGroupProvider - ok
22:59:17.0809 0x1578 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:59:17.0935 0x1578 HpSAMD - ok
22:59:18.0005 0x1578 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:59:18.0204 0x1578 HTTP - ok
22:59:18.0234 0x1578 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:59:18.0340 0x1578 hwpolicy - ok
22:59:18.0388 0x1578 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:59:18.0461 0x1578 i8042prt - ok
22:59:18.0513 0x1578 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:59:18.0630 0x1578 iaStorV - ok
22:59:18.0729 0x1578 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:59:18.0787 0x1578 idsvc - ok
22:59:18.0805 0x1578 IEEtwCollectorService - ok
22:59:18.0846 0x1578 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:59:18.0960 0x1578 iirsp - ok
22:59:19.0042 0x1578 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
22:59:19.0102 0x1578 IKEEXT - ok
22:59:19.0261 0x1578 InstallerService - ok
22:59:19.0308 0x1578 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
22:59:19.0382 0x1578 intelide - ok
22:59:19.0430 0x1578 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:59:19.0523 0x1578 intelppm - ok
22:59:19.0575 0x1578 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:59:19.0651 0x1578 IPBusEnum - ok
22:59:19.0666 0x1578 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:59:19.0782 0x1578 IpFilterDriver - ok
22:59:19.0855 0x1578 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:59:19.0937 0x1578 iphlpsvc - ok
22:59:19.0965 0x1578 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:59:20.0079 0x1578 IPMIDRV - ok
22:59:20.0089 0x1578 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:59:20.0243 0x1578 IPNAT - ok
22:59:20.0298 0x1578 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:59:20.0445 0x1578 IRENUM - ok
22:59:20.0471 0x1578 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:59:20.0564 0x1578 isapnp - ok
22:59:20.0612 0x1578 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:59:20.0731 0x1578 iScsiPrt - ok
22:59:20.0787 0x1578 [ C4C95805B85BCE1EB9D20F4A02FC5F9B, 0ED6A3004B0C5020223C2E1F70B7590C6772D5B272A0033679BC610E21EAE670 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
22:59:20.0855 0x1578 k57nd60x - ok
22:59:20.0894 0x1578 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:59:20.0989 0x1578 kbdclass - ok
22:59:21.0025 0x1578 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:59:21.0124 0x1578 kbdhid - ok
22:59:21.0140 0x1578 [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] KeyIso C:\Windows\system32\lsass.exe
22:59:21.0179 0x1578 KeyIso - ok
22:59:21.0215 0x1578 [ EF7A3616C7902A232FEDAAB886AA07C2, B739EA5840E09E32AEF23A414F1E74B33785189BC0F43E156F6321CC0FA5BC35 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:59:21.0342 0x1578 KSecDD - ok
22:59:21.0372 0x1578 [ 78EF4037997534DD08545416EF4438E2, ABB739F1BA59A1D88F94C0F6569E92DBCFA73109A4AD7678C2CAB14AEEDEDDCD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:59:21.0511 0x1578 KSecPkg - ok
22:59:21.0556 0x1578 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:59:21.0629 0x1578 KtmRm - ok
22:59:21.0665 0x1578 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
22:59:21.0734 0x1578 LanmanServer - ok
22:59:21.0755 0x1578 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:59:21.0825 0x1578 LanmanWorkstation - ok
22:59:21.0873 0x1578 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:59:21.0981 0x1578 lltdio - ok
22:59:22.0036 0x1578 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:59:22.0099 0x1578 lltdsvc - ok
22:59:22.0117 0x1578 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:59:22.0174 0x1578 lmhosts - ok
22:59:22.0214 0x1578 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:59:22.0280 0x1578 LSI_FC - ok
22:59:22.0331 0x1578 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:59:22.0473 0x1578 LSI_SAS - ok
22:59:22.0515 0x1578 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:59:22.0636 0x1578 LSI_SAS2 - ok
22:59:22.0668 0x1578 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:59:22.0817 0x1578 LSI_SCSI - ok
22:59:22.0863 0x1578 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
22:59:23.0047 0x1578 luafv - ok
22:59:23.0119 0x1578 [ EBEE7C1D4A0DBCCE5449252F2F2DDCB4, A039190A4EF3C94781F1EE573D8D0BC447B6362F601B4B0CD6545E97C35C6860 ] MBAMChameleon C:\Windows\system32\drivers\MBAMChameleon.sys
22:59:23.0199 0x1578 MBAMChameleon - ok
22:59:23.0268 0x1578 [ 1243CF7FC8E0E019CBC0FD5397F703BD, 6711DF4951AD1677B95E19D2BC4D2C1B4514BA4FD62A46E134268983336EAFCC ] MBAMFarflt C:\Windows\system32\drivers\farflt.sys
22:59:23.0356 0x1578 MBAMFarflt - ok
22:59:23.0397 0x1578 [ D9351F554ED0784764DB0564186906AE, C7DC59A8D528A9A2FCF592D20C20B40D4315B1C09E82A4C1D0B5C6807E8E7338 ] MBAMProtection C:\Windows\system32\drivers\mbam.sys
22:59:23.0531 0x1578 MBAMProtection - ok
22:59:23.0809 0x1578 [ ADED0E73F165B8353690F8055A51154D, BEED269D09723FE13A27A494E5CA9A0555142AE7647C97EB3E2C7AA111633A20 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
22:59:23.0991 0x1578 MBAMService - ok
22:59:24.0060 0x1578 [ 6FE70B9DCAD66449119E733C276F83E8, C1C030D975527A4EF38E6E376153C8FCF1C4B1398217A045062D187DF5D8097A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
22:59:24.0182 0x1578 MBAMSwissArmy - ok
22:59:24.0406 0x1578 [ A1B477478DAC0B5DC71EFE6B5EF9E921, 36EF4B0A80B7D68346434CCF1C53264DA3FB143962ED9795461AF47F873616CB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe
22:59:24.0448 0x1578 McComponentHostService - ok
22:59:24.0477 0x1578 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:59:24.0516 0x1578 Mcx2Svc - ok
22:59:24.0542 0x1578 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys
22:59:24.0648 0x1578 megasas - ok
22:59:24.0688 0x1578 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:59:24.0822 0x1578 MegaSR - ok
22:59:24.0988 0x1578 [ 0AF89452A8CE3928168F4E5B2208C68B, 571F1A9F1F0B31DB5FFAE7FB7F98C16958439D6666A9F2131B0F2E496BF3D2AC ] mi-raysat_3dsmax2010_32 C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
22:59:25.0007 0x1578 mi-raysat_3dsmax2010_32 - detected UnsignedFile.Multi.Generic ( 1 )
22:59:25.0171 0x1578 Detect skipped due to KSN trusted
22:59:25.0171 0x1578 mi-raysat_3dsmax2010_32 - ok
22:59:25.0498 0x1578 Microsoft SharePoint Workspace Audit Service - ok
22:59:25.0523 0x1578 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
22:59:25.0613 0x1578 MMCSS - ok
22:59:25.0627 0x1578 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
22:59:25.0724 0x1578 Modem - ok
22:59:25.0774 0x1578 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:59:25.0848 0x1578 monitor - ok
22:59:25.0883 0x1578 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:59:26.0128 0x1578 mouclass - ok
22:59:26.0164 0x1578 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:59:26.0334 0x1578 mouhid - ok
22:59:26.0384 0x1578 [ D1BDF813C9FE5ED53134EDF360927735, 0FC422513A9C98C32A90C7C5B2635DA6104C6425A2E2A8746B110A07AFB1B539 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:59:26.0452 0x1578 mountmgr - ok
22:59:26.0555 0x1578 [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:59:26.0592 0x1578 MozillaMaintenance - ok
22:59:26.0630 0x1578 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
22:59:26.0718 0x1578 mpio - ok
22:59:26.0751 0x1578 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:59:26.0864 0x1578 mpsdrv - ok
22:59:26.0930 0x1578 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:59:27.0013 0x1578 MpsSvc - ok
22:59:27.0059 0x1578 [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:59:27.0196 0x1578 MRxDAV - ok
22:59:27.0220 0x1578 [ 6284D46BAA301BEDB9AB7FA7672B2410, F998D17FEE497491CC3CF4711FB37E507D1A5B2E9B2E4D6001152EDB968A2D98 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:59:27.0292 0x1578 mrxsmb - ok
22:59:27.0342 0x1578 [ 78AD95493F015FA9941869A009C00286, EC075C44FE78249CA58B338EBC3905A020762571A27DBEDF32A41B2A84FDEAFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:59:27.0474 0x1578 mrxsmb10 - ok
22:59:27.0510 0x1578 [ D7C3ED1FD46FAC7083473D9B1718255E, BC4BFFDB4B044205A4A658701B7F0E9680C139A6A0141E333BE6D590F99D9D65 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:59:27.0624 0x1578 mrxsmb20 - ok
22:59:27.0667 0x1578 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
22:59:27.0748 0x1578 msahci - ok
22:59:27.0789 0x1578 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:59:27.0860 0x1578 msdsm - ok
22:59:27.0881 0x1578 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
22:59:27.0937 0x1578 MSDTC - ok
22:59:27.0964 0x1578 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:59:28.0093 0x1578 Msfs - ok
22:59:28.0124 0x1578 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:59:28.0175 0x1578 mshidkmdf - ok
22:59:28.0189 0x1578 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:59:28.0346 0x1578 msisadrv - ok
