Mededeling

Collapse
No announcement yet.

Virus, geen administrator rechten meer, geen schrijfrechten op twee partities

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Virus, geen administrator rechten meer, geen schrijfrechten op twee partities

    Een paar dagen geleden gaf Sophos aan dat er een virus zou zijn (ik meen iets van Mal/Generic-s, of zoiets). Het dan met de clean up van Sophos verwijderd.

    Nu merk ik dat er e.e.a. veranderd is op de pc. Ik log gewoon in, maar heb ineens geen administrator rechter meer. Bij elke actie wordt me nu gevraagd of dat mag.
    Ik heb zelf niets veranderd mbt rechten.


    Verder heb ik drie partities. Op de C:\schijf kan ik schrijven. De overige twee alleen maar lezen.

    Tot slot heb ik het ieder dat IE veel trager is geworden.

    Alvast bedankt voor het nakijken...


    Heb CCleaner gebruikt.

    Daarna defogger

    MBaM (log in bijlage)

    dds (log in bijlage)c

    GMER: (log in bijlage)
    Bijgevoegde Bestanden

  • #2
    Hoi pickleman en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.


    Oorspronkelijk geplaatst door pickleman Bekijk Berichten
    Nu merk ik dat er e.e.a. veranderd is op de pc. Ik log gewoon in, maar heb ineens geen administrator rechter meer. Bij elke actie wordt me nu gevraagd of dat mag.
    Ik heb zelf niets veranderd mbt rechten.
    Waarschijnlijk heeft Sophos je UAC terug gezet. Wat eigenlijk niet slecht is
    Meer info over UAC: http://windows.microsoft.com/nl-be/w...trol-on-or-off




    Stap 1:

    Malware scannen en verwijderen....


    Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links: Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
      Indien het veel items zijn, kan je in het venster rechtsklikken en "alle items selecteren" kiezen.
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    ___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scan
    • Klik op Clean
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Enkel de log na de "clean" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

    ___________________________________________________________

    Stap 4:

    Controle op updates...

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.

    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Malwarebytes Anti-Malware 1.75.0.1300
      www.malwarebytes.org

      Databaseversie: v2013.10.17.07

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Peter :: PETER-PC [standaardgebruiker]

      17-10-2013 22:15:44
      mbam-log-2013-10-17 (22-15-44).txt

      Scan type: Volledige scan (C:\|E:\|L:\|Q:\|)
      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
      Uitgeschakelde scan opties: P2P
      Objecten gescand: 561684
      Verstreken tijd: 1 uur/uren, 50 minuut/minuten,

      Geheugenprocessen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Geheugenmodulen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registersleutels gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerwaarden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerdata gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Mappen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Bestanden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      (einde)

      Comment


      • #4
        Bij het afsluiten van de PC duurde het heel lang voor hij afsloot... uiteindelijk ging dat met een crash, blauw scherm met prehistorische letterypes...

        AdwCleaner[SO].txt:

        # AdwCleaner v3.008 - Report created 18/10/2013 at 00:27:27
        # Updated 17/10/2013 by Xplode
        # Operating System : Windows 7 Professional Service Pack 1 (64 bits)
        # Username : Peter - PETER-PC
        # Running from : C:\Users\Peter\Desktop\AdwCleaner.exe
        # Option : Clean

        ***** [ Services ] *****


        ***** [ Files / Folders ] *****

        Folder Deleted : C:\ProgramData\Babylon
        Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
        Folder Deleted : C:\Program Files (x86)\Ilivid
        Folder Deleted : C:\Program Files (x86)\mixidj
        Folder Deleted : C:\Program Files (x86)\myfree codec
        Folder Deleted : C:\Program Files (x86)\Softonic
        Folder Deleted : C:\Users\Peter\AppData\Local\Conduit
        Folder Deleted : C:\Users\Peter\AppData\Local\Ilivid Player
        Folder Deleted : C:\Users\Peter\AppData\Local\PackageAware
        Folder Deleted : C:\Users\Peter\AppData\LocalLow\Conduit
        Folder Deleted : C:\Users\Peter\AppData\LocalLow\Softonic
        Folder Deleted : C:\Users\Peter\AppData\Roaming\Softonic
        Folder Deleted : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\Extensions\[email protected] c.com
        Folder Deleted : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
        File Deleted : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\invalidprefs.js
        File Deleted : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\searchplugins\mixidj.xml
        File Deleted : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\searchplugins\softonic.xml
        File Deleted : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\user.js

        ***** [ Shortcuts ] *****


        ***** [ Registry ] *****

        Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
        Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc
        Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\FlashAnimator.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
        Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
        Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
        Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO
        Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
        Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
        Key Deleted : HKLM\SOFTWARE\Classes\S
        Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
        Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
        Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
        Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
        Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_auto-gordian-knot_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_auto-gordian-knot_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_avidemux_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_avidemux_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_media-player-codec-pack_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_media-player-codec-pack_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_virtualdub_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_virtualdub_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
        Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
        Key Deleted : HKCU\Software\BabSolution
        Key Deleted : HKCU\Software\Conduit
        Key Deleted : HKCU\Software\ilivid
        Key Deleted : HKCU\Software\mixidj
        Key Deleted : HKCU\Software\Softonic
        Key Deleted : HKCU\Software\YahooPartnerToolbar
        Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
        Key Deleted : HKCU\Software\AppDataLow\Software\Vid-Saver
        Key Deleted : HKLM\Software\Babylon
        Key Deleted : HKLM\Software\Conduit
        Key Deleted : HKLM\Software\mixidj
        Key Deleted : HKLM\Software\Softonic
        Key Deleted : HKLM\Software\TENCENT
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
        Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
        Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll
        Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll

        ***** [ Browsers ] *****

        -\\ Internet Explorer v9.0.8112.16514

        Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

        -\\ Mozilla Firefox v24.0 (nl)

        [ File : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\prefs.js ]

        Line Deleted : user_pref("browser.search.defaultenginename", "Search the web (Softonic)");
        Line Deleted : user_pref("browser.search.order.1", "Search the web (Softonic)");
        Line Deleted : user_pref("browser.search.selectedEngine", "Search the web (Softonic)");
        Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.softonic.com/MOY00361/tb_v1?SearchSource=13&cc=&mi=2aa280b10000000000006c626da95422");
        Line Deleted : user_pref("extensions.Softonic.admin", false);
        Line Deleted : user_pref("extensions.Softonic.aflt", "OC");
        Line Deleted : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
        Line Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
        Line Deleted : user_pref("extensions.Softonic.cntry", "NL");
        Line Deleted : user_pref("extensions.Softonic.dfltLng", "nl");
        Line Deleted : user_pref("extensions.Softonic.dfltSrch", true);
        Line Deleted : user_pref("extensions.Softonic.dnsErr", true);
        Line Deleted : user_pref("extensions.Softonic.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,304 6281807,752626116,1657571787,3224935090,2597085128,182856413
        Line Deleted : user_pref("extensions.Softonic.dspFFXOld", "");
        Line Deleted : user_pref("extensions.Softonic.excTlbr", false);
        Line Deleted : user_pref("extensions.Softonic.ffxUnstlRst", false);
        Line Deleted : user_pref("extensions.Softonic.hdrMd5", "8065F57B13969E3BDCED0061453EAFE7");
        Line Deleted : user_pref("extensions.Softonic.hmpg", true);
        Line Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00361/tb_v1?SearchSource=13&cc=&mi=2aa280b10000000000006c626da95422");
        Line Deleted : user_pref("extensions.Softonic.hpFFXOld", "chrome://branding/locale/browserconfig.properties");
        Line Deleted : user_pref("extensions.Softonic.id", "2aa280b10000000000006c626da95422");
        Line Deleted : user_pref("extensions.Softonic.instlDay", "15939");
        Line Deleted : user_pref("extensions.Softonic.instlRef", "MOY00361");
        Line Deleted : user_pref("extensions.Softonic.lastB", "chrome://branding/locale/browserconfig.properties");
        Line Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.8.21.1423:29:44");
        Line Deleted : user_pref("extensions.Softonic.newTab", true);
        Line Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00361/tb_v1/?SearchSource=15&cc=&mi=2aa280b10000000000006c626da95422");
        Line Deleted : user_pref("extensions.Softonic.pnu_2013desingbrand", "{\"newVrsn\":\"32\",\"lastVrsn\":\"32\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"tr ue\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
        Line Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
        Line Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
        Line Deleted : user_pref("extensions.Softonic.rvrt", "false");
        Line Deleted : user_pref("extensions.Softonic.sg", "none");
        Line Deleted : user_pref("extensions.Softonic.smplGrp", "none");
        Line Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
        Line Deleted : user_pref("extensions.Softonic.tlbrId", "2013desingbrand");
        Line Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00361/tb_v1?SearchSource=1&cc=&mi=2aa280b10000000000006c626da95422&q=");
        Line Deleted : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
        Line Deleted : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1423:29:44");
        Line Deleted : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
        Line Deleted : user_pref("[email protected]", true);
        Line Deleted : user_pref("extensions.enabledAddons", "testpilot%40labs.mozilla.com:1.2.2,%7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4,%7B848DC626-5EC9-4D09-A19F-E7F708EE2475%7D:2.3,ffxtlbra%40softonic.com:1.6.0,
        Line Deleted : user_pref("[email protected]", true);

        -\\ Google Chrome v30.0.1599.69

        [ File : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\preferences ]

        Deleted : homepage
        Deleted : search_url
        Deleted : keyword
        Deleted : urls_to_restore_on_startup

        *************************

        AdwCleaner[R0].txt - [20402 octets] - [18/10/2013 00:23:50]
        AdwCleaner[R1].txt - [20463 octets] - [18/10/2013 00:25:41]
        AdwCleaner[S0].txt - [20226 octets] - [18/10/2013 00:27:27]

        ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20287 octets] ##########
        Last edited by pickleman; 18-10-13, 00:03. Reden: smileys....