22:59:28.0400 0x1578 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:59:28.0465 0x1578 MSiSCSI - ok
22:59:28.0470 0x1578 msiserver - ok
22:59:28.0511 0x1578 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:59:28.0560 0x1578 MSKSSRV - ok
22:59:28.0577 0x1578 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:59:28.0633 0x1578 MSPCLOCK - ok
22:59:28.0646 0x1578 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:59:28.0697 0x1578 MSPQM - ok
22:59:28.0717 0x1578 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:59:28.0803 0x1578 MsRPC - ok
22:59:28.0827 0x1578 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:59:28.0954 0x1578 mssmbios - ok
22:59:28.0999 0x1578 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:59:29.0062 0x1578 MSTEE - ok
22:59:29.0096 0x1578 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:59:29.0295 0x1578 MTConfig - ok
22:59:29.0325 0x1578 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
22:59:29.0405 0x1578 Mup - ok
22:59:29.0442 0x1578 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
22:59:29.0518 0x1578 napagent - ok
22:59:29.0573 0x1578 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:59:29.0686 0x1578 NativeWifiP - ok
22:59:29.0831 0x1578 [ DF1A606A45C5280BD2DEFEFC17311489, 690656E73211BF34A1A839EAAA6B090D66040773228506C571E40699CB4927F4 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
22:59:29.0886 0x1578 NAUpdate - ok
22:59:29.0962 0x1578 [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:59:30.0125 0x1578 NDIS - ok
22:59:30.0175 0x1578 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:59:30.0538 0x1578 NdisCap - ok
22:59:30.0775 0x1578 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:59:31.0235 0x1578 NdisTapi - ok
22:59:31.0356 0x1578 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:59:31.0463 0x1578 Ndisuio - ok
22:59:31.0515 0x1578 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:59:31.0668 0x1578 NdisWan - ok
22:59:31.0705 0x1578 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:59:31.0847 0x1578 NDProxy - ok
22:59:31.0895 0x1578 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:59:32.0071 0x1578 NetBIOS - ok
22:59:32.0118 0x1578 [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:59:32.0298 0x1578 NetBT - ok
22:59:32.0341 0x1578 [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] Netlogon C:\Windows\system32\lsass.exe
22:59:32.0389 0x1578 Netlogon - ok
22:59:32.0450 0x1578 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
22:59:32.0544 0x1578 Netman - ok
22:59:32.0857 0x1578 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:59:32.0904 0x1578 NetMsmqActivator - ok
22:59:32.0928 0x1578 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:59:32.0964 0x1578 NetPipeActivator - ok
22:59:32.0998 0x1578 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
22:59:33.0062 0x1578 netprofm - ok
22:59:33.0069 0x1578 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:59:33.0105 0x1578 NetTcpActivator - ok
22:59:33.0113 0x1578 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:59:33.0148 0x1578 NetTcpPortSharing - ok
22:59:33.0352 0x1578 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
22:59:33.0708 0x1578 netw5v32 - ok
22:59:33.0765 0x1578 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:59:33.0872 0x1578 nfrd960 - ok
22:59:33.0953 0x1578 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:59:34.0013 0x1578 NlaSvc - ok
22:59:34.0028 0x1578 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:59:34.0111 0x1578 Npfs - ok
22:59:34.0150 0x1578 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
22:59:34.0203 0x1578 nsi - ok
22:59:34.0238 0x1578 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:59:34.0373 0x1578 nsiproxy - ok
22:59:34.0459 0x1578 [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:59:34.0589 0x1578 Ntfs - ok
22:59:34.0626 0x1578 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
22:59:34.0719 0x1578 Null - ok
22:59:34.0801 0x1578 [ FBEC0FD36ED61EFEE1E3063281EAB984, AE4BC81897FDDE6EBEE7A9A3C9252A8E454B80831A853F9D1DCC0C2F8FA7DAAC ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
22:59:34.0903 0x1578 NVHDA - ok
22:59:35.0311 0x1578 [ 61B13F70B75EE35526549CFEE7850613, 07E8E593188F4A971FDE7D30F4B401A966944CFC268852A35D428C635370BB78 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:59:35.0932 0x1578 nvlddmkm - ok
22:59:36.0009 0x1578 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:59:36.0074 0x1578 nvraid - ok
22:59:36.0098 0x1578 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:59:36.0190 0x1578 nvstor - ok
22:59:36.0268 0x1578 [ FAEFC55E4F7CED7DE6CB9EE5BC8827F9, 0ECC007D8138032B80CD00DD5C329691BC9408EE711DC7E69B263CADECE6B4DA ] nvsvc C:\Windows\system32\nvvsvc.exe
22:59:36.0319 0x1578 nvsvc - ok
22:59:36.0553 0x1578 [ 4BAE67FFDC0E1AE2B4FB5FC21F07B65C, 7F2F8B5CA7B175A1F9B4C77B6512FD7F6FD2DBC14175631E2E342A52B5EC0730 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:59:36.0623 0x1578 nvUpdatusService - ok
22:59:36.0655 0x1578 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:59:36.0722 0x1578 nv_agp - ok
22:59:36.0730 0x1578 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:59:36.0784 0x1578 ohci1394 - ok
22:59:36.0927 0x1578 [ AC0F1B7B71D9D435EC33456F7EDF6FF1, 8FEFF5F99F1AFF21CF9415D4BF26936EF3A7347DA06F30ADD1DD1B14916F2585 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:59:36.0973 0x1578 ose - ok
22:59:37.0372 0x1578 [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:59:37.0535 0x1578 osppsvc - ok
22:59:37.0613 0x1578 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:59:37.0718 0x1578 p2pimsvc - ok
22:59:37.0748 0x1578 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
22:59:37.0796 0x1578 p2psvc - ok
22:59:37.0818 0x1578 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\drivers\parport.sys
22:59:37.0880 0x1578 Parport - ok
22:59:37.0916 0x1578 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:59:38.0036 0x1578 partmgr - ok
22:59:38.0063 0x1578 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:59:38.0143 0x1578 Parvdm - ok
22:59:38.0167 0x1578 [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:59:38.0212 0x1578 PcaSvc - ok
22:59:38.0253 0x1578 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
22:59:38.0347 0x1578 pci - ok
22:59:38.0376 0x1578 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
22:59:38.0523 0x1578 pciide - ok
22:59:38.0552 0x1578 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:59:38.0671 0x1578 pcmcia - ok
22:59:38.0702 0x1578 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
22:59:38.0781 0x1578 pcw - ok
22:59:38.0859 0x1578 [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:59:38.0997 0x1578 PEAUTH - ok
22:59:39.0068 0x1578 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:59:39.0165 0x1578 PeerDistSvc - ok
22:59:39.0250 0x1578 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
22:59:39.0358 0x1578 pla - ok
22:59:39.0408 0x1578 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:59:39.0463 0x1578 PlugPlay - ok
22:59:39.0504 0x1578 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:59:39.0580 0x1578 PNRPAutoReg - ok
22:59:39.0609 0x1578 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:59:39.0669 0x1578 PNRPsvc - ok
22:59:39.0700 0x1578 [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:59:39.0789 0x1578 PolicyAgent - ok
22:59:39.0902 0x1578 [ 4671F353D0DF74C3B0D2D00DE676F56C, 0F75009DD36B2E18212CE855FB7CA7D273E5749D8F2F451655ED81AA5E86BA9F ] postgresql-8.4 c:\postgreSQL\bin\pg_ctl.exe
22:59:39.0920 0x1578 postgresql-8.4 - detected UnsignedFile.Multi.Generic ( 1 )
22:59:40.0180 0x1578 Detect skipped due to KSN trusted
22:59:40.0180 0x1578 postgresql-8.4 - ok
22:59:40.0236 0x1578 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
22:59:40.0310 0x1578 Power - ok
22:59:40.0427 0x1578 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:59:40.0538 0x1578 PptpMiniport - ok
22:59:40.0580 0x1578 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys
22:59:40.0746 0x1578 Processor - ok
22:59:40.0808 0x1578 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
22:59:40.0985 0x1578 ProfSvc - ok
22:59:41.0008 0x1578 [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:59:41.0047 0x1578 ProtectedStorage - ok
22:59:41.0096 0x1578 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:59:41.0279 0x1578 Psched - ok
22:59:41.0365 0x1578 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:59:41.0529 0x1578 ql2300 - ok
22:59:41.0580 0x1578 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:59:41.0703 0x1578 ql40xx - ok
22:59:41.0746 0x1578 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
22:59:41.0803 0x1578 QWAVE - ok
22:59:41.0833 0x1578 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:59:41.0935 0x1578 QWAVEdrv - ok
22:59:41.0969 0x1578 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:59:42.0093 0x1578 RasAcd - ok
22:59:42.0135 0x1578 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:59:42.0234 0x1578 RasAgileVpn - ok
22:59:42.0283 0x1578 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
22:59:42.0346 0x1578 RasAuto - ok
22:59:42.0360 0x1578 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:59:42.0445 0x1578 Rasl2tp - ok
22:59:42.0481 0x1578 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
22:59:42.0555 0x1578 RasMan - ok
22:59:42.0581 0x1578 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:59:42.0693 0x1578 RasPppoe - ok
22:59:42.0716 0x1578 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:59:42.0822 0x1578 RasSstp - ok
22:59:42.0858 0x1578 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:59:42.0947 0x1578 rdbss - ok
22:59:42.0977 0x1578 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:59:43.0072 0x1578 rdpbus - ok
22:59:43.0110 0x1578 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:59:43.0198 0x1578 RDPCDD - ok
22:59:43.0227 0x1578 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:59:43.0315 0x1578 RDPDR - ok
22:59:43.0359 0x1578 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:59:43.0452 0x1578 RDPENCDD - ok
22:59:43.0490 0x1578 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:59:43.0605 0x1578 RDPREFMP - ok
22:59:43.0653 0x1578 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:59:43.0760 0x1578 RDPWD - ok
22:59:43.0803 0x1578 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:59:43.0908 0x1578 rdyboost - ok
22:59:43.0951 0x1578 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:59:44.0015 0x1578 RemoteAccess - ok
22:59:44.0043 0x1578 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:59:44.0110 0x1578 RemoteRegistry - ok
22:59:44.0130 0x1578 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:59:44.0185 0x1578 RpcEptMapper - ok
22:59:44.0191 0x1578 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
22:59:44.0238 0x1578 RpcLocator - ok
22:59:44.0282 0x1578 [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs C:\Windows\system32\rpcss.dll
22:59:44.0330 0x1578 RpcSs - ok
22:59:44.0371 0x1578 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:59:44.0476 0x1578 rspndr - ok
22:59:44.0521 0x1578 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:59:44.0628 0x1578 s3cap - ok
22:59:44.0653 0x1578 [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] SamSs C:\Windows\system32\lsass.exe
22:59:44.0688 0x1578 SamSs - ok
22:59:44.0747 0x1578 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:59:44.0837 0x1578 sbp2port - ok
22:59:44.0893 0x1578 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:59:44.0979 0x1578 SCardSvr - ok
22:59:45.0050 0x1578 [ 3A7A6695EFC90E7A43C7216FC0658166, A5258FAB3506C29EBC5D7615564D6A41F01EF857D5ADCE47DCD88D9DE991593C ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
22:59:45.0162 0x1578 SCDEmu - ok
22:59:45.0202 0x1578 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:59:45.0295 0x1578 scfilter - ok
22:59:45.0386 0x1578 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
22:59:45.0500 0x1578 Schedule - ok
22:59:45.0530 0x1578 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:59:45.0582 0x1578 SCPolicySvc - ok
22:59:45.0612 0x1578 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:59:45.0678 0x1578 SDRSVC - ok
22:59:45.0712 0x1578 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:59:45.0839 0x1578 secdrv - ok
22:59:45.0871 0x1578 [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon C:\Windows\system32\seclogon.dll
22:59:45.0957 0x1578 seclogon - ok
22:59:45.0980 0x1578 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
22:59:46.0037 0x1578 SENS - ok
22:59:46.0053 0x1578 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:59:46.0113 0x1578 SensrSvc - ok
22:59:46.0134 0x1578 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:59:46.0231 0x1578 Serenum - ok
22:59:46.0277 0x1578 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\drivers\serial.sys
22:59:46.0379 0x1578 Serial - ok
22:59:46.0406 0x1578 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:59:46.0488 0x1578 sermouse - ok
22:59:46.0544 0x1578 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
22:59:46.0621 0x1578 SessionEnv - ok
22:59:46.0665 0x1578 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:59:46.0789 0x1578 sffdisk - ok
22:59:46.0815 0x1578 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:59:46.0908 0x1578 sffp_mmc - ok
22:59:46.0939 0x1578 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:59:47.0019 0x1578 sffp_sd - ok
22:59:47.0040 0x1578 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:59:47.0135 0x1578 sfloppy - ok
22:59:47.0178 0x1578 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:59:47.0238 0x1578 SharedAccess - ok
22:59:47.0275 0x1578 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:59:47.0337 0x1578 ShellHWDetection - ok
22:59:47.0371 0x1578 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:59:47.0489 0x1578 sisagp - ok
22:59:47.0525 0x1578 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:59:47.0616 0x1578 SiSRaid2 - ok
22:59:47.0695 0x1578 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:59:47.0763 0x1578 SiSRaid4 - ok
22:59:47.0896 0x1578 [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:59:47.0960 0x1578 SkypeUpdate - ok
22:59:47.0996 0x1578 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:59:48.0124 0x1578 Smb - ok
22:59:48.0170 0x1578 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:59:48.0222 0x1578 SNMPTRAP - ok
22:59:48.0259 0x1578 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
22:59:48.0322 0x1578 spldr - ok
22:59:48.0376 0x1578 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
22:59:48.0456 0x1578 Spooler - ok
22:59:48.0594 0x1578 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
22:59:48.0809 0x1578 sppsvc - ok
22:59:48.0849 0x1578 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:59:48.0917 0x1578 sppuinotify - ok
22:59:48.0964 0x1578 [ D86EA722F3337AA3F0253B6E359E6796, BA4C2DF629CBECFA1C1D589FFA6AEF8C5853C427B6B007793FD432B4AA8DA593 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:59:49.0206 0x1578 srv - ok
22:59:49.0254 0x1578 [ 1931823AC05967E5F79B791E9FFC2398, 255E6278F476F1D488199B0AD2004C3860CC74971AC3C0AB4B1DB4E42B329E94 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:59:49.0382 0x1578 srv2 - ok
22:59:49.0431 0x1578 [ 50A2FC7B0408F15B77E056076BBB6252, 801AD15B4CDFC09EE4909B7180A5CE562D54D4F08A9C0B7D9CA067ADC42A6C9D ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:59:49.0499 0x1578 srvnet - ok
22:59:49.0558 0x1578 [ BB6EDB0257860083193CC1581AC7D485, DE2A6AA57C48D4FACF155C2FD876D5F3238A9107F8313FB3D0BF7CE34B0ED559 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
22:59:49.0592 0x1578 ssadbus - ok
22:59:49.0627 0x1578 [ 5BCB68F7B62159C07789D3F405750623, 5363AC26FDD7114BB23F09F79541A691FF6E140C4B802F5AE284BCE5F623D5E0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:59:49.0655 0x1578 ssadmdfl - ok
22:59:49.0678 0x1578 [ 1588A89F9CD9E68DE9FCC9F60FDB5C08, E2E547A0AC10DAA55029500052D89A7FB124FFBE7742F16AD41B857890AED50F ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
22:59:49.0711 0x1578 ssadmdm - ok
22:59:49.0749 0x1578 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:59:49.0832 0x1578 SSDPSRV - ok
22:59:49.0859 0x1578 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:59:49.0943 0x1578 SstpSvc - ok
22:59:49.0999 0x1578 [ 5EE6503C932CB79B493E4B4D8E23D219, 51DC712611E21F5CF3ED2322A146E167769D082E826B82601471CF782090E8B5 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
22:59:50.0033 0x1578 ssudmdm - ok
22:59:50.0049 0x1578 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:59:50.0167 0x1578 stexstor - ok
22:59:50.0240 0x1578 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
22:59:50.0315 0x1578 StiSvc - ok
22:59:50.0336 0x1578 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:59:50.0368 0x1578 storflt - ok
22:59:50.0412 0x1578 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
22:59:50.0469 0x1578 StorSvc - ok
22:59:50.0496 0x1578 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:59:50.0566 0x1578 storvsc - ok
22:59:50.0606 0x1578 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:59:50.0635 0x1578 swenum - ok
22:59:50.0665 0x1578 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
22:59:50.0729 0x1578 swprv - ok
22:59:50.0845 0x1578 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
22:59:50.0955 0x1578 SysMain - ok
22:59:50.0984 0x1578 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
22:59:51.0028 0x1578 TabletInputService - ok
22:59:51.0070 0x1578 [ 04DC29C212EF0F9CD27E2BBC2138987B, B6863E9A02CEEA2449B7D45EE3799FF2174230A5CAF670450C6CF021FAC51113 ] tapexpressvpn C:\Windows\system32\DRIVERS\tapexpressvpn.sys