        Comment


        • #5
          DDS (Ver_2012-11-20.01) - NTFS_AMD64
          Internet Explorer: 9.0.8112.16514 BrowserJavaVersion: 1.6.0_39
          Run by Peter at 0:46:00 on 2013-10-18
          Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.6135.4117 [GMT 2:00]
          .
          AV: Sophos Anti-Virus *Disabled/Updated* {479CCF92-4960-B3E0-7373-BF453B467D2C}
          SP: Sophos Anti-Virus *Disabled/Updated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}
          SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          .
          ============== Running Processes ===============
          .
          svchost.exe
          svchost.exe
          svchost.exe
          svchost.exe
          svchost.exe
          svchost.exe
          svchost.exe
          svchost.exe
          svchost.exe
          svchost.exe
          svchost.exe
          svchost.exe
          C:\Windows\system32\SearchFilterHost.exe
          svchost.exe
          C:\Windows\System32\cscript.exe
          .
          ============== Pseudo HJT Report ===============
          .
          uStart Page = hxxp://www.startpagina.nl/
          uSearch Page = hxxp://www.google.com
          mStart Page = hxxp://www.google.com
          mSearch Page = hxxp://www.google.com
          mWinlogon: Userinit = userinit.exe,
          BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
          BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
          BHO: Sophos Web Content Scanner: {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll
          BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
          BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
          BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
          BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
          BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
          TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
          TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
          TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
          TB: AFAS Personal Bijwerk Assistent: {0DFC36E8-EAE8-484F-A89C-F565849A210F} -
          TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
          uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
          uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
          uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
          uRun: [AdobeBridge] <no file>
          mRun: [Kerio VPN Client] "C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
          mRun: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
          mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
          mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
          mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
          mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
          mRun: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
          mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
          mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
          mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
          mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
          mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
          mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
          mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
          mRunOnce: [Launcher] C:\Program Files (x86)\SMINST\Launcher.exe
          StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\EZVHSC~1.LNK - C:\Program Files (x86)\ION\EZ Video Converter\MediaTVMonitor.exe
          uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
          mPolicies-Explorer: NoActiveDesktop = dword:1
          mPolicies-Explorer: NoActiveDesktopChanges = dword:1
          mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
          mPolicies-System: ConsentPromptBehaviorUser = dword:3
          mPolicies-System: EnableLUA = dword:0
          mPolicies-System: EnableUIADesktopToggle = dword:0
          mPolicies-System: PromptOnSecureDesktop = dword:0
          mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
          IE: Converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
          IE: Doel van koppeling converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
          IE: Doel van koppeling toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
          IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
          IE: Toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
          IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
          IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
          IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
          LSP: C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll
          DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
          DPF: {0DBF2423-33D3-4084-B83E-6A3661F2CD46} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/6.5.6/ImageUploader6.cab
          DPF: {28B66320-9687-4B13-8757-36F901887AB5} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab
          DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
          DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab
          DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
          DPF: {B7915D9F-6057-4153-BE1B-8E234BD66980} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/ma7.0.23/ImageUploader7.cab
          DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
          DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
          DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
          DPF: {D27CDB6E-AE6D-11CF-96B8-444553542500} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
          DPF: {E7637F18-B2C8-43E4-BCFE-BC3437DF469F} - hxxps://s.userzoom.com/s/UserZoom.cab
          TCP: NameServer = 192.168.1.1 212.61.15.8 212.61.25.226
          TCP: Interfaces\{49171518-154B-4B7C-B537-6C9FA73B93A7} : DHCPNameServer = 192.168.1.1 212.61.15.8 212.61.25.226
          Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
          Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
          Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
          Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
          AppInit_DLLs= c:\progra~2\sophos\sophos~1\sophos~1.dll
          SSODL: WebCheck - <orphaned>
          SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
          mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
          x64-BHO: Sophos Web Content Scanner: {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHOX64.dll
          x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
          x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
          x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
          x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
          x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
          x64-Run: [PrintDisp] C:\Windows\System32\PrintDisp.exe
          x64-Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe
          x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
          x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
          x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
          x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
          x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
          x64-SSODL: WebCheck - <orphaned>
          .
          ================= FIREFOX ===================
          .
          FF - ProfilePath - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\
          FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
          FF - plugin: C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll
          FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
          FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
          FF - plugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
          FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
          FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
          FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
          FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
          FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
          FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
          FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
          FF - plugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
          FF - plugin: C:\Windows\System32\TVUAx\npTVUAx.dll
          FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
          FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
          FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
          FF - ExtSQL: 2013-08-22 23:29; [email protected]; C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
          FF - ExtSQL: 2013-08-25 23:43; [email protected]; C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\[email protected] c.com
          .
          ============= SERVICES / DRIVERS ===============
          .
          R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-2-21 54480]
          R1 SAVOnAccess;SAVOnAccess;C:\Windows\System32\drivers\savonaccess.sys [2011-1-5 142328]
          R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
          R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688]
          R2 KVPNCSvc;Kerio VPN Client Service;C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [2010-3-2 972648]
          R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
          R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]
          R2 Printer Control;Printer Control;C:\Windows\System32\PrintCtrl.exe [2012-8-25 65536]
          R2 SAVAdminService;Sophos Anti-Virus status reporter;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2010-10-8 163056]
          R2 SAVService;Sophos Anti-Virus;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2010-6-14 97520]
          R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
          R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]
          R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2012-4-11 232472]
          R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-9-12 414496]
          R2 swi_service;Sophos Web Intelligence Service;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2012-2-21 1543704]
          R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;C:\Windows\System32\drivers\aabed2.sys [2008-3-20 28672]
          R3 kvnet;Kerio Virtual Network Adapter;C:\Windows\System32\drivers\kvnet.sys [2009-3-23 30208]
          R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
          R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2009-10-7 327704]
          R3 LVUVC64;Logitech QuickCam E3500(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2009-10-7 6379288]
          R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
          R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
          R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
          R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
          R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
          R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
          S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
          S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 284016]
          S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936]
          S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-2-21 1038088]
          S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-27 19456]
          S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544]
          S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-27 57856]
          S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-11 1255736]
          S4 SophosBootDriver;SophosBootDriver;C:\Windows\System32\drivers\SophosBootDriver.sys [2011-1-5 25608]
          .
          =============== File Associations ===============
          .
          FileExt: .vbe: VBEFile=C:\Windows\SysWow64\CScript.exe "%1" %*
          FileExt: .vbs: VBSFile=C:\Windows\SysWow64\CScript.exe "%1" %*
          FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"
          FileExt: .jse: JSEFile=C:\Windows\SysWow64\CScript.exe "%1" %*
          FileExt: .wsf: WSFFile=C:\Windows\SysWow64\CScript.exe "%1" %*
          ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe", "%1"
          .
          =============== Created Last 30 ================
          .
          2013-10-17 22:23:43 -------- d-----w- C:\AdwCleaner
          2013-10-17 15:37:36 -------- d-----w- C:\Program Files\CCleaner
          2013-10-17 15:20:40 -------- d-----w- C:\Users\Peter\AppData\Local\{8CD64109-A195-43FF-A365-135D85ED4F91}
          2013-10-16 19:48:17 -------- d-----w- C:\Users\Peter\AppData\Local\{CEB70707-0AD5-48C3-AA81-5A9603798270}
          2013-10-16 01:05:33 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6BE1F204-B3E3-424D-B5C2-6613AAA7B661}\mpengine.dll
          2013-10-15 16:42:32 -------- d-----w- C:\Users\Peter\AppData\Local\{E3FC2666-161D-4021-8EFB-CB7E055D38B6}
          2013-10-14 16:50:39 -------- d-----w- C:\Users\Peter\AppData\Local\{3261A488-06ED-4892-B3E2-86E2D26B4B8C}
          2013-10-12 20:41:49 -------- d-----w- C:\Users\Peter\AppData\Local\{519B70C7-5F9C-415D-B0AC-FF09682D1B55}
          2013-10-11 17:51:57 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
          2013-10-11 17:51:57 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
          2013-10-11 17:51:57 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
          2013-10-11 17:51:57 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
          2013-10-11 17:51:57 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
          2013-10-11 17:51:57 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
          2013-10-11 17:51:57 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
          2013-10-11 16:06:53 -------- d-----w- C:\Users\Peter\AppData\Local\{5D6D0501-7CEA-4583-B191-9FBDAABC4C49}
          2013-10-10 22:32:30 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
          2013-10-10 20:54:35 -------- d-----w- C:\ProgramData\82402111-85d1-4981-be99-64a0481354b3
          2013-10-10 18:14:28 -------- d-----w- C:\Users\Peter\AppData\Local\{0E2C3B2F-9EF3-45BD-A347-C6E16BF0450D}
          2013-10-09 16:05:07 -------- d-----w- C:\Users\Peter\AppData\Local\{2AAD3F4D-928D-44CF-A651-70E0FF65FF7F}
          2013-10-08 23:20:04 -------- d-----w- C:\ProgramData\1dc666d8-9d14-4918-bf11-f9822a2eeb60
          2013-10-08 23:19:40 -------- d-----w- C:\ProgramData\506
          2013-10-07 16:00:49 -------- d-----w- C:\Users\Peter\AppData\Local\{F2546085-4092-40FE-AFC4-4486EE31375A}
          2013-10-02 17:16:50 -------- d-----w- C:\Users\Peter\AppData\Local\{39777D86-15F0-4A0C-9256-68F979605F89}
          2013-10-01 16:44:42 -------- d-----w- C:\Users\Peter\AppData\Local\{7681E216-F929-41A2-A3F6-927D35AA83AF}
          2013-09-30 17:12:25 -------- d-----w- C:\Users\Peter\AppData\Local\{A6793C54-C55A-4BC7-ADB8-4574AA05F8E4}
          2013-09-26 17:41:47 -------- d-----w- C:\Users\Peter\AppData\Local\{FE54CB4C-485D-427E-8913-FFA4DA2FD460}
          2013-09-22 13:39:58 -------- d-----w- C:\Users\Peter\AppData\Local\{9A6ED064-9295-41DB-BF2E-9F552D47AF82}
          2013-09-21 18:37:49 -------- d-----w- C:\Users\Peter\AppData\Local\{22A40C57-CA32-4A7C-91A0-A844DDAEE05D}
          2013-09-20 23:51:12 -------- d-----w- C:\Users\Peter\AppData\Local\{0098C998-602A-4168-9362-786D7AB702BD}
          2013-09-19 15:19:35 -------- d-----w- C:\Users\Peter\AppData\Local\{0089E081-3CE0-4CA5-A950-B5C7A05A68F5}
          2013-09-18 15:06:02 -------- d-----w- C:\Users\Peter\AppData\Local\{20974958-B014-46DB-A592-4E1413B1969E}
          .
          ==================== Find3M ====================
          .
          2013-10-08 18:16:18 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
          2013-10-08 18:16:18 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
          2013-09-22 14:42:33 2312704 ----a-w- C:\Windows\System32\jscript9.dll
          2013-09-22 14:33:53 1392128 ----a-w- C:\Windows\System32\wininet.dll
          2013-09-22 14:33:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
          2013-09-22 14:23:30 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
          2013-09-22 14:21:21 599040 ----a-w- C:\Windows\System32\vbscript.dll
          2013-09-22 14:15:47 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
          2013-09-22 10:22:59 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
          2013-09-22 10:14:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
          2013-09-22 10:13:22 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
          2013-09-22 10:08:41 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
          2013-09-22 10:06:58 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
          2013-09-22 10:03:18 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
          2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
          2013-09-12 07:25:43 6599968 ----a-w- C:\Windows\System32\nvcpl.dll
          2013-09-12 07:25:43 3452192 ----a-w- C:\Windows\System32\nvsvc64.dll
          2013-09-12 07:25:40 920864 ----a-w- C:\Windows\System32\nvvsvc.exe
          2013-09-12 07:25:40 63776 ----a-w- C:\Windows\System32\nvshext.dll
          2013-09-12 07:25:40 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
          2013-09-12 07:25:40 219424 ----a-w- C:\Windows\System32\nvmctray.dll
          2013-09-11 23:17:50 571168 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
          2013-09-11 22:06:31 3361114 ----a-w- C:\Windows\System32\nvcoproc.bin
          2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
          2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
          2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
          2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
          2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
          2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
          2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
          2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
          2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
          2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
          2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
          2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
          2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
          2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
          2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
          2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
          2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
          2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
          2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
          2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
          2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
          2013-08-07 02:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe
          2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
          2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
          2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
          2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
          2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
          2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
          2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
          2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
          2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
          2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
          2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
          2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
          2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
          2013-07-20 10:33:12 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
          2013-07-20 10:33:08 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
          .
          ============= FINISH: 0:48:15,17 ===============

          Comment


          • #6
            Results of screen317's Security Check version 0.99.74
            Windows 7 Service Pack 1 x64 (UAC is disabled!)
            Internet Explorer 10
            ``````````````Antivirus/Firewall Check:``````````````
            Sophos Anti-Virus
            WMI entry may not exist for antivirus; attempting automatic update.
            `````````Anti-malware/Other Utilities Check:`````````
            Java(TM) 6 Update 39
            Java version out of Date!
            Adobe Flash Player 11.9.900.117
            Adobe Reader XI
            Mozilla Firefox (24.0)
            Google Chrome 29.0.1547.76
            Google Chrome 30.0.1599.69
            ````````Process Check: objlist.exe by Laurent````````
            Sophos Sophos Anti-Virus SavService.exe
            Sophos Sophos Anti-Virus SAVAdminService.exe
            Sophos Sophos Anti-Virus Web Intelligence swi_service.exe
            `````````````````System Health check`````````````````
            Total Fragmentation on Drive C: 0%
            ````````````````````End of Log``````````````````````

            Comment


            • #7
              Volgende mag je verwijderen van je pc: Java(TM) 6 Update 39
              PC herstarten.


              Download of Update Ccleaner

              Start CCleaner op.
              • Run Ccleaner en klik in de linkse kolom op Opties
              • Selecteer het tabblad Geavanceerd
              • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
              • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
              • Selecteer het tabblad Instellingen
              • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
              • Klik in de linkse kolom op Cleaner.
              • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
              • Klik vervolgens in de linkse kolom op Register
              • Klik op Scan naar problemen.
              • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen
              • Hier kan de vraag verschijnen of je je register wil backuppen.Antwoord met Ja en OK




              Download TDSSKiller naar je bureaublad.
              Dubbelklik op TDSSKiller.exe om de tool te starten.

              Klik op de knop "Start Scan" en volg de instructies.
              Zet de items dat het vind in quarantaine
              De unsigned files skip je.
              Rootkit.Boot.SST.b en anderen zoals Sinowal, ZeroAccess of Whistler laat je herstellen (= Cure).

              Als er een Reboot (herstart) wordt gevraagt, dan klik je op Reboot Now.
              Anders klik je op Report.
              Kopie en plak de logfile die tevoorschijn komt.

              Opmerking: De logfile vind je in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                kwamen er nog aan ...
                Emphyrio edit:
                Ik weet het
                Je mag post #7 uitvoeren....
                Last edited by Emphyrio; 18-10-13, 00:21.

                Comment


                • #9
                  01:32:51.0655 0x1640 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
                  01:32:54.0489 0x1640 ============================================================
                  01:32:54.0489 0x1640 Current date / time: 2013/10/18 01:32:54.0489
                  01:32:54.0489 0x1640 SystemInfo:
                  01:32:54.0489 0x1640
                  01:32:54.0489 0x1640 OS Version: 6.1.7601 ServicePack: 1.0
                  01:32:54.0489 0x1640 Product type: Workstation
                  01:32:54.0489 0x1640 ComputerName: PETER-PC
                  01:32:54.0489 0x1640 UserName: Peter
                  01:32:54.0489 0x1640 Windows directory: C:\Windows
                  01:32:54.0489 0x1640 System windows directory: C:\Windows
                  01:32:54.0489 0x1640 Running under WOW64
                  01:32:54.0490 0x1640 Processor architecture: Intel x64
                  01:32:54.0490 0x1640 Number of processors: 8
                  01:32:54.0490 0x1640 Page size: 0x1000
                  01:32:54.0490 0x1640 Boot type: Normal boot
                  01:32:54.0490 0x1640 ============================================================
                  01:32:56.0039 0x1640 System UUID: {5B231F56-5E58-00C9-C3DD-CFB210A9D291}
                  01:32:56.0370 0x1640 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
                  01:32:56.0383 0x1640 ============================================================
                  01:32:56.0383 0x1640 \Device\Harddisk0\DR0:
                  01:32:56.0383 0x1640 MBR partitions:
                  01:32:56.0383 0x1640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2259642, BlocksNum 0x25B746DC
                  01:32:56.0383 0x1640 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x27DCDD1E, BlocksNum 0x25B746DC
                  01:32:56.0383 0x1640 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x4D9423FA, BlocksNum 0x26DC35C7
                  01:32:56.0383 0x1640 ============================================================
                  01:32:56.0398 0x1640 C: <-> \Device\Harddisk0\DR0\Partition1
                  01:32:56.0413 0x1640 E: <-> \Device\Harddisk0\DR0\Partition3
                  01:32:56.0432 0x1640 L: <-> \Device\Harddisk0\DR0\Partition2
                  01:32:56.0432 0x1640 ============================================================
                  01:32:56.0433 0x1640 Initialize success
                  01:32:56.0433 0x1640 ============================================================
                  01:33:05.0058 0x0724 ============================================================
                  01:33:05.0058 0x0724 Scan started
                  01:33:05.0058 0x0724 Mode: Manual;
                  01:33:05.0058 0x0724 ============================================================
                  01:33:05.0058 0x0724 KSN ping started
                  01:33:08.0054 0x0724 KSN ping finished: true
                  01:33:08.0609 0x0724 ================ Scan system memory ========================
                  01:33:08.0609 0x0724 System memory - ok
                  01:33:08.0610 0x0724 ================ Scan services =============================
                  01:33:08.0747 0x0724 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
                  01:33:08.0757 0x0724 1394ohci - ok
                  01:33:08.0860 0x0724 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
                  01:33:08.0862 0x0724 ACDaemon - ok
                  01:33:08.0913 0x0724 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
                  01:33:08.0926 0x0724 ACPI - ok
                  01:33:08.0951 0x0724 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
                  01:33:08.0952 0x0724 AcpiPmi - ok
                  01:33:08.0992 0x0724 [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs C:\Windows\system32\drivers\adfs.sys
                  01:33:08.0994 0x0724 adfs - ok
                  01:33:09.0067 0x0724 [ 57A3B9A69F14414ACE12AFD6BA701773, E17FD004315B666E3A880C987A83A2B6C6156C3D6E9550AAC6F686348F7CE7AC ] Adobe Version Cue CS4 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
                  01:33:09.0071 0x0724 Adobe Version Cue CS4 - ok
                  01:33:09.0135 0x0724 [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                  01:33:09.0138 0x0724 AdobeARMservice - ok
                  01:33:09.0258 0x0724 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
                  01:33:09.0262 0x0724 AdobeFlashPlayerUpdateSvc - ok
                  01:33:09.0286 0x0724 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
                  01:33:09.0294 0x0724 adp94xx - ok
                  01:33:09.0303 0x0724 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
                  01:33:09.0309 0x0724 adpahci - ok
                  01:33:09.0328 0x0724 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
                  01:33:09.0331 0x0724 adpu320 - ok
                  01:33:09.0356 0x0724 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
                  01:33:09.0358 0x0724 AeLookupSvc - ok
                  01:33:09.0384 0x0724 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys
                  01:33:09.0384 0x0724 Afc - ok
                  01:33:09.0427 0x0724 [ 314C17917AC8523EC77A710215012A65, 725CF2D5F63C06F7704C24FE0CFA696215DADC6C0EC445D9671E82F8E23E56AD ] AFD C:\Windows\system32\drivers\afd.sys
                  01:33:09.0435 0x0724 AFD - ok
                  01:33:09.0448 0x0724 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
                  01:33:09.0450 0x0724 agp440 - ok
                  01:33:09.0460 0x0724 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
                  01:33:09.0461 0x0724 ALG - ok
                  01:33:09.0486 0x0724 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
                  01:33:09.0486 0x0724 aliide - ok
                  01:33:09.0508 0x0724 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
                  01:33:09.0508 0x0724 amdide - ok
                  01:33:09.0532 0x0724 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
                  01:33:09.0533 0x0724 AmdK8 - ok
                  01:33:09.0547 0x0724 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
                  01:33:09.0550 0x0724 AmdPPM - ok
                  01:33:09.0596 0x0724 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
                  01:33:09.0599 0x0724 amdsata - ok
                  01:33:09.0620 0x0724 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
                  01:33:09.0626 0x0724 amdsbs - ok
                  01:33:09.0639 0x0724 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
                  01:33:09.0639 0x0724 amdxata - ok
                  01:33:09.0674 0x0724 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
                  01:33:09.0675 0x0724 AppID - ok
                  01:33:09.0685 0x0724 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
                  01:33:09.0686 0x0724 AppIDSvc - ok
                  01:33:09.0714 0x0724 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
                  01:33:09.0715 0x0724 Appinfo - ok
                  01:33:09.0743 0x0724 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
                  01:33:09.0751 0x0724 AppMgmt - ok
                  01:33:09.0767 0x0724 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
                  01:33:09.0769 0x0724 arc - ok
                  01:33:09.0778 0x0724 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
                  01:33:09.0780 0x0724 arcsas - ok
                  01:33:09.0794 0x0724 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
                  01:33:09.0795 0x0724 AsyncMac - ok
                  01:33:09.0823 0x0724 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
                  01:33:09.0823 0x0724 atapi - ok
                  01:33:09.0867 0x0724 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
                  01:33:09.0879 0x0724 AudioEndpointBuilder - ok
                  01:33:09.0895 0x0724 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
                  01:33:09.0906 0x0724 AudioSrv - ok
                  01:33:09.0931 0x0724 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
                  01:33:09.0933 0x0724 AxInstSV - ok
                  01:33:09.0960 0x0724 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
                  01:33:09.0968 0x0724 b06bdrv - ok
                  01:33:09.0984 0x0724 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
                  01:33:09.0989 0x0724 b57nd60a - ok
                  01:33:10.0011 0x0724 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
                  01:33:10.0013 0x0724 BDESVC - ok
                  01:33:10.0031 0x0724 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
                  01:33:10.0031 0x0724 Beep - ok
                  01:33:10.0085 0x0724 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
                  01:33:10.0097 0x0724 BFE - ok
                  01:33:10.0126 0x0724 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
                  01:33:10.0140 0x0724 BITS - ok
                  01:33:10.0153 0x0724 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
                  01:33:10.0153 0x0724 blbdrive - ok
                  01:33:10.0178 0x0724 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
                  01:33:10.0180 0x0724 bowser - ok
                  01:33:10.0191 0x0724 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
                  01:33:10.0192 0x0724 BrFiltLo - ok
                  01:33:10.0202 0x0724 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
                  01:33:10.0202 0x0724 BrFiltUp - ok
                  01:33:10.0232 0x0724 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
                  01:33:10.0234 0x0724 Browser - ok
                  01:33:10.0249 0x0724 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
                  01:33:10.0254 0x0724 Brserid - ok
                  01:33:10.0265 0x0724 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
                  01:33:10.0266 0x0724 BrSerWdm - ok
                  01:33:10.0269 0x0724 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
                  01:33:10.0269 0x0724 BrUsbMdm - ok
                  01:33:10.0283 0x0724 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
                  01:33:10.0283 0x0724 BrUsbSer - ok
                  01:33:10.0294 0x0724 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
                  01:33:10.0295 0x0724 BTHMODEM - ok
                  01:33:10.0306 0x0724 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
                  01:33:10.0307 0x0724 bthserv - ok
                  01:33:10.0497 0x0724 catchme - ok
                  01:33:10.0590 0x0724 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
                  01:33:10.0594 0x0724 cdfs - ok
                  01:33:10.0621 0x0724 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
                  01:33:10.0624 0x0724 cdrom - ok
                  01:33:10.0642 0x0724 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
                  01:33:10.0644 0x0724 CertPropSvc - ok
                  01:33:10.0654 0x0724 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
                  01:33:10.0655 0x0724 circlass - ok
                  01:33:10.0684 0x0724 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
                  01:33:10.0691 0x0724 CLFS - ok
                  01:33:10.0753 0x0724 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
                  01:33:10.0757 0x0724 clr_optimization_v2.0.50727_32 - ok
                  01:33:10.0808 0x0724 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
                  01:33:10.0812 0x0724 clr_optimization_v2.0.50727_64 - ok
                  01:33:10.0884 0x0724 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                  01:33:10.0886 0x0724 clr_optimization_v4.0.30319_32 - ok
                  01:33:10.0914 0x0724 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                  01:33:10.0917 0x0724 clr_optimization_v4.0.30319_64 - ok
                  01:33:10.0931 0x0724 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
                  01:33:10.0931 0x0724 CmBatt - ok
                  01:33:10.0952 0x0724 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
                  01:33:10.0953 0x0724 cmdide - ok
                  01:33:11.0006 0x0724 [ AAFCB52FE0037207FB6FBEA070D25EFE, 7D035BFB6DD86944CCDE6D71811891406D7FD08344EF8CF57C4D932E096F1377 ] CNG C:\Windows\system32\Drivers\cng.sys
                  01:33:11.0018 0x0724 CNG - ok