22:59:51.0344 0x1578 tapexpressvpn - ok
22:59:51.0424 0x1578 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
22:59:51.0608 0x1578 TapiSrv - ok
22:59:51.0716 0x1578 [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:59:51.0884 0x1578 Tcpip - ok
22:59:52.0004 0x1578 [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:59:52.0103 0x1578 TCPIP6 - ok
22:59:52.0172 0x1578 [ A4BF8BE9D1F7D563C7868AC7B2561545, E3C2FFE53373E5255DC388E0C81CCE965E432EFAF52C85B5B3B3918815114073 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:59:52.0346 0x1578 tcpipreg - ok
22:59:52.0393 0x1578 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:59:52.0468 0x1578 TDPIPE - ok
22:59:52.0508 0x1578 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:59:52.0641 0x1578 TDTCP - ok
22:59:52.0689 0x1578 [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:59:52.0790 0x1578 tdx - ok
22:59:53.0090 0x1578 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer C:\Program Files\TeamViewer\TeamViewer_Service.exe
22:59:53.0361 0x1578 TeamViewer - ok
22:59:53.0444 0x1578 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:59:53.0516 0x1578 TermDD - ok
22:59:53.0580 0x1578 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
22:59:53.0667 0x1578 TermService - ok
22:59:53.0709 0x1578 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
22:59:53.0761 0x1578 Themes - ok
22:59:53.0778 0x1578 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
22:59:53.0830 0x1578 THREADORDER - ok
22:59:53.0855 0x1578 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
22:59:53.0913 0x1578 TrkWks - ok
22:59:54.0245 0x1578 [ B85563A02B41BDD9943B06D53630467E, 677B0FEE084A2C088650E6188326073649A975CC76A5F2E63E4264A54D1B7548 ] TrueKey C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
22:59:54.0301 0x1578 TrueKey - ok
22:59:54.0346 0x1578 [ 88221CA6C80E5043F4A1824F6C63679E, 9C6CCD241B349F4127B943C2483A24AED04407AA39AE5180A2361D716ED852FD ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
22:59:54.0374 0x1578 TrueKeyScheduler - ok
22:59:54.0530 0x1578 [ AEBEF3C5DB348DB2CDF8B48BA4D9A1D1, 48A3FC37957944EBE0B8C280560DEC40538BD98BB4981DAF02DE45E629946042 ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
22:59:54.0578 0x1578 TrueKeyServiceHelper - ok
22:59:54.0676 0x1578 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:59:54.0736 0x1578 TrustedInstaller - ok
22:59:54.0775 0x1578 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:59:54.0886 0x1578 tssecsrv - ok
22:59:54.0930 0x1578 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:59:55.0028 0x1578 TsUsbFlt - ok
22:59:55.0055 0x1578 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:59:55.0127 0x1578 TsUsbGD - ok
22:59:55.0177 0x1578 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:59:55.0260 0x1578 tunnel - ok
22:59:55.0288 0x1578 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:59:55.0413 0x1578 uagp35 - ok
22:59:55.0461 0x1578 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:59:55.0598 0x1578 udfs - ok
22:59:55.0656 0x1578 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:59:55.0706 0x1578 UI0Detect - ok
22:59:55.0755 0x1578 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:59:55.0840 0x1578 uliagpkx - ok
22:59:55.0888 0x1578 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:59:55.0989 0x1578 umbus - ok
22:59:56.0021 0x1578 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:59:56.0146 0x1578 UmPass - ok
22:59:56.0198 0x1578 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
22:59:56.0414 0x1578 UmRdpService - ok
22:59:56.0518 0x1578 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
22:59:56.0724 0x1578 upnphost - ok
22:59:57.0234 0x1578 [ 325A69967CC7B4BFB170F5636143A94A, E0341360827B9B3E244F24D0BC01D3B3C0CC97E232A361960849F799A16AD540 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
22:59:57.0394 0x1578 usbccgp - ok
22:59:57.0456 0x1578 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:59:57.0632 0x1578 usbcir - ok
22:59:57.0677 0x1578 [ 5D57798CAE5A0DD0B8F61C52B8E7C3D1, 5097997508E1406AD5B018C5006D82F8BFC7B157C6CAF1B4D80C7D6DB722A77A ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:59:57.0820 0x1578 usbehci - ok
22:59:57.0897 0x1578 [ 3835ECC1E928042F92D7AA1963D40523, 60237CB8C3F935544006621255FFD53C9E09C0AF4741D0C50968CB4D647336D5 ] usbhub C:\Windows\system32\drivers\usbhub.sys
22:59:58.0022 0x1578 usbhub - ok
22:59:58.0041 0x1578 [ 81E1E90305A4C7A13BADC5DFA22ABA37, 9EF3F5CD2FCF22A5BCC668778C8340D8C80719E9B43FB6C4484BFC98280B8BD9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:59:58.0156 0x1578 usbohci - ok
22:59:58.0221 0x1578 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:59:58.0398 0x1578 usbprint - ok
22:59:58.0472 0x1578 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:59:58.0646 0x1578 usbscan - ok
22:59:58.0675 0x1578 [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
22:59:58.0816 0x1578 USBSTOR - ok
22:59:58.0856 0x1578 [ B4A1789BE90403D9549EF9DBAD37A429, 1F590F8DE0081953B944A076FFEB5FF3BCF7E2BEE4ABD97236A29C00B9242163 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:59:58.0942 0x1578 usbuhci - ok
22:59:59.0014 0x1578 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:59:59.0073 0x1578 usbvideo - ok
22:59:59.0112 0x1578 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
22:59:59.0172 0x1578 UxSms - ok
22:59:59.0198 0x1578 [ 4E568DBE3FFF1A0025EB432DC929B78F, 26F36CA31A1B977685F8DF5F8436848B7D4143B47EC0DAE68F8382C1B52A6C71 ] VaultSvc C:\Windows\system32\lsass.exe
22:59:59.0234 0x1578 VaultSvc - ok
22:59:59.0287 0x1578 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:59:59.0432 0x1578 vdrvroot - ok
22:59:59.0474 0x1578 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
22:59:59.0560 0x1578 vds - ok
22:59:59.0593 0x1578 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:59:59.0685 0x1578 vga - ok
22:59:59.0713 0x1578 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:59:59.0815 0x1578 VgaSave - ok
22:59:59.0854 0x1578 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:59:59.0933 0x1578 vhdmp - ok
22:59:59.0963 0x1578 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:00:00.0062 0x1578 viaagp - ok
23:00:00.0096 0x1578 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:00:00.0223 0x1578 ViaC7 - ok
23:00:00.0265 0x1578 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
23:00:00.0390 0x1578 viaide - ok
23:00:00.0432 0x1578 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:00:00.0477 0x1578 vmbus - ok
23:00:00.0506 0x1578 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:00:00.0589 0x1578 VMBusHID - ok
23:00:00.0611 0x1578 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:00:00.0692 0x1578 volmgr - ok
23:00:00.0725 0x1578 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:00:00.0782 0x1578 volmgrx - ok
23:00:00.0811 0x1578 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:00:00.0891 0x1578 volsnap - ok
23:00:00.0932 0x1578 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:00:01.0062 0x1578 vsmraid - ok
23:00:01.0145 0x1578 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
23:00:01.0230 0x1578 VSS - ok
23:00:01.0261 0x1578 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:00:01.0331 0x1578 vwifibus - ok
23:00:01.0368 0x1578 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
23:00:01.0430 0x1578 W32Time - ok
23:00:01.0455 0x1578 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:00:01.0490 0x1578 WacomPen - ok
23:00:01.0523 0x1578 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:00:01.0745 0x1578 WANARP - ok
23:00:01.0754 0x1578 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:00:01.0820 0x1578 Wanarpv6 - ok
23:00:01.0913 0x1578 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:00:01.0987 0x1578 WatAdminSvc - ok
23:00:02.0060 0x1578 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
23:00:02.0146 0x1578 wbengine - ok
23:00:02.0176 0x1578 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:00:02.0225 0x1578 WbioSrvc - ok
23:00:02.0246 0x1578 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:00:02.0297 0x1578 wcncsvc - ok
23:00:02.0321 0x1578 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:00:02.0360 0x1578 WcsPlugInService - ok
23:00:02.0384 0x1578 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys
23:00:02.0443 0x1578 Wd - ok
23:00:02.0494 0x1578 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:00:02.0604 0x1578 Wdf01000 - ok
23:00:02.0665 0x1578 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:00:02.0747 0x1578 WdiServiceHost - ok
23:00:02.0754 0x1578 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:00:02.0794 0x1578 WdiSystemHost - ok
23:00:02.0832 0x1578 [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient C:\Windows\System32\webclnt.dll
23:00:02.0878 0x1578 WebClient - ok
23:00:02.0918 0x1578 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:00:02.0983 0x1578 Wecsvc - ok
23:00:02.0997 0x1578 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:00:03.0051 0x1578 wercplsupport - ok
23:00:03.0092 0x1578 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
23:00:03.0149 0x1578 WerSvc - ok
23:00:03.0184 0x1578 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:00:03.0298 0x1578 WfpLwf - ok
23:00:03.0324 0x1578 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:00:03.0381 0x1578 WIMMount - ok
23:00:03.0470 0x1578 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:00:03.0562 0x1578 WinDefend - ok
23:00:03.0576 0x1578 WinHttpAutoProxySvc - ok
23:00:03.0642 0x1578 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:00:03.0716 0x1578 Winmgmt - ok
23:00:03.0824 0x1578 [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM C:\Windows\system32\WsmSvc.dll
23:00:03.0901 0x1578 WinRM - ok
23:00:04.0020 0x1578 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
23:00:04.0089 0x1578 WinUsb - ok
23:00:04.0141 0x1578 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:00:04.0210 0x1578 Wlansvc - ok
23:00:04.0360 0x1578 [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:00:04.0442 0x1578 wlidsvc - ok
23:00:04.0468 0x1578 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:00:04.0551 0x1578 WmiAcpi - ok
23:00:04.0609 0x1578 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:00:04.0653 0x1578 wmiApSrv - ok
23:00:04.0746 0x1578 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:00:04.0873 0x1578 WMPNetworkSvc - ok
23:00:04.0902 0x1578 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:00:04.0991 0x1578 WPCSvc - ok
23:00:05.0013 0x1578 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:00:05.0067 0x1578 WPDBusEnum - ok
23:00:05.0084 0x1578 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:00:05.0167 0x1578 ws2ifsl - ok
23:00:05.0202 0x1578 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
23:00:05.0246 0x1578 wscsvc - ok
23:00:05.0294 0x1578 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
23:00:05.0375 0x1578 WSDPrintDevice - ok
23:00:05.0381 0x1578 WSearch - ok
23:00:05.0526 0x1578 [ FAC7617DD8A8CCCBBB9D36C39AFA5ABE, 64BB658523F4610B6D092BD390D24307F0A545ABA5C78B5DB50B7AA9E65C6A51 ] wuauserv C:\Windows\system32\wuaueng.dll
23:00:05.0717 0x1578 wuauserv - ok
23:00:05.0777 0x1578 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:00:05.0935 0x1578 WudfPf - ok
23:00:05.0989 0x1578 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:00:06.0105 0x1578 WUDFRd - ok
23:00:06.0142 0x1578 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:00:06.0190 0x1578 wudfsvc - ok
23:00:06.0229 0x1578 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
23:00:06.0526 0x1578 WwanSvc - ok
23:00:06.0563 0x1578 ================ Scan global ===============================
23:00:06.0610 0x1578 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
23:00:06.0651 0x1578 [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
23:00:06.0672 0x1578 [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
23:00:06.0705 0x1578 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
23:00:06.0752 0x1578 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
23:00:06.0764 0x1578 [ Global ] - ok
23:00:06.0765 0x1578 ================ Scan MBR ==================================
23:00:06.0776 0x1578 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:00:07.0497 0x1578 \Device\Harddisk0\DR0 - ok
23:00:07.0498 0x1578 ================ Scan VBR ==================================
23:00:07.0501 0x1578 [ 399558CE8A277B92DDC89DAD578D0577 ] \Device\Harddisk0\DR0\Partition1
23:00:07.0502 0x1578 \Device\Harddisk0\DR0\Partition1 - ok
23:00:07.0506 0x1578 [ B43B27EF253BAF27CF6DCC0CBC4BFC06 ] \Device\Harddisk0\DR0\Partition2
23:00:07.0508 0x1578 \Device\Harddisk0\DR0\Partition2 - ok
23:00:07.0508 0x1578 ================ Scan generic autorun ======================
23:00:07.0595 0x1578 [ FDB2FB392B20797AF3F4ED9D7699938E, 6814A1AE133DD95BF1D189B4BE89B5463939067C9C7E14DC70828481300EC086 ] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
23:00:07.0645 0x1578 KiesTrayAgent - ok
23:00:07.0723 0x1578 [ ADDC85E83BE3CB8F317AD4B27AD5B755, C00860715774F26DD3B7F273388FFD043345368265D9FD6ED4CDAD713CDC5337 ] C:\Program Files\File Association Helper\FAHConsole.exe
23:00:07.0770 0x1578 FAHConsole - ok
23:00:07.0886 0x1578 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
23:00:07.0929 0x1578 HP Software Update - ok
23:00:08.0100 0x1578 [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
23:00:08.0143 0x1578 AdobeAAMUpdater-1.0 - ok
23:00:08.0348 0x1578 [ FF568C146B9D2C2EE86DBEB1784DD739, 2BB426476650B3ADBB066D0D3ABC233629E25ADE9DCE7CD2630FAED4B08CAA5D ] C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
23:00:08.0525 0x1578 Adobe Creative Cloud - ok
23:00:08.0579 0x1578 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
23:00:08.0607 0x1578 APSDaemon - ok
23:00:08.0690 0x1578 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files\QuickTime\QTTask.exe
23:00:08.0730 0x1578 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
23:00:08.0962 0x1578 Detect skipped due to KSN trusted
23:00:08.0962 0x1578 QuickTime Task - ok
23:00:09.0069 0x1578 [ C8D2344DAED56FCE1504D006669F2F34, 4BD6D75E94D7171D9248BBFA3696C53317FBEEA556396564B60B9A84E374B465 ] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
23:00:09.0119 0x1578 DivXMediaServer - ok
23:00:09.0266 0x1578 [ 16AFB34618E1286FF856DC600AC49C79, 431EC110507685A0F4472EAE35383B4C1E3DC0B56E01CDECFB18F753181DC995 ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe
23:00:09.0348 0x1578 DivXUpdate - ok
23:00:09.0838 0x1578 [ CE99AA11D0274BE5BDEF3991508852E9, C129B50010508603C6F2CDB4442ACA4E7FC6CD44DBDB6153D5E1D37E1BC32036 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
23:00:10.0157 0x1578 AvastUI.exe - ok
23:00:10.0497 0x1578 [ E2CB8918F91D39E24C4A488ED9F22325, F674C9AEECC6D2553E952B4D51BECEA3B18FA5AB191276FCA8D0434015971F67 ] C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe
23:00:10.0641 0x1578 Acrobat Assistant 8.0 - ok
23:00:10.0910 0x1578 [ 659474582C6E060DBD8FFFF97DC892C5, FC745E95CF237DDA55CED0FA4A882A0C318F270E93AEA2F049C11D663B60D892 ] C:\Program Files\Samsung\Kies\Kies.exe
23:00:10.0989 0x1578 KiesPreload - ok
23:00:11.0308 0x1578 [ 760ACD103FFB86AD65DC41CDEB08ABCF, 518DBEA24FB54D54BD17E0940ADD49134525D161A62C2E9D71FD876CE3E97D7B ] C:\Program Files\Samsung\Kies\KiesAirMessage.exe
23:00:11.0378 0x1578 KiesAirMessage - detected UnsignedFile.Multi.Generic ( 1 )
23:00:11.0694 0x1578 Detect skipped due to KSN trusted
23:00:11.0694 0x1578 KiesAirMessage - ok
23:00:11.0937 0x1578 [ 8C4831908D861DC243376CA401F8ABED, 9CFAA8DF8E877536359A229751C12F0BFA60788693EB7EF919C18D25F703F592 ] C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
23:00:12.0159 0x1578 DAEMON Tools Ultra Agent - ok
23:00:12.0446 0x1578 [ 10DF21BBF04806E18C60E59C56419639, 2F319DA9FAF46872A17207C57C66ECA1B843B3AB88063A2D672CD66D806DA8B8 ] C:\Program Files\Gyazo\GyStation.exe
23:00:12.0720 0x1578 Gyazo - ok
23:00:13.0057 0x1578 [ 3D01BD151A423F6B7D89970E42E31E46, CA1B7619A387E94A033D3143B782DEEC30C9F9E528B52822E7CB35D1C617F349 ] C:\Program Files\CCleaner\CCleaner.exe
23:00:13.0494 0x1578 CCleaner Monitoring - ok
23:00:13.0797 0x1578 [ 4051D06231AEA1CC31F0EA14095637F1, 87DB4C3CF0457E5D94CA34C63D91CB3AACC972E36CC269570C8567FEFD0A6C0C ] C:\Users\Pat\AppData\Roaming\Smilebox\SmileboxTray.exe
23:00:13.0848 0x1578 SmileboxTray - ok
23:00:13.0980 0x1578 [ A99B7DE06B566967A562325FB5CDCBF5, D729E91E6B811E84254B3C50E5C9E3C43A4D834E88C43B67ACD68B9F243A765D ] C:\Program Files\ExpressVPN\xvpn-ui\ExpressVpn.exe
23:00:14.0055 0x1578 ExpressVPN4 - ok
23:00:14.0141 0x1578 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:00:14.0260 0x1578 Sidebar - ok
23:00:14.0313 0x1578 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
23:00:14.0355 0x1578 mctadmin - ok
23:00:14.0419 0x1578 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:00:14.0483 0x1578 Sidebar - ok
23:00:14.0491 0x1578 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
23:00:14.0533 0x1578 mctadmin - ok
23:00:14.0540 0x1578 Waiting for KSN requests completion. In queue: 153
23:00:15.0786 0x1578 AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41000 ( enabled : updated )
23:00:15.0829 0x1578 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.138 ), 0x61000 ( enabled : updated )
23:00:15.0868 0x1578 Win FW state via NFP2: enabled ( trusted )
23:00:16.0032 0x1578 ============================================================
23:00:16.0032 0x1578 Scan finished
23:00:16.0032 0x1578 ============================================================
23:00:16.0045 0x116c Detected object count: 0
23:00:16.0045 0x116c Actual detected object count: 0
23:00:52.0037 0x136c Deinitialize success