                  01:33:11.0038 0x0724 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
                  01:33:11.0039 0x0724 Compbatt - ok
                  01:33:11.0062 0x0724 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
                  01:33:11.0063 0x0724 CompositeBus - ok
                  01:33:11.0072 0x0724 COMSysApp - ok
                  01:33:11.0085 0x0724 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
                  01:33:11.0086 0x0724 crcdisk - ok
                  01:33:11.0127 0x0724 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
                  01:33:11.0131 0x0724 CryptSvc - ok
                  01:33:11.0183 0x0724 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
                  01:33:11.0197 0x0724 CSC - ok
                  01:33:11.0240 0x0724 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
                  01:33:11.0253 0x0724 CscService - ok
                  01:33:11.0347 0x0724 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
                  01:33:11.0359 0x0724 cvhsvc - ok
                  01:33:11.0404 0x0724 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
                  01:33:11.0414 0x0724 DcomLaunch - ok
                  01:33:11.0447 0x0724 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
                  01:33:11.0453 0x0724 defragsvc - ok
                  01:33:11.0490 0x0724 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
                  01:33:11.0492 0x0724 DfsC - ok
                  01:33:11.0511 0x0724 dgderdrv - ok
                  01:33:11.0548 0x0724 [ 41AC348DBD378F618CB4FDEE54270692, A4080C9FF314F52C52E2207E5F7B745A003E931FA42E67E742D34477B5CC0166 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
                  01:33:11.0550 0x0724 dg_ssudbus - ok
                  01:33:11.0586 0x0724 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
                  01:33:11.0598 0x0724 Dhcp - ok
                  01:33:11.0612 0x0724 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
                  01:33:11.0613 0x0724 discache - ok
                  01:33:11.0631 0x0724 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
                  01:33:11.0633 0x0724 Disk - ok
                  01:33:11.0672 0x0724 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
                  01:33:11.0675 0x0724 Dnscache - ok
                  01:33:11.0711 0x0724 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
                  01:33:11.0715 0x0724 dot3svc - ok
                  01:33:11.0744 0x0724 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
                  01:33:11.0747 0x0724 DPS - ok
                  01:33:11.0777 0x0724 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
                  01:33:11.0778 0x0724 drmkaud - ok
                  01:33:11.0837 0x0724 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
                  01:33:11.0854 0x0724 DXGKrnl - ok
                  01:33:11.0890 0x0724 [ A0D5450B3D4689DCE4CBBC8268141C37, 86674139314058AB8D8B12BED193828C006329CBA70FA5469E5D39526867B346 ] e.dentifier2 C:\Windows\system32\DRIVERS\aabed2.sys
                  01:33:11.0891 0x0724 e.dentifier2 - ok
                  01:33:11.0908 0x0724 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
                  01:33:11.0910 0x0724 EapHost - ok
                  01:33:12.0038 0x0724 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
                  01:33:12.0089 0x0724 ebdrv - ok
                  01:33:12.0100 0x0724 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
                  01:33:12.0102 0x0724 EFS - ok
                  01:33:12.0148 0x0724 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
                  01:33:12.0158 0x0724 ehRecvr - ok
                  01:33:12.0172 0x0724 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
                  01:33:12.0174 0x0724 ehSched - ok
                  01:33:12.0212 0x0724 [ 9A47AC3DFCF81D30922CDAAF1C2D579F, 8CE5EC7C515D99928E701186DDDF80DC0BE6B98CE6E41509D2002ADA638609A5 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
                  01:33:12.0213 0x0724 ElbyCDIO - ok
                  01:33:12.0238 0x0724 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
                  01:33:12.0246 0x0724 elxstor - ok
                  01:33:12.0271 0x0724 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
                  01:33:12.0272 0x0724 ErrDev - ok
                  01:33:12.0290 0x0724 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
                  01:33:12.0297 0x0724 EventSystem - ok
                  01:33:12.0319 0x0724 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
                  01:33:12.0322 0x0724 exfat - ok
                  01:33:12.0341 0x0724 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
                  01:33:12.0344 0x0724 fastfat - ok
                  01:33:12.0392 0x0724 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
                  01:33:12.0404 0x0724 Fax - ok
                  01:33:12.0414 0x0724 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
                  01:33:12.0415 0x0724 fdc - ok
                  01:33:12.0438 0x0724 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
                  01:33:12.0439 0x0724 fdPHost - ok
                  01:33:12.0452 0x0724 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
                  01:33:12.0453 0x0724 FDResPub - ok
                  01:33:12.0465 0x0724 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
                  01:33:12.0466 0x0724 FileInfo - ok
                  01:33:12.0474 0x0724 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
                  01:33:12.0475 0x0724 Filetrace - ok
                  01:33:12.0564 0x0724 [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
                  01:33:12.0580 0x0724 FLEXnet Licensing Service - ok
                  01:33:12.0652 0x0724 [ 1C3FB052A0BB72EDAED90785C34D6EED, 5300A82D1A79EBA1768F545E73974E3B8CE189AB39CDF905BF42AFA2E497186B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
                  01:33:12.0668 0x0724 FLEXnet Licensing Service 64 - ok
                  01:33:12.0683 0x0724 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
                  01:33:12.0684 0x0724 flpydisk - ok
                  01:33:12.0698 0x0724 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
                  01:33:12.0703 0x0724 FltMgr - ok
                  01:33:12.0757 0x0724 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
                  01:33:12.0777 0x0724 FontCache - ok
                  01:33:12.0808 0x0724 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
                  01:33:12.0808 0x0724 FontCache3.0.0.0 - ok
                  01:33:12.0819 0x0724 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
                  01:33:12.0820 0x0724 FsDepends - ok
                  01:33:12.0843 0x0724 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
                  01:33:12.0844 0x0724 Fs_Rec - ok
                  01:33:12.0872 0x0724 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
                  01:33:12.0875 0x0724 fvevol - ok
                  01:33:12.0893 0x0724 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
                  01:33:12.0894 0x0724 gagp30kx - ok
                  01:33:12.0995 0x0724 [ 2973B4EB7BE10A0D491B2037DCAAE88F, 17219885FF89EFD3538C7D780179060E3255B1E0D7BA5DF01AEA737123C07B59 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
                  01:33:12.0999 0x0724 Garmin Core Update Service - ok
                  01:33:13.0050 0x0724 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
                  01:33:13.0063 0x0724 gpsvc - ok
                  01:33:13.0155 0x0724 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
                  01:33:13.0161 0x0724 gupdate - ok
                  01:33:13.0196 0x0724 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
                  01:33:13.0202 0x0724 gupdatem - ok
                  01:33:13.0242 0x0724 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
                  01:33:13.0245 0x0724 gusvc - ok
                  01:33:13.0260 0x0724 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
                  01:33:13.0261 0x0724 hcw85cir - ok
                  01:33:13.0300 0x0724 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
                  01:33:13.0305 0x0724 HdAudAddService - ok
                  01:33:13.0323 0x0724 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
                  01:33:13.0325 0x0724 HDAudBus - ok
                  01:33:13.0341 0x0724 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
                  01:33:13.0342 0x0724 HidBatt - ok
                  01:33:13.0360 0x0724 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
                  01:33:13.0361 0x0724 HidBth - ok
                  01:33:13.0373 0x0724 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
                  01:33:13.0374 0x0724 HidIr - ok
                  01:33:13.0393 0x0724 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
                  01:33:13.0394 0x0724 hidserv - ok
                  01:33:13.0428 0x0724 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
                  01:33:13.0429 0x0724 HidUsb - ok
                  01:33:13.0455 0x0724 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
                  01:33:13.0457 0x0724 hkmsvc - ok
                  01:33:13.0487 0x0724 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
                  01:33:13.0491 0x0724 HomeGroupListener - ok
                  01:33:13.0516 0x0724 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
                  01:33:13.0520 0x0724 HomeGroupProvider - ok
                  01:33:13.0554 0x0724 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
                  01:33:13.0555 0x0724 HpSAMD - ok
                  01:33:13.0596 0x0724 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
                  01:33:13.0610 0x0724 HTTP - ok
                  01:33:13.0631 0x0724 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
                  01:33:13.0631 0x0724 hwpolicy - ok
                  01:33:13.0661 0x0724 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
                  01:33:13.0663 0x0724 i8042prt - ok
                  01:33:13.0692 0x0724 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
                  01:33:13.0698 0x0724 iaStorV - ok
                  01:33:13.0738 0x0724 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
                  01:33:13.0751 0x0724 idsvc - ok
                  01:33:13.0763 0x0724 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
                  01:33:13.0764 0x0724 iirsp - ok
                  01:33:13.0817 0x0724 [ 51516252DBBFED36F70B341DBA263167, 69F19C877AA64ABE9ADDE21CD9E3DE5E5F2E924A59217D3F0A558CF38CF1EDFD ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
                  01:33:13.0819 0x0724 IJPLMSVC - ok
                  01:33:13.0854 0x0724 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
                  01:33:13.0868 0x0724 IKEEXT - ok
                  01:33:14.0005 0x0724 [ DAB7318CCFA8081200D5B7B486793F74, 1D0833352D125D7C46F51401C8DE66DB92E3104003917BAEFE4A21218531C330 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
                  01:33:14.0045 0x0724 IntcAzAudAddService - ok
                  01:33:14.0072 0x0724 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
                  01:33:14.0072 0x0724 intelide - ok
                  01:33:14.0091 0x0724 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
                  01:33:14.0092 0x0724 intelppm - ok
                  01:33:14.0111 0x0724 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
                  01:33:14.0113 0x0724 IPBusEnum - ok
                  01:33:14.0141 0x0724 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
                  01:33:14.0144 0x0724 IpFilterDriver - ok
                  01:33:14.0196 0x0724 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
                  01:33:14.0206 0x0724 iphlpsvc - ok
                  01:33:14.0221 0x0724 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
                  01:33:14.0223 0x0724 IPMIDRV - ok
                  01:33:14.0241 0x0724 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
                  01:33:14.0244 0x0724 IPNAT - ok
                  01:33:14.0268 0x0724 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
                  01:33:14.0268 0x0724 IRENUM - ok
                  01:33:14.0300 0x0724 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
                  01:33:14.0300 0x0724 isapnp - ok
                  01:33:14.0324 0x0724 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
                  01:33:14.0336 0x0724 iScsiPrt - ok