--- Update ---

net een crash dump gehad en gisteren oo..zie je fouten in mijn systeem?
 
Geen rootkits - mooi.

Download
51c590ce361e7-ComboFix_resized_2.png
ComboFix via n van deze locaties:
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!

Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
ComboFix opstarten:
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op ComboFix.exe en kies voor "Als Administrator uitvoeren".
ComboFix is opgestart:
  • Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
  • Combofix sluit tijdens de scan de internet verbinding probeer deze tussentijds niet te herstellen!
  • Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
  • Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
  • Post de inhoud van dit logbestand via DDRMMR's kleurcodeerder in je volgende bericht.
  • Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt
Belangrijke opmerking:
  • Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Start dan de computer opnieuw op.
 
ComboFix 17-01-29.01 - Pat 02/23/2017 16:23:48.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.3067.1382 [GMT 1:00]
Gestart vanuit: c:\users\Pat\Desktop\ComboFix.exe
AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\Public\Desktop\Download Cebas Thinking...lnk
c:\windows\msdownld.tmp
c:\windows\system32\AdobePDF.dll
c:\windows\system32\DEBUG.log
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2017-01-23 to 2017-02-23 ))))))))))))))))))))))))))))))
.
.
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\templates\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\Sounds\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\Public\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\profiles\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\postgres\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\MQL4\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\history\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\Gast\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-02-23 15:45 . 2017-02-23 15:45 -------- d-----w- c:\users\config\AppData\Local\temp
2017-02-23 15:30 . 2017-02-23 15:57 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F4DB87E-3C7E-4DBF-A1A5-5EBAD4B81ED9}\offreg.dll
2017-02-22 08:13 . 2017-02-23 15:49 152512 ----a-w- c:\windows\system32\drivers\MBAMChameleon.sys
2017-02-22 08:12 . 2017-02-23 15:49 94656 ----a-w- c:\windows\system32\drivers\farflt.sys
2017-02-22 08:12 . 2017-02-22 18:25 63264 ----a-w- c:\windows\system32\drivers\mwac.sys
2017-02-22 08:12 . 2017-02-23 15:49 39360 ----a-w- c:\windows\system32\drivers\mbam.sys
2017-02-22 08:11 . 2017-02-23 15:49 219584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-02-22 08:11 . 2017-01-20 06:47 59976 ----a-w- c:\windows\system32\drivers\mbae.sys
2017-02-22 08:10 . 2017-02-22 08:10 -------- d-----w- c:\program files\Malwarebytes
2017-02-21 10:28 . 2017-02-21 10:29 -------- d-----w- c:\program files\Speccy
2017-02-21 08:39 . 2017-02-21 08:39 -------- d-----w- c:\program files\Common Files\Skype
2017-02-21 08:39 . 2017-02-21 08:39 -------- d-----r- c:\program files\Skype
2017-02-20 09:18 . 2017-02-20 09:18 -------- d-----w- c:\users\Pat\AppData\Roaming\ROBBIE'S REVERSALS
2017-02-16 10:22 . 2017-02-16 10:22 -------- d-----w- c:\program files\NeuralBet
2017-02-16 00:01 . 2017-02-16 00:01 -------- d-----w- c:\program files\HTID
2017-02-15 10:24 . 2017-02-15 10:24 20359768 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-02-20 12:41 . 2015-10-27 13:37 593920 ----a-w- c:\windows\Metasetup.dll
2017-02-15 10:24 . 2014-09-09 21:46 802904 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2017-02-15 10:24 . 2013-11-29 19:37 144472 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2017-01-10 22:48 . 2012-07-17 13:37 24800 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2017-01-06 11:44 . 2017-01-06 11:44 0 ---ha-w- c:\users\Pat\AppData\Local\BITE9B2.tmp
2017-01-05 17:46 . 2017-01-11 10:47 67304 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-01-05 17:46 . 2017-01-11 10:47 137960 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-01-05 17:43 . 2017-01-11 10:47 172032 ----a-w- c:\windows\system32\wdigest.dll
2017-01-05 17:43 . 2017-01-11 10:47 99840 ----a-w- c:\windows\system32\sspicli.dll
2017-01-05 17:43 . 2017-01-11 10:47 65536 ----a-w- c:\windows\system32\TSpkg.dll
2017-01-05 17:43 . 2017-01-11 10:47 655360 ----a-w- c:\windows\system32\rpcrt4.dll
2017-01-05 17:43 . 2017-01-11 10:47 254464 ----a-w- c:\windows\system32\schannel.dll
2017-01-05 17:43 . 2017-01-11 10:47 22016 ----a-w- c:\windows\system32\secur32.dll
2017-01-05 17:43 . 2017-01-11 10:47 141312 ----a-w- c:\windows\system32\rpchttp.dll
2017-01-05 17:43 . 2017-01-11 10:47 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-01-05 17:43 . 2017-01-11 10:47 261120 ----a-w- c:\windows\system32\msv1_0.dll
2017-01-05 17:43 . 2017-01-11 10:47 223232 ----a-w- c:\windows\system32\ncrypt.dll
2017-01-05 17:43 . 2017-01-11 10:47 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-01-05 17:43 . 2017-01-11 10:47 1062912 ----a-w- c:\windows\system32\lsasrv.dll
2017-01-05 17:43 . 2017-01-11 10:47 553472 ----a-w- c:\windows\system32\kerberos.dll
2017-01-05 17:43 . 2017-01-11 10:47 17408 ----a-w- c:\windows\system32\credssp.dll
2017-01-05 17:43 . 2017-01-11 10:47 82432 ----a-w- c:\windows\system32\bcrypt.dll
2017-01-05 17:42 . 2017-01-11 10:47 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-01-05 17:23 . 2017-01-11 10:47 50176 ----a-w- c:\windows\system32\auditpol.exe
2017-01-05 17:19 . 2017-01-11 10:47 226304 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2017-01-05 17:19 . 2017-01-11 10:47 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2017-01-05 17:19 . 2017-01-11 10:47 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2017-01-05 17:19 . 2017-01-11 10:47 36352 ----a-w- c:\windows\system32\cryptbase.dll
2017-01-05 17:19 . 2017-01-11 10:47 22016 ----a-w- c:\windows\system32\lsass.exe
2017-01-05 17:19 . 2017-01-11 10:47 15872 ----a-w- c:\windows\system32\sspisrv.dll
2016-12-28 22:58 . 2016-12-23 23:35 2984128 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2016-12-15 09:45 . 2016-12-15 09:45 23040 ----a-w- c:\windows\system32\drivers\tapexpressvpn.sys
2016-11-29 21:34 . 2016-11-29 21:34 28352 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-03-19 18:35 . 2016-03-19 18:35 6871040 ----a-w- c:\program files\GUT1CFF.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-09-26 13:40 1029280 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-09-26 13:40 1029280 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-09-26 13:40 1029280 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-12-24 00:15 1602248 ----a-w- c:\users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-12-24 00:15 1602248 ----a-w- c:\users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-12-24 00:15 1602248 ----a-w- c:\users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-12-24 00:15 1602248 ----a-w- c:\users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-12-24 00:15 1602248 ----a-w- c:\users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2013-12-30 578560]
"DAEMON Tools Ultra Agent"="c:\program files\DAEMON Tools Ultra\DTAgent.exe" [2015-02-27 3731728]
"Gyazo"="c:\program files\Gyazo\GyStation.exe" [2017-02-03 5077792]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-07-17 6453528]
"SmileboxTray"="c:\users\Pat\AppData\Roaming\Smilebox\SmileboxTray.exe" [2017-01-30 350152]
"ExpressVPN4"="c:\program files\ExpressVPN\xvpn-ui\ExpressVpn.exe" [2016-12-15 807928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"FAHConsole"="c:\program files\File Association Helper\FAHConsole.exe" [2014-01-28 616632]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2016-07-01 508128]
"Adobe Creative Cloud"="c:\program files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-10-15 2694320]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-10-02 421888]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2015-04-08 448520]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat DC\Acrobat\Acrotray.exe" [2016-12-23 1870928]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2016-10-02 406664]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Malwarebytes TrayApp"="c:\program files\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe" [2017-01-20 2780112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.11.500\SSScheduler.exe [2017-1-19 342792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\TrueKey\McAfeeTrueKeyPasswordFilter
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 Foundry FLEXlm Server;Foundry FLEXlm Server;c:\program files\The Foundry\\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exe [2012-10-30 1392016]
R2 InstallerService;Service Installer TrueKey;c:\program files\TrueKey\Mcafee.TrueKey.InstallerService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2017-01-16 317400]
R3 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys [x]
R3 cpuz140;cpuz140;c:\users\Pat\AppData\Local\Temp\cpuz140\cpuz140_x32.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-06-16 89856]
R3 Disc Soft Ultra Bus Service;Disc Soft Ultra Bus Service;c:\program files\DAEMON Tools Ultra\DiscSoftBusService.exe [2015-02-27 1378576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 eapihdrv;eapihdrv;c:\users\Pat\AppData\Local\Temp\ehdrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-11-12 102912]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.500\McCHSvc.exe [2017-01-19 272136]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2014-06-16 136904]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2014-06-16 17864]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2014-06-16 153672]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 184192]
R3 tapexpressvpn;ExpressVPN Tap Adapter;c:\windows\system32\DRIVERS\tapexpressvpn.sys [2016-12-15 23040]
R3 TrueKeyServiceHelper;TrueKeyServiceHelper;c:\program files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-02-06 73968]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-10-15 1343400]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae.sys [2017-01-20 59976]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-01-19 2227312]
S2 ClickToRunSvc;Klik-en-klaar-service van Microsoft Office;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-12-28 2541248]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ExpressVpnService;ExpressVpn Service;c:\program files\ExpressVPN\bootstrap\x86\nssm.exe [2016-12-15 294912]
S2 Foundry License Server;Foundry License Server;c:\program files\The Foundry\\LicensingTools7.0\bin\RLM\rlm.foundry.exe [2015-04-17 1474560]
S2 MBAMChameleon;MBAMChameleon;c:\windows\system32\drivers\MBAMChameleon.sys [2017-02-23 152512]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-01-20 3303888]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2014-07-14 786256]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;c:\postgresql\bin\pg_ctl.exe runservice -N postgresql-8.4 -D c:/postgreSQL/data -w [x]
S2 TrueKey;Intel Security True Key;c:\program files\TrueKey\McAfee.TrueKey.Service.exe [2017-02-06 997360]
S2 TrueKeyScheduler;Intel Security True Key Scheduler;c:\program files\TrueKey\McTkSchedulerService.exe [2017-02-06 17304]
S3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtultrascsibus.sys [2015-04-27 25104]
S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 MBAMFarflt;MBAMFarflt;c:\windows\system32\drivers\farflt.sys [2017-02-23 94656]
S3 MBAMProtection;MBAMProtection;c:\windows\system32\drivers\mbam.sys [2017-02-23 39360]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2017-02-23 219584]
S3 netw5v32;Stuurprogramma voor Intel(R) Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - ESPROTECTIONDRIVER
*NewlyCreated* - MBAMCHAMELEON
*NewlyCreated* - MBAMFARFLT
*NewlyCreated* - MBAMPROTECTION
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-02-07 14:30 1368920 ----a-w- c:\program files\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{AC76BA86-0000-0000-7760-7E8A45000000}]
2016-12-23 18:11 387152 ----a-w- c:\program files\Adobe\Acrobat DC\Esl\Aiod.dll
.
Inhoud van de 'Gedeelde Taken' map
.
2017-02-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09 10:24]
.
.
------- Bijkomende Scan -------
.
uStart Page = https://www.google.com/?trackid=sp-006
mStart Page = https://www.google.com/?trackid=sp-006
mSearch Bar = https://www.google.com/?trackid=sp-006
uInternet Settings,ProxyServer = 127.0.0.1:8118
IE: &Webpagina converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html
IE: Doel van &koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: Webpagina toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html
TCP: DhcpNameServer = 195.130.131.5 195.130.130.5
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\Microsoft Office\root\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\zoz98h5j.default-1457083289649\
.
- - - - ORPHANS VERWIJDERD - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE - c:\americascardroom\Uninstall.exe
AddRemove-FE4D6F94-B3D5-484b-94F7-8BC45DEB7A82 - c:\blackchippoker\Uninstall.exe
AddRemove-Forex Lines 7 + Forex Lines EA - c:\program files\Traders Way MetaTrader 4\Uninstal.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\postgresql-8.4]
"ImagePath"="\"c:\postgresql\bin\pg_ctl.exe\" runservice -N \"postgresql-8.4\" -D \"c:/postgreSQL/data\" -w"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\The Foundry\LicensingTools7.0\bin\RLM\rlm.foundry.exe
c:\postgresql\bin\pg_ctl.exe
c:\windows\system32\conhost.exe
c:\program files\ExpressVPN\xvpnd\xvpnd.exe
c:\program files\TeamViewer\TeamViewer_Service.exe
c:\postgresql\bin\postgres.exe
c:\windows\system32\conhost.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
.
**************************************************************************
.
Voltooingstijd: 2017-02-23 19:26:17 - machine werd herstart
ComboFix-quarantined-files.txt 2017-02-23 18:26
ComboFix2.txt 2016-01-04 21:58
.
Pre-Run: 69,702,979,584 bytes beschikbaar
Post-Run: 69,644,619,776 bytes beschikbaar
.
- - End Of File - - 9E4052DD24E27B4655B83CCBB3F1C192
A36C5E4F47E84449FF07ED3517B43A31
 
Ga nu eerst naar Start Configuratiescherm Programma's en onderdelen en verwijder daar
Apple's QuickTime - deze software wordt al meer dan een jaar niet meer ondersteunt door Apple.
Herstart daarna de computer.


Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programmas\Bureau-accessoires\Kladblok (of Notepad)".

Kopieer en plak de volgende (blauwe tekst in het code-venster) in het lege kladblokvenster.


Code:
[B][color=#0000FF]ClearJavaCache::

File::


Folder::
c:\users\Pat\AppData\Local\BITE9B2.tmp
c:\program files\GUT1CFF.tmp[/COLOR][/B]

Sla dit kladblokbestand op je bureaublad op als CFScript.txt.

Nu eerst de antivirus en eventuele spywarescanners deaktiveren!
Zorg ook ervoor dat alle andere openstaande vensters gesloten zijn, ook de webbrowser.


Sleep CFScript.txt in ComboFix.exe


CFScript.gif


Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


Post het Combofix-log dat na het opnieuw starten wordt getoond via de kleurcodeerder!
Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in C:\Combofix.txt

Belangrijke opmerking:
  • Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Start dan de computer opnieuw op.
 
ik had het script in combofix gebracht en voor combofix was opgestart kreeg ik een blauw scherm met error en iets van kernal date is dat een crash dump..en computer startte opnieuw op..

hieronder de log nadat ik opnieuw script in combofix heb gebracht


ComboFix 17-02-24.01 - Pat 02/24/2017 9:12.4.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.3067.1664 [GMT 1:00]
Gestart vanuit: c:\users\Pat\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Pat\Desktop\CFScript.txt
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2017-01-24 to 2017-02-24 ))))))))))))))))))))))))))))))
.
.
2017-02-23 15:30 . 2017-02-24 08:19 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F4DB87E-3C7E-4DBF-A1A5-5EBAD4B81ED9}\offreg.dll
2017-02-22 08:13 . 2017-02-23 15:49 152512 ----a-w- c:\windows\system32\drivers\MBAMChameleon.sys
2017-02-22 08:12 . 2017-02-24 07:56 94656 ----a-w- c:\windows\system32\drivers\farflt.sys
2017-02-22 08:12 . 2017-02-22 18:25 63264 ----a-w- c:\windows\system32\drivers\mwac.sys
2017-02-22 08:12 . 2017-02-24 07:56 39360 ----a-w- c:\windows\system32\drivers\mbam.sys
2017-02-22 08:11 . 2017-02-24 07:56 219584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-02-22 08:11 . 2017-01-20 06:47 59976 ----a-w- c:\windows\system32\drivers\mbae.sys
2017-02-22 08:10 . 2017-02-22 08:10 -------- d-----w- c:\program files\Malwarebytes
2017-02-21 10:28 . 2017-02-21 10:29 -------- d-----w- c:\program files\Speccy
2017-02-21 08:39 . 2017-02-21 08:39 -------- d-----w- c:\program files\Common Files\Skype
2017-02-21 08:39 . 2017-02-21 08:39 -------- d-----r- c:\program files\Skype
2017-02-20 09:18 . 2017-02-20 09:18 -------- d-----w- c:\users\Pat\AppData\Roaming\ROBBIE'S REVERSALS
2017-02-16 10:22 . 2017-02-16 10:22 -------- d-----w- c:\program files\NeuralBet
2017-02-16 00:01 . 2017-02-16 00:01 -------- d-----w- c:\program files\HTID
2017-02-15 10:24 . 2017-02-15 10:24 20359768 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-02-20 12:41 . 2015-10-27 13:37 593920 ----a-w- c:\windows\Metasetup.dll
2017-02-15 10:24 . 2014-09-09 21:46 802904 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2017-02-15 10:24 . 2013-11-29 19:37 144472 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2017-01-10 22:48 . 2012-07-17 13:37 24800 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2017-01-06 11:44 . 2017-01-06 11:44 0 ---ha-w- c:\users\Pat\AppData\Local\BITE9B2.tmp
2017-01-05 17:46 . 2017-01-11 10:47 67304 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-01-05 17:46 . 2017-01-11 10:47 137960 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-01-05 17:43 . 2017-01-11 10:47 172032 ----a-w- c:\windows\system32\wdigest.dll
2017-01-05 17:43 . 2017-01-11 10:47 99840 ----a-w- c:\windows\system32\sspicli.dll
2017-01-05 17:43 . 2017-01-11 10:47 65536 ----a-w- c:\windows\system32\TSpkg.dll
2017-01-05 17:43 . 2017-01-11 10:47 655360 ----a-w- c:\windows\system32\rpcrt4.dll
2017-01-05 17:43 . 2017-01-11 10:47 254464 ----a-w- c:\windows\system32\schannel.dll
2017-01-05 17:43 . 2017-01-11 10:47 22016 ----a-w- c:\windows\system32\secur32.dll
2017-01-05 17:43 . 2017-01-11 10:47 141312 ----a-w- c:\windows\system32\rpchttp.dll
2017-01-05 17:43 . 2017-01-11 10:47 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-01-05 17:43 . 2017-01-11 10:47 261120 ----a-w- c:\windows\system32\msv1_0.dll
2017-01-05 17:43 . 2017-01-11 10:47 223232 ----a-w- c:\windows\system32\ncrypt.dll
2017-01-05 17:43 . 2017-01-11 10:47 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-01-05 17:43 . 2017-01-11 10:47 1062912 ----a-w- c:\windows\system32\lsasrv.dll
2017-01-05 17:43 . 2017-01-11 10:47 553472 ----a-w- c:\windows\system32\kerberos.dll
2017-01-05 17:43 . 2017-01-11 10:47 17408 ----a-w- c:\windows\system32\credssp.dll
2017-01-05 17:43 . 2017-01-11 10:47 82432 ----a-w- c:\windows\system32\bcrypt.dll
2017-01-05 17:42 . 2017-01-11 10:47 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-01-05 17:23 . 2017-01-11 10:47 50176 ----a-w- c:\windows\system32\auditpol.exe
2017-01-05 17:19 . 2017-01-11 10:47 226304 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2017-01-05 17:19 . 2017-01-11 10:47 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2017-01-05 17:19 . 2017-01-11 10:47 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2017-01-05 17:19 . 2017-01-11 10:47 36352 ----a-w- c:\windows\system32\cryptbase.dll
2017-01-05 17:19 . 2017-01-11 10:47 22016 ----a-w- c:\windows\system32\lsass.exe
2017-01-05 17:19 . 2017-01-11 10:47 15872 ----a-w- c:\windows\system32\sspisrv.dll
2016-12-28 22:58 . 2016-12-23 23:35 2984128 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2016-12-15 09:45 . 2016-12-15 09:45 23040 ----a-w- c:\windows\system32\drivers\tapexpressvpn.sys
2016-11-29 21:34 . 2016-11-29 21:34 28352 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-03-19 18:35 . 2016-03-19 18:35 6871040 ----a-w- c:\program files\GUT1CFF.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-09-26 13:40 1029280 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-09-26 13:40 1029280 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-09-26 13:40 1029280 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-12-24 00:15 1602248 ----a-w- c:\users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-12-24 00:15 1602248 ----a-w- c:\users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-12-24 00:15 1602248 ----a-w- c:\users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-12-24 00:15 1602248 ----a-w- c:\users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-12-24 00:15 1602248 ----a-w- c:\users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2013-12-30 578560]
"DAEMON Tools Ultra Agent"="c:\program files\DAEMON Tools Ultra\DTAgent.exe" [2015-02-27 3731728]
"Gyazo"="c:\program files\Gyazo\GyStation.exe" [2017-02-03 5077792]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-07-17 6453528]
"SmileboxTray"="c:\users\Pat\AppData\Roaming\Smilebox\SmileboxTray.exe" [2017-01-30 350152]
"ExpressVPN4"="c:\program files\ExpressVPN\xvpn-ui\ExpressVpn.exe" [2016-12-15 807928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"FAHConsole"="c:\program files\File Association Helper\FAHConsole.exe" [2014-01-28 616632]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2016-07-01 508128]
"Adobe Creative Cloud"="c:\program files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-10-15 2694320]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-10-02 421888]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2015-04-08 448520]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat DC\Acrobat\Acrotray.exe" [2016-12-23 1870928]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2016-10-02 406664]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Malwarebytes TrayApp"="c:\program files\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe" [2017-01-20 2780112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.11.500\SSScheduler.exe [2017-1-19 342792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\TrueKey\McAfeeTrueKeyPasswordFilter
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 Foundry FLEXlm Server;Foundry FLEXlm Server;c:\program files\The Foundry\\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exe [2012-10-30 1392016]
R2 InstallerService;Service Installer TrueKey;c:\program files\TrueKey\Mcafee.TrueKey.InstallerService.exe [x]
R2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-01-20 3303888]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2017-01-16 317400]
R3 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys [x]
R3 cpuz140;cpuz140;c:\users\Pat\AppData\Local\Temp\cpuz140\cpuz140_x32.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-06-16 89856]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 eapihdrv;eapihdrv;c:\users\Pat\AppData\Local\Temp\ehdrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-11-12 102912]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.500\McCHSvc.exe [2017-01-19 272136]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2014-06-16 136904]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2014-06-16 17864]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2014-06-16 153672]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 184192]
R3 tapexpressvpn;ExpressVPN Tap Adapter;c:\windows\system32\DRIVERS\tapexpressvpn.sys [2016-12-15 23040]
R3 TrueKeyServiceHelper;TrueKeyServiceHelper;c:\program files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-02-06 73968]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-10-15 1343400]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-01-19 2227312]
S2 ClickToRunSvc;Klik-en-klaar-service van Microsoft Office;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-12-28 2541248]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ExpressVpnService;ExpressVpn Service;c:\program files\ExpressVPN\bootstrap\x86\nssm.exe [2016-12-15 294912]
S2 Foundry License Server;Foundry License Server;c:\program files\The Foundry\\LicensingTools7.0\bin\RLM\rlm.foundry.exe [2015-04-17 1474560]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2014-07-14 786256]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;c:\postgresql\bin\pg_ctl.exe runservice -N postgresql-8.4 -D c:/postgreSQL/data -w [x]
S2 TrueKey;Intel Security True Key;c:\program files\TrueKey\McAfee.TrueKey.Service.exe [2017-02-06 997360]
S2 TrueKeyScheduler;Intel Security True Key Scheduler;c:\program files\TrueKey\McTkSchedulerService.exe [2017-02-06 17304]
S3 Disc Soft Ultra Bus Service;Disc Soft Ultra Bus Service;c:\program files\DAEMON Tools Ultra\DiscSoftBusService.exe [2015-02-27 1378576]
S3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtultrascsibus.sys [2015-04-27 25104]
S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 netw5v32;Stuurprogramma voor Intel(R) Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*Deregistered* - ESProtectionDriver
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-02-07 14:30 1368920 ----a-w- c:\program files\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{AC76BA86-0000-0000-7760-7E8A45000000}]
2016-12-23 18:11 387152 ----a-w- c:\program files\Adobe\Acrobat DC\Esl\Aiod.dll
.
Inhoud van de 'Gedeelde Taken' map
.
2017-02-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09 10:24]
.
.
------- Bijkomende Scan -------
.
uStart Page = https://www.google.com/?trackid=sp-006
mStart Page = https://www.google.com/?trackid=sp-006
mSearch Bar = https://www.google.com/?trackid=sp-006
uInternet Settings,ProxyServer = 127.0.0.1:8118
IE: &Webpagina converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html
IE: Doel van &koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: Webpagina toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html
TCP: DhcpNameServer = 195.130.131.5 195.130.130.5
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\Microsoft Office\root\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\zoz98h5j.default-1457083289649\
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\postgresql-8.4]
"ImagePath"="\"c:\postgresql\bin\pg_ctl.exe\" runservice -N \"postgresql-8.4\" -D \"c:/postgreSQL/data\" -w"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2017-02-24 09:33:17
ComboFix-quarantined-files.txt 2017-02-24 08:33
ComboFix2.txt 2017-02-23 18:26
ComboFix3.txt 2016-01-04 21:58
.
Pre-Run: 69,364,269,056 bytes beschikbaar
Post-Run: 69,336,412,160 bytes beschikbaar
.
- - End Of File - - D0A18ED8DAC2D4E1ACF16D27989FDA9F
A36C5E4F47E84449FF07ED3517B43A31
 