                  Comment


                  • #10
                    01:33:14.0356 0x0724 [ 50DE7DD7EDB1B512B13666588AEFBF6F, 47FFBA2CA40718614C5A43C2D231B46C22E96221B9EFD8BD4C2D355412811DF4 ] JRAID C:\Windows\system32\DRIVERS\JRAID.SYS
                    01:33:14.0359 0x0724 JRAID - ok
                    01:33:14.0378 0x0724 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
                    01:33:14.0380 0x0724 kbdclass - ok
                    01:33:14.0402 0x0724 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
                    01:33:14.0403 0x0724 kbdhid - ok
                    01:33:14.0420 0x0724 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
                    01:33:14.0421 0x0724 KeyIso - ok
                    01:33:14.0451 0x0724 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
                    01:33:14.0453 0x0724 KSecDD - ok
                    01:33:14.0487 0x0724 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E, 94F1382291BD748BAE7EDBCB56F43B8564A1EE22E2DBEB37066559EE3D065FBA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
                    01:33:14.0490 0x0724 KSecPkg - ok
                    01:33:14.0496 0x0724 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
                    01:33:14.0497 0x0724 ksthunk - ok
                    01:33:14.0524 0x0724 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
                    01:33:14.0530 0x0724 KtmRm - ok
                    01:33:14.0566 0x0724 [ 18D816BA0A55307D0C248FCD31F86F4A, A9897C141EB2785CB66972AA6629557B86F2A31FCB7333FDC4067D5A79C3827D ] kvnet C:\Windows\system32\DRIVERS\kvnet.sys
                    01:33:14.0567 0x0724 kvnet - ok
                    01:33:14.0640 0x0724 [ C6DEE32DC8222C587E0EB114281E6AC2, 19463739778C9CB24C51AAF7F44790F156DB58535B3DEB822AEDD37A9CA03112 ] KVPNCSvc C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
                    01:33:14.0656 0x0724 KVPNCSvc - ok
                    01:33:14.0683 0x0724 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
                    01:33:14.0687 0x0724 LanmanServer - ok
                    01:33:14.0717 0x0724 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
                    01:33:14.0720 0x0724 LanmanWorkstation - ok
                    01:33:14.0741 0x0724 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
                    01:33:14.0742 0x0724 lltdio - ok
                    01:33:14.0775 0x0724 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
                    01:33:14.0790 0x0724 lltdsvc - ok
                    01:33:14.0801 0x0724 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
                    01:33:14.0802 0x0724 lmhosts - ok
                    01:33:14.0820 0x0724 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
                    01:33:14.0822 0x0724 LSI_FC - ok
                    01:33:14.0837 0x0724 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
                    01:33:14.0839 0x0724 LSI_SAS - ok
                    01:33:14.0853 0x0724 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
                    01:33:14.0854 0x0724 LSI_SAS2 - ok
                    01:33:14.0870 0x0724 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
                    01:33:14.0872 0x0724 LSI_SCSI - ok
                    01:33:14.0888 0x0724 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
                    01:33:14.0890 0x0724 luafv - ok
                    01:33:14.0914 0x0724 [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
                    01:33:14.0915 0x0724 LVPr2M64 - ok
                    01:33:14.0929 0x0724 [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
                    01:33:14.0929 0x0724 LVPr2Mon - ok
                    01:33:14.0966 0x0724 [ A35679E56E78091E1042A2D7ADBF2958, F2282B697DCDD5767F65D99FEA374D3757C6133D42BD5A9C582C217619213290 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
                    01:33:14.0970 0x0724 LVPrcS64 - ok
                    01:33:14.0993 0x0724 [ 986C1CB787A007BAA5F74E7D316D7246, 8846D5FF09A669816F57C98507FBCBE60F770B22BC784269765E46B36EE38D9D ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
                    01:33:14.0999 0x0724 LVRS64 - ok
                    01:33:15.0186 0x0724 [ 5747BC465ABEA2858C5D037252AED84E, 1D62E05ED1D3265FEFDD02C8653B2901B05994091F1D417632E2FBF053C5D451 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
                    01:33:15.0287 0x0724 LVUVC64 - ok
                    01:33:15.0321 0x0724 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
                    01:33:15.0323 0x0724 Mcx2Svc - ok
                    01:33:15.0341 0x0724 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
                    01:33:15.0343 0x0724 megasas - ok
                    01:33:15.0368 0x0724 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
                    01:33:15.0380 0x0724 MegaSR - ok
                    01:33:15.0452 0x0724 [ 7C4C76B39D5525C4A465E0BE32528E19, B7FE3B2AE7E8A936AFC0572A6C4F23327400EAD16B26B6E1193F1C9C3767B3E1 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
                    01:33:15.0453 0x0724 Microsoft Office Groove Audit Service - ok
                    01:33:15.0487 0x0724 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
                    01:33:15.0488 0x0724 MMCSS - ok
                    01:33:15.0501 0x0724 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
                    01:33:15.0502 0x0724 Modem - ok
                    01:33:15.0516 0x0724 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
                    01:33:15.0517 0x0724 monitor - ok
                    01:33:15.0529 0x0724 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
                    01:33:15.0530 0x0724 mouclass - ok
                    01:33:15.0549 0x0724 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
                    01:33:15.0549 0x0724 mouhid - ok
                    01:33:15.0579 0x0724 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
                    01:33:15.0581 0x0724 mountmgr - ok
                    01:33:15.0654 0x0724 [ 22EDBCCD7F40F654AB26735B63F0E372, 83D048007192D715C97EB69BF30C744902BBD5EF02BCD3B0160492388EA713C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
                    01:33:15.0656 0x0724 MozillaMaintenance - ok
                    01:33:15.0673 0x0724 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
                    01:33:15.0676 0x0724 mpio - ok
                    01:33:15.0687 0x0724 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
                    01:33:15.0688 0x0724 mpsdrv - ok
                    01:33:15.0750 0x0724 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
                    01:33:15.0764 0x0724 MpsSvc - ok
                    01:33:15.0795 0x0724 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
                    01:33:15.0798 0x0724 MRxDAV - ok
                    01:33:15.0829 0x0724 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
                    01:33:15.0832 0x0724 mrxsmb - ok
                    01:33:15.0859 0x0724 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
                    01:33:15.0864 0x0724 mrxsmb10 - ok
                    01:33:15.0893 0x0724 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
                    01:33:15.0896 0x0724 mrxsmb20 - ok
                    01:33:15.0931 0x0724 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
                    01:33:15.0933 0x0724 msahci - ok
                    01:33:15.0962 0x0724 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
                    01:33:15.0967 0x0724 msdsm - ok
                    01:33:15.0985 0x0724 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
                    01:33:15.0991 0x0724 MSDTC - ok
                    01:33:16.0011 0x0724 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
                    01:33:16.0012 0x0724 Msfs - ok
                    01:33:16.0020 0x0724 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
                    01:33:16.0020 0x0724 mshidkmdf - ok
                    01:33:16.0042 0x0724 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
                    01:33:16.0043 0x0724 msisadrv - ok
                    01:33:16.0070 0x0724 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
                    01:33:16.0073 0x0724 MSiSCSI - ok
                    01:33:16.0076 0x0724 msiserver - ok
                    01:33:16.0088 0x0724 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
                    01:33:16.0089 0x0724 MSKSSRV - ok
                    01:33:16.0096 0x0724 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
                    01:33:16.0096 0x0724 MSPCLOCK - ok
                    01:33:16.0109 0x0724 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
                    01:33:16.0109 0x0724 MSPQM - ok
                    01:33:16.0142 0x0724 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
                    01:33:16.0149 0x0724 MsRPC - ok
                    01:33:16.0173 0x0724 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
                    01:33:16.0174 0x0724 mssmbios - ok
                    01:33:16.0185 0x0724 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
                    01:33:16.0185 0x0724 MSTEE - ok
                    01:33:16.0202 0x0724 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
                    01:33:16.0202 0x0724 MTConfig - ok
                    01:33:16.0212 0x0724 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
                    01:33:16.0214 0x0724 Mup - ok
                    01:33:16.0252 0x0724 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
                    01:33:16.0260 0x0724 napagent - ok
                    01:33:16.0294 0x0724 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
                    01:33:16.0308 0x0724 NativeWifiP - ok
                    01:33:16.0420 0x0724 [ E4534BCCDD1EA7A7A256BB9D6688A5FC, 68AFEDC17BF449DF7FC9CC9D7F020C1D82ABE91C40C7E6419DF87FAFDA700A0E ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
                    01:33:16.0428 0x0724 NAUpdate - ok
                    01:33:16.0478 0x0724 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
                    01:33:16.0493 0x0724 NDIS - ok
                    01:33:16.0504 0x0724 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
                    01:33:16.0504 0x0724 NdisCap - ok
                    01:33:16.0513 0x0724 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
                    01:33:16.0514 0x0724 NdisTapi - ok
                    01:33:16.0545 0x0724 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
                    01:33:16.0547 0x0724 Ndisuio - ok
                    01:33:16.0583 0x0724 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
                    01:33:16.0590 0x0724 NdisWan - ok
                    01:33:16.0623 0x0724 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
                    01:33:16.0625 0x0724 NDProxy - ok
                    01:33:16.0732 0x0724 [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
                    01:33:16.0746 0x0724 Nero BackItUp Scheduler 4.0 - ok
                    01:33:16.0755 0x0724 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
                    01:33:16.0756 0x0724 NetBIOS - ok
                    01:33:16.0769 0x0724 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
                    01:33:16.0773 0x0724 NetBT - ok
                    01:33:16.0779 0x0724 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
                    01:33:16.0780 0x0724 Netlogon - ok
                    01:33:16.0811 0x0724 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
                    01:33:16.0818 0x0724 Netman - ok
                    01:33:16.0840 0x0724 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
                    01:33:16.0849 0x0724 netprofm - ok
                    01:33:16.0873 0x0724 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
                    01:33:16.0875 0x0724 NetTcpPortSharing - ok
                    01:33:16.0897 0x0724 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
                    01:33:16.0898 0x0724 nfrd960 - ok
                    01:33:16.0929 0x0724 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
                    01:33:16.0936 0x0724 NlaSvc - ok
                    01:33:16.0940 0x0724 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
                    01:33:16.0941 0x0724 Npfs - ok
                    01:33:16.0986 0x0724 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
                    01:33:16.0989 0x0724 nsi - ok
                    01:33:17.0017 0x0724 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
                    01:33:17.0018 0x0724 nsiproxy - ok
                    01:33:17.0080 0x0724 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
                    01:33:17.0106 0x0724 Ntfs - ok
                    01:33:17.0113 0x0724 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
                    01:33:17.0113 0x0724 Null - ok
                    01:33:17.0158 0x0724 [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
                    01:33:17.0161 0x0724 NVHDA - ok
                    01:33:17.0451 0x0724 [ CE1B54F1ED2080B15DAF9044EC92075A, DD8557B0E159C09DF3195EC01545CCE2BD580DC2557CCC4F90D3B7C02D07FC36 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
                    01:33:17.0623 0x0724 nvlddmkm - ok
                    01:33:17.0665 0x0724 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
                    01:33:17.0667 0x0724 nvraid - ok
                    01:33:17.0680 0x0724 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
                    01:33:17.0683 0x0724 nvstor - ok
                    01:33:17.0738 0x0724 [ 67E9F641C1B5387F298F3063FAFA022B, F9C9974828632349E426C5375D2FD63744350D3D6FD693071231370D52E76DE7 ] nvsvc C:\Windows\system32\nvvsvc.exe
                    01:33:17.0752 0x0724 nvsvc - ok
                    01:33:17.0878 0x0724 [ 3F2800AD31A64853AE0A0389AA8CFB6E, A3D7C75B755430589FA117BF5259098C84B94D31F27EE6A0460B703306A40927 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
                    01:33:17.0899 0x0724 nvUpdatusService - ok
                    01:33:17.0947 0x0724 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
                    01:33:17.0953 0x0724 nv_agp - ok
                    01:33:18.0017 0x0724 [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
                    01:33:18.0024 0x0724 odserv - ok
                    01:33:18.0054 0x0724 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
                    01:33:18.0055 0x0724 ohci1394 - ok
                    01:33:18.0082 0x0724 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
                    01:33:18.0085 0x0724 ose - ok
                    01:33:18.0458 0x0724 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
                    01:33:18.0532 0x0724 osppsvc - ok
                    01:33:18.0633 0x0724 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
                    01:33:18.0639 0x0724 p2pimsvc - ok
                    01:33:18.0669 0x0724 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
                    01:33:18.0676 0x0724 p2psvc - ok
                    01:33:18.0706 0x0724 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
                    01:33:18.0708 0x0724 Parport - ok
                    01:33:18.0736 0x0724 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
                    01:33:18.0739 0x0724 partmgr - ok
                    01:33:18.0759 0x0724 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
                    01:33:18.0768 0x0724 PcaSvc - ok
                    01:33:18.0784 0x0724 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
                    01:33:18.0787 0x0724 pci - ok
                    01:33:18.0821 0x0724 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
                    01:33:18.0821 0x0724 pciide - ok
                    01:33:18.0836 0x0724 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
                    01:33:18.0840 0x0724 pcmcia - ok
                    01:33:18.0861 0x0724 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
                    01:33:18.0863 0x0724 pcw - ok
                    01:33:18.0889 0x0724 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
                    01:33:18.0900 0x0724 PEAUTH - ok
                    01:33:19.0151 0x0724 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
                    01:33:19.0172 0x0724 PeerDistSvc - ok
                    01:33:19.0638 0x0724 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
                    01:33:19.0641 0x0724 PerfHost - ok
                    01:33:19.0740 0x0724 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
                    01:33:19.0766 0x0724 pla - ok
                    01:33:19.0888 0x0724 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
                    01:33:19.0897 0x0724 PlugPlay - ok
                    01:33:19.0909 0x0724 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
                    01:33:19.0910 0x0724 PNRPAutoReg - ok
                    01:33:19.0919 0x0724 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
                    01:33:19.0925 0x0724 PNRPsvc - ok
                    01:33:19.0950 0x0724 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
                    01:33:19.0958 0x0724 PolicyAgent - ok
                    01:33:19.0983 0x0724 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
                    01:33:19.0986 0x0724 Power - ok
                    01:33:20.0018 0x0724 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
                    01:33:20.0020 0x0724 PptpMiniport - ok
                    01:33:20.0056 0x0724 [ 81DBFB92EC47CAC5A7DBAC688886C212, C123EEE457C0C96F9A1EE7EF06D66226690698166C808BD5887C7F4E9FF8D5FA ] Printer Control C:\Windows\system32\PrintCtrl.exe
                    01:33:20.0058 0x0724 Printer Control - ok
                    01:33:20.0091 0x0724 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
                    01:33:20.0092 0x0724 Processor - ok
                    01:33:20.0130 0x0724 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
                    01:33:20.0134 0x0724 ProfSvc - ok
                    01:33:20.0147 0x0724 Prot6Flt - ok
                    01:33:20.0157 0x0724 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
                    01:33:20.0158 0x0724 ProtectedStorage - ok
                    01:33:20.0200 0x0724 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
                    01:33:20.0206 0x0724 Psched - ok
                    01:33:20.0243 0x0724 [ 901DBA98359966A62A6548596988E931, 01EB45DC6B382A8F45BB2F4ECA8F89263CEE4BE1C412C94FFF706544942A74A8 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
                    01:33:20.0244 0x0724 PxHlpa64 - ok
                    01:33:20.0303 0x0724 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
                    01:33:20.0327 0x0724 ql2300 - ok
                    01:33:20.0340 0x0724 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
                    01:33:20.0342 0x0724 ql40xx - ok
                    01:33:20.0367 0x0724 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
                    01:33:20.0372 0x0724 QWAVE - ok
                    01:33:20.0386 0x0724 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
                    01:33:20.0387 0x0724 QWAVEdrv - ok
                    01:33:20.0398 0x0724 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
                    01:33:20.0399 0x0724 RasAcd - ok
                    01:33:20.0426 0x0724 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
                    01:33:20.0427 0x0724 RasAgileVpn - ok
                    01:33:20.0446 0x0724 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
                    01:33:20.0448 0x0724 RasAuto - ok
                    01:33:20.0461 0x0724 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
                    01:33:20.0464 0x0724 Rasl2tp - ok
                    01:33:20.0497 0x0724 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
                    01:33:20.0503 0x0724 RasMan - ok
                    01:33:20.0508 0x0724 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
                    01:33:20.0510 0x0724 RasPppoe - ok
                    01:33:20.0522 0x0724 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
                    01:33:20.0524 0x0724 RasSstp - ok
                    01:33:20.0560 0x0724 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
                    01:33:20.0573 0x0724 rdbss - ok
                    01:33:20.0587 0x0724 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
                    01:33:20.0588 0x0724 rdpbus - ok
                    01:33:20.0597 0x0724 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
                    01:33:20.0598 0x0724 RDPCDD - ok
                    01:33:20.0636 0x0724 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
                    01:33:20.0642 0x0724 RDPDR - ok
                    01:33:20.0662 0x0724 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
                    01:33:20.0662 0x0724 RDPENCDD - ok
                    01:33:20.0672 0x0724 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
                    01:33:20.0672 0x0724 RDPREFMP - ok

                    Comment


                    • #11
                      01:33:20.0733 0x0724 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
                      01:33:20.0734 0x0724 RdpVideoMiniport - ok
                      01:33:20.0772 0x0724 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
                      01:33:20.0781 0x0724 RDPWD - ok
                      01:33:20.0813 0x0724 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
                      01:33:20.0818 0x0724 rdyboost - ok
                      01:33:20.0838 0x0724 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
                      01:33:20.0841 0x0724 RemoteAccess - ok
                      01:33:20.0852 0x0724 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
                      01:33:20.0857 0x0724 RemoteRegistry - ok
                      01:33:20.0937 0x0724 [ 616F6E52CAE254727A886BA8EDA1BEEA, 537EE7A8959E4CBCD243C66A54AF64E5D48F9780893D8450A07645FC3DA61C0B ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
                      01:33:20.0941 0x0724 RichVideo - ok
                      01:33:20.0971 0x0724 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
                      01:33:20.0976 0x0724 RpcEptMapper - ok
                      01:33:20.0997 0x0724 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
                      01:33:20.0999 0x0724 RpcLocator - ok
                      01:33:21.0066 0x0724 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
                      01:33:21.0075 0x0724 RpcSs - ok
                      01:33:21.0089 0x0724 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
                      01:33:21.0091 0x0724 rspndr - ok
                      01:33:21.0132 0x0724 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
                      01:33:21.0141 0x0724 RTL8167 - ok
                      01:33:21.0169 0x0724 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
                      01:33:21.0170 0x0724 s3cap - ok
                      01:33:21.0184 0x0724 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
                      01:33:21.0185 0x0724 SamSs - ok
                      01:33:21.0249 0x0724 [ BD57B12FA4C21B1CE7DA3570410BF12D, 61526458EEDA91264B0750221822F4D24BF838DD1857ED7842BAB9D9A8B3345E ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
                      01:33:21.0257 0x0724 SAVAdminService - ok
                      01:33:21.0283 0x0724 [ D9057E8CA97628E275979A09EA66B34B, 13B18C6AEA4A18211DEF515073F1763CE06625F701B4DD7B210DB116FD7C238D ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
                      01:33:21.0287 0x0724 SAVOnAccess - ok
                      01:33:21.0297 0x0724 [ 836AEC603665F6DB83965EE57B3DCF57, 24C4A8DD607BC8C3F90D2CAAB3C04E6A269C643F6754852D1BD9F153E736C7DC ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
                      01:33:21.0299 0x0724 SAVService - ok
                      01:33:21.0313 0x0724 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
                      01:33:21.0315 0x0724 sbp2port - ok
                      01:33:21.0334 0x0724 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
                      01:33:21.0338 0x0724 SCardSvr - ok
                      01:33:21.0363 0x0724 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
                      01:33:21.0364 0x0724 scfilter - ok
                      01:33:21.0448 0x0724 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
                      01:33:21.0469 0x0724 Schedule - ok
                      01:33:21.0497 0x0724 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
                      01:33:21.0499 0x0724 SCPolicySvc - ok
                      01:33:21.0513 0x0724 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
                      01:33:21.0516 0x0724 SDRSVC - ok
                      01:33:21.0527 0x0724 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
                      01:33:21.0527 0x0724 secdrv - ok
                      01:33:21.0556 0x0724 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
                      01:33:21.0558 0x0724 seclogon - ok
                      01:33:21.0577 0x0724 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
                      01:33:21.0579 0x0724 SENS - ok
                      01:33:21.0588 0x0724 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
                      01:33:21.0589 0x0724 SensrSvc - ok
                      01:33:21.0603 0x0724 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
                      01:33:21.0604 0x0724 Serenum - ok
                      01:33:21.0627 0x0724 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
                      01:33:21.0628 0x0724 Serial - ok
                      01:33:21.0662 0x0724 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
                      01:33:21.0664 0x0724 sermouse - ok
                      01:33:21.0700 0x0724 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
                      01:33:21.0703 0x0724 SessionEnv - ok
                      01:33:21.0716 0x0724 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
                      01:33:21.0717 0x0724 sffdisk - ok
                      01:33:21.0726 0x0724 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
                      01:33:21.0726 0x0724 sffp_mmc - ok
                      01:33:21.0738 0x0724 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
                      01:33:21.0739 0x0724 sffp_sd - ok
                      01:33:21.0746 0x0724 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
                      01:33:21.0747 0x0724 sfloppy - ok
                      01:33:21.0785 0x0724 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
                      01:33:21.0797 0x0724 Sftfs - ok
                      01:33:21.0869 0x0724 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
                      01:33:21.0880 0x0724 sftlist - ok
                      01:33:21.0914 0x0724 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
                      01:33:21.0919 0x0724 Sftplay - ok
                      01:33:21.0930 0x0724 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
                      01:33:21.0931 0x0724 Sftredir - ok
                      01:33:21.0959 0x0724 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
                      01:33:21.0960 0x0724 Sftvol - ok
                      01:33:21.0973 0x0724 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
                      01:33:21.0977 0x0724 sftvsa - ok
                      01:33:22.0002 0x0724 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
                      01:33:22.0007 0x0724 SharedAccess - ok
                      01:33:22.0037 0x0724 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
                      01:33:22.0044 0x0724 ShellHWDetection - ok
                      01:33:22.0064 0x0724 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
                      01:33:22.0065 0x0724 SiSRaid2 - ok
                      01:33:22.0076 0x0724 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
                      01:33:22.0078 0x0724 SiSRaid4 - ok
                      01:33:22.0223 0x0724 [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
                      01:33:22.0269 0x0724 Skype C2C Service - ok
                      01:33:22.0326 0x0724 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
                      01:33:22.0329 0x0724 SkypeUpdate - ok
                      01:33:22.0346 0x0724 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
                      01:33:22.0348 0x0724 Smb - ok
                      01:33:22.0389 0x0724 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
                      01:33:22.0393 0x0724 SNMPTRAP - ok
                      01:33:22.0475 0x0724 [ B5774835A13B5ED31378AABD07746262, D71CD0572EC22D6C292FFC774FD8816060DC277713E35800B13E60C0455A8F07 ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
                      01:33:22.0480 0x0724 Sophos AutoUpdate Service - ok
                      01:33:22.0519 0x0724 [ 69FBE35A8165ADBC313AA7F64B868CA1, 33C1EDACC7D804091ADD1BFF3FE916DF065A1BF038F344EF2A11FE01DE749510 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
                      01:33:22.0520 0x0724 SophosBootDriver - ok
                      01:33:22.0531 0x0724 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
                      01:33:22.0532 0x0724 spldr - ok
                      01:33:22.0572 0x0724 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
                      01:33:22.0581 0x0724 Spooler - ok
                      01:33:22.0696 0x0724 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
                      01:33:22.0753 0x0724 sppsvc - ok
                      01:33:22.0770 0x0724 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
                      01:33:22.0772 0x0724 sppuinotify - ok
                      01:33:22.0811 0x0724 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
                      01:33:22.0830 0x0724 srv - ok
                      01:33:22.0869 0x0724 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
                      01:33:22.0876 0x0724 srv2 - ok
                      01:33:22.0889 0x0724 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
                      01:33:22.0892 0x0724 srvnet - ok
                      01:33:22.0914 0x0724 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
                      01:33:22.0918 0x0724 SSDPSRV - ok
                      01:33:22.0949 0x0724 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
                      01:33:22.0951 0x0724 SstpSvc - ok
                      01:33:22.0999 0x0724 [ B4C983DA20E2970E21893BF0E4EE2AD8, 473D0E5339A8914775A03F76A805DAD4727FC045E3984F85F54BB92D5214E06F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
                      01:33:23.0008 0x0724 ssudmdm - ok
                      01:33:23.0093 0x0724 [ 4F08BE2C2AC568EE9867A9B0F4F09540, 2EACD391B66D649BA458955257912B302270AB883B13FD4034B069B7CECE75FD ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
                      01:33:23.0100 0x0724 Stereo Service - ok
                      01:33:23.0115 0x0724 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
                      01:33:23.0116 0x0724 stexstor - ok
                      01:33:23.0209 0x0724 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
                      01:33:23.0226 0x0724 stisvc - ok
                      01:33:23.0256 0x0724 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
                      01:33:23.0257 0x0724 storflt - ok
                      01:33:23.0279 0x0724 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
                      01:33:23.0280 0x0724 StorSvc - ok
                      01:33:23.0312 0x0724 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
                      01:33:23.0313 0x0724 storvsc - ok
                      01:33:23.0338 0x0724 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
                      01:33:23.0338 0x0724 swenum - ok
                      01:33:23.0424 0x0724 [ AA5CA4A5F87C1576FF550A0372B3ED84, 15C79779CD8D7F90F58F65268F05421BA53382D0B01257749A9B7302DBF5145B ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
                      01:33:23.0449 0x0724 swi_service - ok
                      01:33:23.0475 0x0724 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
                      01:33:23.0484 0x0724 swprv - ok
                      01:33:23.0553 0x0724 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
                      01:33:23.0580 0x0724 SysMain - ok
                      01:33:23.0612 0x0724 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
                      01:33:23.0614 0x0724 TabletInputService - ok
                      01:33:23.0633 0x0724 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
                      01:33:23.0639 0x0724 TapiSrv - ok
                      01:33:23.0664 0x0724 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
                      01:33:23.0666 0x0724 TBS - ok
                      01:33:23.0734 0x0724 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
                      01:33:23.0763 0x0724 Tcpip - ok
                      01:33:23.0813 0x0724 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
                      01:33:23.0845 0x0724 TCPIP6 - ok
                      01:33:23.0870 0x0724 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
                      01:33:23.0871 0x0724 tcpipreg - ok
                      01:33:23.0897 0x0724 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
                      01:33:23.0898 0x0724 TDPIPE - ok
                      01:33:23.0926 0x0724 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
                      01:33:23.0927 0x0724 TDTCP - ok
                      01:33:23.0961 0x0724 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
                      01:33:23.0966 0x0724 tdx - ok
                      01:33:23.0980 0x0724 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
                      01:33:23.0982 0x0724 TermDD - ok
                      01:33:24.0018 0x0724 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
                      01:33:24.0030 0x0724 TermService - ok
                      01:33:24.0045 0x0724 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
                      01:33:24.0047 0x0724 Themes - ok
                      01:33:24.0081 0x0724 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
                      01:33:24.0082 0x0724 THREADORDER - ok
                      01:33:24.0098 0x0724 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
                      01:33:24.0101 0x0724 TrkWks - ok
                      01:33:24.0167 0x0724 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
                      01:33:24.0175 0x0724 TrustedInstaller - ok
                      01:33:24.0208 0x0724 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
                      01:33:24.0210 0x0724 tssecsrv - ok
                      01:33:24.0243 0x0724 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
                      01:33:24.0244 0x0724 TsUsbFlt - ok
                      01:33:24.0283 0x0724 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
                      01:33:24.0285 0x0724 tunnel - ok
                      01:33:24.0292 0x0724 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
                      01:33:24.0293 0x0724 uagp35 - ok
                      01:33:24.0309 0x0724 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
                      01:33:24.0315 0x0724 udfs - ok
                      01:33:24.0330 0x0724 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
                      01:33:24.0331 0x0724 UI0Detect - ok
                      01:33:24.0356 0x0724 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
                      01:33:24.0357 0x0724 uliagpkx - ok
                      01:33:24.0379 0x0724 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
                      01:33:24.0380 0x0724 umbus - ok
                      01:33:24.0407 0x0724 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
                      01:33:24.0407 0x0724 UmPass - ok
                      01:33:24.0425 0x0724 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
                      01:33:24.0430 0x0724 UmRdpService - ok
                      01:33:24.0462 0x0724 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
                      01:33:24.0469 0x0724 upnphost - ok
                      01:33:24.0541 0x0724 [ DD8064FF60ACB855552FF999CB6076CD, 2523E1ECC6DD931FEF7E5A57AE73DBDD3B128806C7C28535E2AC8CA4827E2F40 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
                      01:33:24.0553 0x0724 USB28xxBGA - ok
                      01:33:24.0607 0x0724 [ 19B65BEF83E549087633328C5EA338EE, CA7708F5474EC9499122CF2F322E2931E1F2AEE89453C68565BAE2E05F82389D ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
                      01:33:24.0626 0x0724 USB28xxOEM - ok
                      01:33:24.0669 0x0724 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
                      01:33:24.0671 0x0724 usbaudio - ok
                      01:33:24.0707 0x0724 [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
                      01:33:24.0712 0x0724 usbccgp - ok
                      01:33:24.0731 0x0724 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
                      01:33:24.0734 0x0724 usbcir - ok
                      01:33:24.0759 0x0724 [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\drivers\usbehci.sys
                      01:33:24.0761 0x0724 usbehci - ok
                      01:33:24.0796 0x0724 [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
                      01:33:24.0805 0x0724 usbhub - ok
                      01:33:24.0832 0x0724 [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\drivers\usbohci.sys
                      01:33:24.0832 0x0724 usbohci - ok
                      01:33:24.0851 0x0724 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
                      01:33:24.0852 0x0724 usbprint - ok
                      01:33:24.0861 0x0724 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
                      01:33:24.0862 0x0724 usbscan - ok
                      01:33:24.0892 0x0724 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
                      01:33:24.0894 0x0724 USBSTOR - ok
                      01:33:24.0908 0x0724 [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
                      01:33:24.0910 0x0724 usbuhci - ok
                      01:33:24.0929 0x0724 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
                      01:33:24.0932 0x0724 UxSms - ok
                      01:33:24.0951 0x0724 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
                      01:33:24.0953 0x0724 VaultSvc - ok
                      01:33:24.0966 0x0724 [ 84BB306B7863883018D7F3EB0C453BD5, 0602C6987E42ADB3F98D200BA078363F80389941938E0611C3CCA6AD6A183DD0 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
                      01:33:24.0968 0x0724 VClone - ok
                      01:33:24.0997 0x0724 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
                      01:33:24.0998 0x0724 vdrvroot - ok
                      01:33:25.0047 0x0724 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
                      01:33:25.0057 0x0724 vds - ok
                      01:33:25.0083 0x0724 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
                      01:33:25.0084 0x0724 vga - ok
                      01:33:25.0087 0x0724 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
                      01:33:25.0088 0x0724 VgaSave - ok
                      01:33:25.0107 0x0724 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
                      01:33:25.0110 0x0724 vhdmp - ok
                      01:33:25.0140 0x0724 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
                      01:33:25.0140 0x0724 viaide - ok
                      01:33:25.0167 0x0724 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
                      01:33:25.0174 0x0724 vmbus - ok
                      01:33:25.0195 0x0724 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
                      01:33:25.0196 0x0724 VMBusHID - ok
                      01:33:25.0227 0x0724 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
                      01:33:25.0228 0x0724 volmgr - ok
                      01:33:25.0266 0x0724 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
                      01:33:25.0273 0x0724 volmgrx - ok
                      01:33:25.0291 0x0724 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
                      01:33:25.0295 0x0724 volsnap - ok
                      01:33:25.0318 0x0724 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
                      01:33:25.0320 0x0724 vsmraid - ok
                      01:33:25.0401 0x0724 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
                      01:33:25.0430 0x0724 VSS - ok
                      01:33:25.0442 0x0724 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
                      01:33:25.0443 0x0724 vwifibus - ok
                      01:33:25.0467 0x0724 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
                      01:33:25.0474 0x0724 W32Time - ok
                      01:33:25.0487 0x0724 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
                      01:33:25.0488 0x0724 WacomPen - ok
                      01:33:25.0506 0x0724 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
                      01:33:25.0508 0x0724 WANARP - ok
                      01:33:25.0517 0x0724 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
                      01:33:25.0518 0x0724 Wanarpv6 - ok
                      01:33:25.0605 0x0724 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
                      01:33:25.0628 0x0724 WatAdminSvc - ok
                      01:33:25.0688 0x0724 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
                      01:33:25.0711 0x0724 wbengine - ok
                      01:33:25.0728 0x0724 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
                      01:33:25.0732 0x0724 WbioSrvc - ok
                      01:33:25.0768 0x0724 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
                      01:33:25.0775 0x0724 wcncsvc - ok
                      01:33:25.0786 0x0724 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
                      01:33:25.0788 0x0724 WcsPlugInService - ok
                      01:33:25.0801 0x0724 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
                      01:33:25.0802 0x0724 Wd - ok
                      01:33:25.0839 0x0724 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
                      01:33:25.0852 0x0724 Wdf01000 - ok
                      01:33:25.0863 0x0724 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
                      01:33:25.0865 0x0724 WdiServiceHost - ok
                      01:33:25.0869 0x0724 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
                      01:33:25.0871 0x0724 WdiSystemHost - ok
                      01:33:25.0902 0x0724 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
                      01:33:25.0907 0x0724 WebClient - ok
                      01:33:25.0926 0x0724 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
                      01:33:25.0931 0x0724 Wecsvc - ok
                      01:33:25.0948 0x0724 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
                      01:33:25.0950 0x0724 wercplsupport - ok
                      01:33:25.0967 0x0724 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
                      01:33:25.0970 0x0724 WerSvc - ok
                      01:33:25.0990 0x0724 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
                      01:33:25.0991 0x0724 WfpLwf - ok
                      01:33:26.0002 0x0724 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
                      01:33:26.0003 0x0724 WIMMount - ok
                      01:33:26.0027 0x0724 WinDefend - ok
                      01:33:26.0030 0x0724 WinHttpAutoProxySvc - ok
                      01:33:26.0079 0x0724 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
                      01:33:26.0083 0x0724 Winmgmt - ok
                      01:33:26.0147 0x0724 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
                      01:33:26.0181 0x0724 WinRM - ok
                      01:33:26.0228 0x0724 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
                      01:33:26.0229 0x0724 WinUsb - ok
                      01:33:26.0265 0x0724 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
                      01:33:26.0280 0x0724 Wlansvc - ok
                      01:33:26.0405 0x0724 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                      01:33:26.0442 0x0724 wlidsvc - ok
                      01:33:26.0466 0x0724 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
                      01:33:26.0467 0x0724 WmiAcpi - ok
                      01:33:26.0482 0x0724 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
                      01:33:26.0485 0x0724 wmiApSrv - ok
                      01:33:26.0496 0x0724 WMPNetworkSvc - ok
                      01:33:26.0509 0x0724 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
                      01:33:26.0510 0x0724 WPCSvc - ok
                      01:33:26.0527 0x0724 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
                      01:33:26.0534 0x0724 WPDBusEnum - ok
                      01:33:26.0549 0x0724 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
                      01:33:26.0551 0x0724 ws2ifsl - ok
                      01:33:26.0559 0x0724 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
                      01:33:26.0562 0x0724 wscsvc - ok
                      01:33:26.0564 0x0724 WSearch - ok
                      01:33:26.0645 0x0724 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
                      01:33:26.0682 0x0724 wuauserv - ok
                      01:33:26.0711 0x0724 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
                      01:33:26.0712 0x0724 WudfPf - ok
                      01:33:26.0740 0x0724 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
                      01:33:26.0749 0x0724 WUDFRd - ok
                      01:33:26.0783 0x0724 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
                      01:33:26.0786 0x0724 wudfsvc - ok
                      01:33:26.0817 0x0724 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
                      01:33:26.0822 0x0724 WwanSvc - ok
                      01:33:26.0826 0x0724 ================ Scan global ===============================
                      01:33:26.0846 0x0724 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
                      01:33:26.0879 0x0724 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
                      01:33:26.0888 0x0724 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
                      01:33:26.0917 0x0724 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
                      01:33:26.0965 0x0724 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
                      01:33:26.0975 0x0724 [ Global ] - ok
                      01:33:26.0975 0x0724 ================ Scan MBR ==================================
                      01:33:26.0997 0x0724 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
                      01:33:27.0150 0x0724 \Device\Harddisk0\DR0 - ok
                      01:33:27.0150 0x0724 ================ Scan VBR ==================================
                      01:33:27.0160 0x0724 [ 513F8B1EF8050C596380EF72550FFFC9 ] \Device\Harddisk0\DR0\Partition1
                      01:33:27.0162 0x0724 \Device\Harddisk0\DR0\Partition1 - ok
                      01:33:27.0177 0x0724 [ FE6F8BF46E5AA68DA35BFB15B9780613 ] \Device\Harddisk0\DR0\Partition2
                      01:33:27.0178 0x0724 \Device\Harddisk0\DR0\Partition2 - ok
                      01:33:27.0197 0x0724 [ 07DD4C13C3855A2AC7E61EBDD6EB2563 ] \Device\Harddisk0\DR0\Partition3
                      01:33:27.0198 0x0724 \Device\Harddisk0\DR0\Partition3 - ok
                      01:33:27.0199 0x0724 Waiting for KSN requests completion. In queue: 356
                      01:33:28.0199 0x0724 Waiting for KSN requests completion. In queue: 48
                      01:33:29.0200 0x0724 Waiting for KSN requests completion. In queue: 48
                      01:33:30.0204 0x0724 AV detected via SS2: Sophos Anti-Virus, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe ( 9.5.0.0 ), 0x51000 ( enabled : updated )
                      01:33:30.0207 0x0724 Win FW state via NFP2: enabled
                      01:33:32.0595 0x0724 ============================================================
                      01:33:32.0595 0x0724 Scan finished
                      01:33:32.0595 0x0724 ============================================================
                      01:33:32.0608 0x05bc Detected object count: 0
                      01:33:32.0608 0x05bc Actual detected object count: 0
                      01:33:57.0145 0x1a70 Deinitialize success

                      Comment


                      • #12
                        Mooi zo

                        Download Combofix naar je bureaublad.

                        Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                        Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.


                        Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.


                        Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                        Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                        Als Combofix vraagt om een update, dan staat je dit toe.

                        Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                        Deze kan je vinden als C:\combofix.txt.

                        Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                        * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                        • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                        • Illegal operation attempted on a registry key that has been marked for deletion.
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          ComboFix 13-10-16.02 - Peter 18-10-2013 1:55.2.8 - x64
                          Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.6135.3892 [GMT 2:00]
                          Gestart vanuit: c:\users\Peter\Desktop\ComboFix.exe
                          AV: Sophos Anti-Virus *Enabled/Updated* {479CCF92-4960-B3E0-7373-BF453B467D2C}
                          SP: Sophos Anti-Virus *Enabled/Updated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}
                          SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                          .
                          .
                          (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          .
                          C:\install.exe
                          c:\programdata\506
                          c:\programdata\506\112902650.dat
                          c:\programdata\506\112902650.dll
                          c:\programdata\506\ccdxmmde.dat
                          c:\programdata\506\drss.dat
                          c:\programdata\506\msseedir.dll
                          c:\programdata\506\nujqj.dat
                          c:\programdata\506\sysprep.exe
                          c:\programdata\82402111-85d1-4981-be99-64a0481354b3
                          c:\programdata\82402111-85d1-4981-be99-64a0481354b3\b8f093a1-1450-40ac-89dc-47136c606a10
                          c:\programdata\82402111-85d1-4981-be99-64a0481354b3\bb58f141-2763-4284-91bb-3b42b7485d9a
                          c:\programdata\9fb55533-bf30-44f7-b57c-ba32f8fea678
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome.manifest
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\asyncDB.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\background.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\browserAction.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\contextMenu.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\dbManager.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\dom_bg.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\fileManager.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\firefox.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\firefoxNotifications.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\firefoxOmnibox.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\message.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\request.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\tabs.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\api\webRequest.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\background.html
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\baseObject.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\browser.xul
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\console.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\consts.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\delegate.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\httpObserver.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\IDBWrapper.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\pluginsManager.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\prefs.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\progressListenerObserver.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\registry.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\reloadObserver.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\reports.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\requestObject.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\searchSettings.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\uninstallObserver.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\updateManager.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\utils.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\core\xhr.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\dialog.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\extensionCode\backgroundCode.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\extensionCode\pageCode.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\main.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\options.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\options.xul
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\chrome\content\search_dialog.xul
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\defaults\preferences\prefs.js
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\install.rdf
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\locale\en-US\translations.dtd
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\button1.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\button2.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\button3.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\button4.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\button5.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\crossrider_statusbar.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\icon128.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\icon16.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\icon24.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\icon48.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\panelarrow-up.png
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\popup.html
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\skin.css
                          c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\crossriderapp349 [email protected]\skin\update.css
                          c:\users\Peter\AppData\Roaming\vso_ts_preview.xml
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\AdobeARM.log
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\alm.log
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\amt.log
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\config.xml
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\en-us\strings.en-us.xml
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\jusched.log
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\manifest.xml
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\nl-nl\strings.nl-nl.xml
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\Peter.bmp
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\resource.h
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\swtag.log
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\wmplog00.sqm
                          c:\windows\System32\config\systemprofile\AppData\Local\Temp\wmplog01.sqm
                          c:\windows\SysWow64\System32\MASetupCleaner.exe
                          c:\windows\SysWow64\System32\muzapp.exe
                          .
                          .
                          (((((((((((((((((((( Bestanden Gemaakt van 2013-09-18 to 2013-10-18 ))))))))))))))))))))))))))))))
                          .
                          .
                          2013-10-18 00:09 . 2013-10-18 00:09 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
                          2013-10-18 00:09 . 2013-10-18 00:09 -------- d-----w- c:\users\Default\AppData\Local\temp
                          2013-10-18 00:01 . 2013-10-18 00:01 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6BE1F204-B3E3-424D-B5C2-6613AAA7B661}\offreg.dll
                          2013-10-17 22:23 . 2013-10-17 22:27 -------- d-----w- C:\AdwCleaner
                          2013-10-17 15:37 . 2013-10-17 15:37 -------- d-----w- c:\program files\CCleaner
                          2013-10-16 01:05 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6BE1F204-B3E3-424D-B5C2-6613AAA7B661}\mpengine.dll
                          2013-10-11 17:51 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
                          2013-10-11 17:51 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
                          2013-10-11 17:51 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
                          2013-10-11 17:51 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
                          2013-10-11 17:51 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
                          2013-10-11 17:51 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
                          2013-10-11 17:51 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
                          2013-10-10 22:32 . 2013-06-25 22:55 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
                          2013-10-10 18:35 . 2013-09-14 01:10 497152 ----a-w- c:\windows\system32\drivers\afd.sys
                          2013-10-08 23:20 . 2013-10-17 23:39 -------- d-----w- c:\programdata\1dc666d8-9d14-4918-bf11-f9822a2eeb60
                          .
                          .
                          .
                          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          2013-10-10 22:42 . 2010-10-22 09:21 80541720 ----a-w- c:\windows\system32\MRT.exe
                          2013-10-08 18:16 . 2012-04-02 22:35 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                          2013-10-08 18:16 . 2011-05-18 22:14 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                          2013-09-17 20:22 . 2011-01-04 16:49 15901448 ----a-w- c:\windows\system32\nvwgf2umx.dll
                          2013-09-17 20:22 . 2011-01-04 16:49 13628208 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 1222824 ----a-w- c:\windows\SysWow64\nvumdshim.dll
                          2013-09-17 20:22 . 2012-02-09 20:43 1412832 ----a-w- c:\windows\system32\nvumdshimx.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 7648000 ----a-w- c:\windows\system32\nvopencl.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 6329552 ----a-w- c:\windows\SysWow64\nvopencl.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 29337376 ----a-w- c:\windows\system32\nvoglv64.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 22102304 ----a-w- c:\windows\SysWow64\nvoglv32.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 11274528 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
                          2013-09-17 20:22 . 2013-09-17 20:22 603424 ----a-w- c:\windows\system32\NvIFR64.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 515360 ----a-w- c:\windows\SysWow64\NvIFR.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 168616 ----a-w- c:\windows\system32\nvinitx.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 681760 ----a-w- c:\windows\system32\NvFBC64.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 586016 ----a-w- c:\windows\SysWow64\NvFBC.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 31520 ----a-w- c:\windows\system32\nvhdap64.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 196384 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
                          2013-09-17 20:22 . 2013-09-17 20:22 1884448 ----a-w- c:\windows\system32\nvdispco6432723.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 1511712 ----a-w- c:\windows\system32\nvdispgenco6432723.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 1510176 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
                          2013-09-17 20:22 . 2011-01-04 16:49 15703688 ----a-w- c:\windows\system32\nvd3dumx.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 2970400 ----a-w- c:\windows\system32\nvcuvid.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 2789152 ----a-w- c:\windows\SysWow64\nvcuvid.dll
                          2013-09-17 20:22 . 2011-01-04 16:49 12947360 ----a-w- c:\windows\SysWow64\nvd3dum.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 9281032 ----a-w- c:\windows\system32\nvcuda.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 7720576 ----a-w- c:\windows\SysWow64\nvcuda.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 2367264 ----a-w- c:\windows\system32\nvcuvenc.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 2007328 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 2630304 ----a-w- c:\windows\SysWow64\nvapi.dll
                          2013-09-17 20:22 . 2013-09-17 20:22 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
                          2013-09-17 20:22 . 2011-01-04 16:49 2986672 ----a-w- c:\windows\system32\nvapi64.dll
                          2013-09-12 07:25 . 2010-07-09 15:27 6599968 ----a-w- c:\windows\system32\nvcpl.dll
                          2013-09-12 07:25 . 2010-07-09 15:27 3452192 ----a-w- c:\windows\system32\nvsvc64.dll
                          2013-09-12 07:25 . 2011-07-02 10:23 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
                          2013-09-12 07:25 . 2010-07-09 15:27 920864 ----a-w- c:\windows\system32\nvvsvc.exe
                          2013-09-12 07:25 . 2010-07-09 15:27 63776 ----a-w- c:\windows\system32\nvshext.dll
                          2013-09-12 07:25 . 2010-07-09 15:27 219424 ----a-w- c:\windows\system32\nvmctray.dll
                          2013-09-11 23:17 . 2013-09-11 23:17 571168 ----a-w- c:\windows\SysWow64\nvStreaming.exe
                          2013-09-11 22:06 . 2012-10-10 21:16 3361114 ----a-w- c:\windows\system32\nvcoproc.bin
                          2013-08-29 01:48 . 2013-10-10 22:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
                          2013-08-07 02:22 . 2010-10-22 09:30 278800 ------w- c:\windows\system32\MpSigStub.exe
                          2013-08-05 02:25 . 2013-09-11 20:34 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
                          2013-08-02 02:14 . 2013-09-11 20:34 215040 ----a-w- c:\windows\system32\winsrv.dll
                          2013-08-02 02:13 . 2013-09-11 20:34 424448 ----a-w- c:\windows\system32\KernelBase.dll
                          2013-08-02 02:13 . 2013-09-11 20:34 1161216 ----a-w- c:\windows\system32\kernel32.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 43520 ----a-w- c:\windows\system32\csrsrv.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 6656 ----a-w- c:\windows\system32\apisetschema.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
                          2013-08-02 02:12 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
                          2013-08-02 01:50 . 2013-09-11 20:34 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
                          2013-08-02 01:48 . 2013-09-11 20:34 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
                          .
                          .
                          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          .
                          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                          REGEDIT4
                          .
                          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                          "Wisdom-soft ScreenHunter 6.0 Free"="0" [X]
                          "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
                          "Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
                          "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-01-10 310128]
                          "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2013-01-10 844144]
                          "KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-01-10 1475952]
                          "KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-12-18 578560]
                          "GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2013-03-27 1098072]
                          "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-02 20472992]
                          "Xvid"="c:\program files (x86)\XviD\CheckUpdate.exe" [2011-01-17 8192]
                          "uTorrent"="c:\users\Peter\AppData\Roaming\uTorrent\uTorrent.exe" [2013-10-16 902736]
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                          "Kerio VPN Client"="c:\program files (x86)\Kerio\VPN Client\kvpncgui.exe" [2010-03-02 4986728]
                          "Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2010-09-21 439536]
                          "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
                          "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
                          "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
                          "SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
                          "OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
                          "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
                          "Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2013-05-08 44128]
                          "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2013-05-08 642664]
                          "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
                          "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
                          "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
                          "Launcher"="c:\program files (x86)\SMINST\Launcher.exe" [2010-04-02 237568]
                          .
                          c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
                          EZ VHS Converter Monitor.lnk - c:\program files (x86)\ION\EZ Video Converter\MediaTVMonitor.exe [2012-2-22 737280]
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                          "ConsentPromptBehaviorAdmin"= 0 (0x0)
                          "ConsentPromptBehaviorUser"= 3 (0x3)
                          "EnableLUA"= 0 (0x0)
                          "EnableUIADesktopToggle"= 0 (0x0)
                          "PromptOnSecureDesktop"= 0 (0x0)
                          "EnableLinkedConnections"= 1 (0x1)
                          .
                          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
                          "LoadAppInit_DLLs"=1 (0x1)
                          "AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured.dll
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
                          "DisableMonitoring"=dword:00000001
                          .
                          R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                          R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                          R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [x]
                          R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
                          R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
                          R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
                          R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys;c:\windows\SYSNATIVE\DRIVERS\Prot6Flt.sys [x]
                          R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
                          R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
                          R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                          R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                          R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys;c:\windows\SYSNAT IVE\DRIVERS\SophosBootDriver.sys [x]
                          S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
                          S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys;c:\windows\SYSNATIVE\DRIVERS\sav onaccess.sys [x]
                          S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
                          S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
                          S2 KVPNCSvc;Kerio VPN Client Service;c:\program files (x86)\Kerio\VPN Client\kvpncsvc.exe;c:\program files (x86)\Kerio\VPN Client\kvpncsvc.exe [x]
                          S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
                          S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
                          S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe;c:\windows\SYSNATIVE\PrintCtrl.exe [x]
                          S2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [x]
                          S2 SAVService;Sophos Anti-Virus;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [x]
                          S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
                          S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
                          S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
                          S2 swi_service;Sophos Web Intelligence Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [x]
                          S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys;c:\windows\SYSNATIVE\DRIVERS\aabed2.sys [x]
                          S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys;c:\windows\SYSNATIVE\DRIVERS\kvnet.sys [x]
                          S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
                          S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
                          S3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
                          S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
                          S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
                          S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
                          S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh .sys [x]
                          S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
                          S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
                          .
                          .
                          --- Andere Services/Drivers In Geheugen ---
                          .
                          *NewlyCreated* - 06243688
                          *NewlyCreated* - 59842762
                          *NewlyCreated* - 87555595
                          *Deregistered* - 06243688
                          *Deregistered* - 59842762
                          *Deregistered* - 87555595
                          .
                          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                          2013-10-04 20:45 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe
                          .
                          Inhoud van de 'Gedeelde Taken' map
                          .
                          2013-10-17 c:\windows\Tasks\Adobe Flash Player Updater.job
                          - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 18:16]
                          .
                          2013-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                          - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-31 21:28]
                          .
                          2013-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                          - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-31 21:28]
                          .
                          .
                          --------- X64 Entries -----------
                          .
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                          "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-02 11545192]
                          "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
                          "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1840720]
                          "PrintDisp"="c:\windows\system32\PrintDisp.exe" [2010-01-21 883200]
                          "Greenshot"="c:\program files\Greenshot\Greenshot.exe" [2013-05-20 499712]
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
                          "AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll
                          .
                          ------- Bijkomende Scan -------
                          .
                          uLocal Page = c:\windows\system32\blank.htm
                          uStart Page = hxxp://www.startpagina.nl/
                          mStart Page = hxxp://www.google.com
                          mLocal Page = c:\windows\SysWOW64\blank.htm
                          mSearch Page = hxxp://www.google.com
                          IE: Converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
                          IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
                          IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
                          IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
                          IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
                          LSP: c:\programdata\Sophos Web Intelligence\swi_lsp.dll
                          TCP: DhcpNameServer = 192.168.1.1 212.61.15.8 212.61.25.226
                          DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
                          DPF: {0DBF2423-33D3-4084-B83E-6A3661F2CD46} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/6.5.6/ImageUploader6.cab
                          DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
                          DPF: {B7915D9F-6057-4153-BE1B-8E234BD66980} - hxxp://www.mijnalbum.nl/v3/skinsrc/core/system/ma7.0.23/ImageUploader7.cab
                          FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\
                          FF - ExtSQL: 2013-08-22 23:29; [email protected]; c:\program files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
                          FF - ExtSQL: 2013-08-25 23:43; [email protected]; c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hygx3ami.default\extensions\[email protected] c.com
                          .
                          .
                          ------- Bestandsassociaties -------
                          .
                          JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
                          .
                          - - - - ORPHANS VERWIJDERD - - - -
                          .
                          Toolbar-Locked - (no file)
                          Toolbar-10 - (no file)
                          Wow6432Node-HKCU-Run-AdobeBridge - (no file)
                          Wow6432Node-HKLM-Run-<NO NAME> - (no file)
                          Toolbar-Locked - (no file)
                          Toolbar-10 - (no file)
                          AddRemove-MyFreeCodec - c:\program files (x86)\MyFree Codec\1.0b beta\uninstall.exe
                          .
                          .
                          .
                          --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                          @Denied: (A 2) (Everyone)
                          @="FlashBroker"
                          "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe ,-101"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                          "Enabled"=dword:00000001
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                          @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                          @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                          @Denied: (A 2) (Everyone)
                          @="IFlashBroker5"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                          @="{00020424-0000-0000-C000-000000000046}"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                          @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                          "Version"="1.0"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                          @Denied: (A 2) (Everyone)
                          @="FlashBroker"
                          "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe ,-101"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                          "Enabled"=dword:00000001
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                          @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                          @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                          @Denied: (A 2) (Everyone)
                          @="Shockwave Flash Object"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                          @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
                          "ThreadingModel"="Apartment"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                          @="0"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                          @="ShockwaveFlash.ShockwaveFlash.11"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                          @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                          @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                          @="1.0"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                          @="ShockwaveFlash.ShockwaveFlash"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                          @Denied: (A 2) (Everyone)
                          @="Macromedia Flash Factory Object"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                          @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
                          "ThreadingModel"="Apartment"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                          @="FlashFactory.FlashFactory.1"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                          @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                          @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                          @="1.0"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                          @="FlashFactory.FlashFactory"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                          @Denied: (A 2) (Everyone)
                          @="IFlashBroker5"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                          @="{00020424-0000-0000-C000-000000000046}"
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                          @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                          "Version"="1.0"
                          .
                          [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
                          @Denied: (A) (Users)
                          @Denied: (A) (Everyone)
                          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                          "BlindDial"=dword:00000000
                          .
                          [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
                          @Denied: (A) (Users)
                          @Denied: (A) (Everyone)
                          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                          "BlindDial"=dword:00000000
                          .
                          [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
                          @Denied: (A) (Users)
                          @Denied: (A) (Everyone)
                          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                          "BlindDial"=dword:00000000
                          .
                          [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                          @Denied: (Full) (Everyone)
                          .
                          Voltooingstijd: 2013-10-18 02:13:57
                          ComboFix-quarantined-files.txt 2013-10-18 00:13
                          .
                          Pre-Run: 75.625.668.608 bytes beschikbaar
                          Post-Run: 75.470.843.904 bytes beschikbaar
                          .
                          - - End Of File - - 5BD1C94531F3653BA79A213CBA452A33
                          A36C5E4F47E84449FF07ED3517B43A31

                          Comment


                          • #14
                            Mag ik een verse DDS log aub?
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment


                            • #15
                              Oeps... vergeten... ik kachelde een beetje in...

                              Regel ik vanavond...

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X