Download de gratis versie versie van WhoCrashed naar het bureaublad of verplaats het bestand daar naar toe.

WhoCrashed introductie

WhoCrashed beschrijving

Download de free home edition van WhoCrashed naar je bureaublad via klik hier
whocrashed32.jpg
en installeer het tool via klikken/dubbelklikken op "whocrashedSetup.exe"

Nadat 'WhoCrashed' is opgestart, klik je op de "Analyze" knop.

Selekteer nu de inhoud van het venster, kopieer dit en post het resultaat in je volgende post.
 
System Information (local)
--------------------------------------------------------------------------------

Computer name: PAT-PC
Windows version: Windows 7 Service Pack 1, 6.1, build: 7601
Windows dir: C:\Windows
Hardware: Aspire 7738 , Acer , JM70
CPU: GenuineIntel Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz Intel586, level: 6
2 logical processors, active mask: 3
RAM: 3215814656 bytes total




--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Fri 2/24/2017 8:52:24 AM your computer crashed
crash dump file: C:\Windows\Minidump\022417-31871-01.dmp
This was probably caused by the following module: netbt.sys (netbt+0x26BF9)
Bugcheck code: 0x7A (0xFFFFFFFFC047B620, 0xFFFFFFFFC0000185, 0x7CF02860, 0xFFFFFFFF8F6C4BF9)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\drivers\netbt.sys
product: Microsoft Windows Operating System
company: Microsoft Corporation
description: MBT Transport driver
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.



On Fri 2/24/2017 8:52:24 AM your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: netbt.sys (netbt+0x23F49)
Bugcheck code: 0x7A (0xFFFFFFFFC047B620, 0xFFFFFFFFC0000185, 0x7CF02860, 0xFFFFFFFF8F6C4BF9)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\drivers\netbt.sys
product: Microsoft Windows Operating System
company: Microsoft Corporation
description: MBT Transport driver
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.



On Thu 2/23/2017 11:00:32 AM your computer crashed
crash dump file: C:\Windows\Minidump\022317-36363-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xDFC9C)
Bugcheck code: 0x7A (0xFFFFFFFFC0500C58, 0xFFFFFFFFC0000185, 0x6C015820, 0xFFFFFFFFA018BDE4)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft Windows Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Wed 2/22/2017 3:20:19 PM your computer crashed
crash dump file: C:\Windows\Minidump\022217-46223-01.dmp
This was probably caused by the following module: clfs.sys (CLFS+0x2E5F0)
Bugcheck code: 0x7A (0xFFFFFFFFC0486318, 0xFFFFFFFFC0000185, 0x68ABA8C0, 0xFFFFFFFF90C63092)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\clfs.sys
product: Microsoft Windows Operating System
company: Microsoft Corporation
description: Common Log File System Driver
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.



On Wed 2/22/2017 2:45:59 PM your computer crashed
crash dump file: C:\Windows\Minidump\022217-35396-01.dmp
This was probably caused by the following module: ataport.sys (ataport+0x189CE)
Bugcheck code: 0x7A (0xFFFFFFFFC0458F90, 0xFFFFFFFFC0000185, 0x74C52860, 0xFFFFFFFF8B1F29CE)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\drivers\ataport.sys
product: Microsoft Windows Operating System
company: Microsoft Corporation
description: ATAPI Driver Extension
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.





--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

6 crash dumps have been found and analyzed. Only 5 are included in this report. No offending third party drivers have been found. Connsider using WhoCrashed Professional which offers more detailed analysis using symbol resolution. Also configuring your system to produce a full memory dump may help you.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
 
Hoi, ik wil graag dat jij nu een Schijfcontrole gaat doen.

Klik daarvoor Computer open en vraag vervolgens de Eigenschappen van --> "C" op.
Klik nu op de tab Extra

Klik vervolgens op de knop Nu controleren in het gedeelte waar staat "Hiermee kunt u het station op fouten controleren".

In het nieuwe venstertje zorg je ervoor dat beide opties aangevinkt zijn.
Vervolgens krijg je de melding dat Windows voor die actie moet herstarten.

Doe dat dan ook.

Hierdoor wordt de systeemschijf niet alleen op clusterfouten gecontroleerd, maar ook op fouten in het bestandssysteem die dan gerepareerd worden.

Afhankelijk van de omvanggrootte van Windows en de grootte van de schijven, kan deze scan enige tijd in beslag nemen!
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan