Mededeling

Collapse
No announcement yet.

Help! In firefox allemaal rare links en pop ups!

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Help! In firefox allemaal rare links en pop ups!

    Hallo,

    Ik ben Lisanne, nogal een leek op computergebied, maar toch via via op deze site terecht gekomen. Ik heb een probleem en ik krijg t zelf niet verholpen. Als ik firefox open en naar een willekeurige site ga, dan komen er op verschillende woorden ineens hyperlinks te zitten en die verwijzen naar allerlei rare sites (waar je gratis iphones kan winnen etc). Ik vond op deze site dit forum: http://www.nucia.eu/forum/threads/62...ght=rare+links en heb dit ook geprobeerd... Maar t heeft niet mogen baten. Dit is wat ik zie (die groene rondjes met pijltjes én dus popups): Click image for larger version

Name:	prtscreen.jpg
Views:	1
Size:	310,3 KB
ID:	1073810

    Ik heb gedaan wat er wordt opgedragen en allerlei logs gemaakt, die zal ik hierna posten... Ik hoop dat jullie mij kunnen helpen! Alvast bedankt :-)

    Lisanne

  • #2
    1. Malware bytes
    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2013.11.01.03

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16721
    PC :: [administrator]

    1-11-2013 13:47:25
    mbam-log-2013-11-01 (13-47-25).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 220932
    Verstreken tijd: 3 minuut/minuten, 7 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)

    Comment


    • #3
      2. DDS

      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 10.0.9200.16720
      Run by PC at 13:52:28 on 2013-11-01
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1043.18.4008.1952 [GMT 1:00]
      .
      AV: Bitdefender Antivirus *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
      SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      SP: Bitdefender Antispyware *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
      FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
      .
      ============== Running Processes ===============
      .
      C:\windows\system32\lsm.exe
      C:\windows\system32\svchost.exe -k DcomLaunch
      C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
      C:\windows\system32\svchost.exe -k RPCSS
      C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\windows\system32\svchost.exe -k LocalService
      C:\windows\system32\svchost.exe -k netsvcs
      C:\windows\system32\svchost.exe -k NetworkService
      C:\windows\System32\spoolsv.exe
      C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      C:\windows\system32\taskhost.exe
      C:\windows\system32\Dwm.exe
      C:\windows\Explorer.EXE
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
      C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
      c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
      C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
      C:\windows\system32\svchost.exe -k imgsvc
      C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
      C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
      C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
      C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
      C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
      C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
      C:\windows\servicing\TrustedInstaller.exe
      C:\windows\System32\WUDFHost.exe
      C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      C:\Windows\System32\igfxtray.exe
      C:\Windows\System32\hkcmd.exe
      C:\Windows\System32\igfxpers.exe
      C:\Program Files\Microsoft IntelliPoint\ipoint.exe
      C:\Windows\WindowsMobile\wmdc.exe
      C:\Windows\System32\M-AudioTaskBarIcon.exe
      C:\windows\system32\svchost.exe -k WindowsMobile
      C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
      C:\Program Files (x86)\Samsung\Kies\Kies.exe
      C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
      C:\Program Files (x86)\iTunes\iTunesHelper.exe
      C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
      C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
      C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\windows\system32\SearchIndexer.exe
      C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\windows\System32\svchost.exe -k LocalServicePeerNet
      C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\windows\system32\wbem\wmiprvse.exe
      C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
      C:\windows\system32\wbem\unsecapp.exe
      C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
      C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
      C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
      C:\windows\system32\SearchProtocolHost.exe
      C:\windows\system32\SearchFilterHost.exe
      C:\windows\system32\wbem\wmiprvse.exe
      C:\windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://www.google.com
      BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
      BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
      BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
      TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
      uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      uRun: [Akamai NetSession Interface] "C:\Users\PC\AppData\Local\Akamai\netsession_win.exe"
      uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
      mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
      mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
      mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
      mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
      mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
      StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TWONKY~1.LNK - C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
      uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
      uPolicies-Explorer: NoDrives = dword:0
      mPolicies-Explorer: NoDrives = dword:0
      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
      mPolicies-System: ConsentPromptBehaviorUser = dword:3
      mPolicies-System: EnableUIADesktopToggle = dword:0
      IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
      IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
      IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
      IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
      IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
      IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      TCP: NameServer = 192.168.192.1
      TCP: Interfaces\{166B89ED-90EE-4956-98F1-878CE12EE306} : DHCPNameServer = 192.168.192.1
      Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      SSODL: WebCheck - <orphaned>
      x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
      x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
      x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
      x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
      x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
      x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
      x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
      x64-Run: [Windows Mobile Device Center] C:\windows\WindowsMobile\wmdc.exe
      x64-Run: [M-Audio Taskbar Icon] C:\windows\System32\M-AudioTaskBarIcon.exe
      x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe"
      x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
      x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
      x64-Notify: igfxcui - igfxdev.dll
      x64-SSODL: WebCheck - <orphaned>
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\
      FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/
      FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
      FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
      FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
      FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
      FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
      FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
      FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
      .
      ---- FIREFOX POLICIES ----
      FF - user.js: extensions.delta.tlbrSrchUrl -
      FF - user.js: extensions.delta.id - 5875b8920000000000008c89a585c9d9
      FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
      FF - user.js: extensions.delta.instlDay - 15940
      FF - user.js: extensions.delta.vrsn - 1.8.24.6
      FF - user.js: extensions.delta.vrsni - 1.8.24.6
      FF - user.js: extensions.delta.vrsnTs - 1.8.24.611:57:19
      FF - user.js: extensions.delta.prtnrId - delta
      FF - user.js: extensions.delta.prdct - delta
      FF - user.js: extensions.delta.aflt - babsst
      FF - user.js: extensions.delta.smplGrp - none
      FF - user.js: extensions.delta.tlbrId - base
      FF - user.js: extensions.delta.instlRef - sst
      FF - user.js: extensions.delta.dfltLng - nl
      FF - user.js: extensions.delta.excTlbr - false
      FF - user.js: extensions.delta.ffxUnstlRst - true
      FF - user.js: extensions.delta.admin - false
      FF - user.js: extensions.delta_i.babTrack - affID=119842&tsp=4983
      FF - user.js: extensions.delta_i.babExt -
      FF - user.js: extensions.delta_i.srcExt - ss
      FF - user.js: extensions.delta.autoRvrt - false
      FF - user.js: extensions.delta.rvrt - false
      FF - user.js: extensions.delta.newTab - false
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 avc3;avc3;C:\windows\System32\drivers\avc3.sys [2013-11-1 727592]
      R0 gzflt;gzflt;C:\windows\System32\drivers\gzflt.sys [2013-11-1 150256]
      R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2013-11-1 93600]
      R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2013-11-1 103504]
      R1 BDVEDISK;BDVEDISK;C:\windows\System32\drivers\bdvedisk.sys [2013-11-1 76944]
      R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-11-1 95184]
      R2 TwonkyProxy;TwonkyProxy;C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe -start --> C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe -start [?]
      R2 TwonkyServer;TwonkyServer;C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe -serviceversion 0 --> C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe -serviceversion 0 [?]
      R2 TwonkyWebDav;TwonkyWebDav;C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe -start --> C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe -start [?]
      R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-11-1 67320]
      R3 avchv;avchv Function Driver;C:\windows\System32\drivers\avchv.sys [2013-9-20 261056]
      R3 avckf;avckf;C:\windows\System32\drivers\avckf.sys [2013-11-1 601360]
      R3 MBfilt;MBfilt;C:\windows\System32\drivers\MBfilt64.sys [2012-5-3 32344]
      R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-5-3 539240]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
      S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-15 183560]
      S3 BDSandBox;BDSandBox;C:\windows\System32\drivers\bdsandbox.sys [2013-11-1 82824]
      S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2011-3-7 48488]
      S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
      S3 MAUSBFASTTRACK;Service for M-Audio FastTrack;C:\windows\System32\drivers\MAudioFastTrack.sys [2010-12-7 187912]
      S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2013-8-5 169288]
      S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2013-8-5 21320]
      S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2013-8-5 188232]
      S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
      S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
      S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
      S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
      S3 WatAdminSvc;Windows Activation Technologies-service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-6-18 1255736]
      S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2013-11-1 69392]
      S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
      .
      =============== Created Last 30 ================
      .
      2013-11-01 12:46:52 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
      2013-11-01 12:46:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      2013-11-01 12:28:54 -------- d-sh--w- C:\$RECYCLE.BIN
      2013-11-01 12:22:05 98816 ----a-w- C:\windows\sed.exe
      2013-11-01 12:22:05 256000 ----a-w- C:\windows\PEV.exe
      2013-11-01 12:22:05 208896 ----a-w- C:\windows\MBR.exe
      2013-11-01 10:54:33 -------- d-----w- C:\Users\PC\AppData\Roaming\liQeNSoft
      2013-11-01 10:54:33 -------- d-----w- C:\Users\PC\AppData\Local\liQeNSoft
      2013-11-01 10:39:31 -------- d-----w- C:\ProgramData\bdch
      2013-11-01 10:32:54 76944 ----a-w- C:\windows\System32\drivers\bdvedisk.sys
      2013-11-01 10:32:49 93600 ----a-w- C:\windows\System32\drivers\BdfNdisf6.sys
      2013-11-01 10:32:49 82824 ----a-w- C:\windows\System32\drivers\bdsandbox.sys
      2013-11-01 10:32:47 727592 ----a-w- C:\windows\System32\drivers\avc3.sys
      2013-11-01 10:32:47 601360 ----a-w- C:\windows\System32\drivers\avckf.sys
      2013-11-01 10:32:31 -------- d-----w- C:\Users\PC\AppData\Roaming\Bitdefender
      2013-11-01 10:32:29 -------- d-----w- C:\ProgramData\Bitdefender
      2013-11-01 10:32:28 3271472 ---ha-w- C:\bdr-bz01
      2013-11-01 10:30:11 150256 ----a-w- C:\windows\System32\drivers\gzflt.sys
      2013-11-01 10:30:10 389240 ----a-w- C:\windows\System32\drivers\trufos.sys
      2013-10-09 16:05:00 2706432 ----a-w- C:\windows\System32\mshtml.tlb
      2013-10-09 15:49:04 633856 ----a-w- C:\windows\System32\comctl32.dll
      2013-10-09 15:48:59 81920 ----a-w- C:\windows\SysWow64\davclnt.dll
      2013-10-02 15:21:09 21527448 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
      .
      ==================== Find3M ====================
      .
      2013-10-10 08:58:13 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-10-10 08:58:13 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
      2013-09-22 23:28:06 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
      2013-09-22 23:27:49 2876928 ----a-w- C:\windows\SysWow64\jscript9.dll
      2013-09-22 23:27:48 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
      2013-09-22 23:27:48 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
      2013-09-22 22:55:10 2241024 ----a-w- C:\windows\System32\wininet.dll
      2013-09-22 22:54:51 3959296 ----a-w- C:\windows\System32\jscript9.dll
      2013-09-22 22:54:50 67072 ----a-w- C:\windows\System32\iesetup.dll
      2013-09-22 22:54:50 136704 ----a-w- C:\windows\System32\iesysprep.dll
      2013-09-21 03:30:24 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
      2013-09-21 02:48:36 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
      2013-09-21 02:39:47 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
      2013-09-20 07:49:06 466666 ----a-w- C:\ProgramData\1379663076.bdinstall.bin
      2013-09-14 01:10:19 497152 ----a-w- C:\windows\System32\drivers\afd.sys
      2013-09-08 02:30:37 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys
      2013-09-08 02:27:14 327168 ----a-w- C:\windows\System32\mswsock.dll
      2013-09-08 02:03:58 231424 ----a-w- C:\windows\SysWow64\mswsock.dll
      2013-09-04 12:12:11 343040 ----a-w- C:\windows\System32\drivers\usbhub.sys
      2013-09-04 12:11:51 325120 ----a-w- C:\windows\System32\drivers\usbport.sys
      2013-09-04 12:11:49 99840 ----a-w- C:\windows\System32\drivers\usbccgp.sys
      2013-09-04 12:11:43 52736 ----a-w- C:\windows\System32\drivers\usbehci.sys
      2013-09-04 12:11:43 30720 ----a-w- C:\windows\System32\drivers\usbuhci.sys
      2013-09-04 12:11:42 25600 ----a-w- C:\windows\System32\drivers\usbohci.sys
      2013-09-04 12:11:40 7808 ----a-w- C:\windows\System32\drivers\usbd.sys
      2013-08-29 02:17:48 5549504 ----a-w- C:\windows\System32\ntoskrnl.exe
      2013-08-29 02:16:35 1732032 ----a-w- C:\windows\System32\ntdll.dll
      2013-08-29 02:16:28 243712 ----a-w- C:\windows\System32\wow64.dll
      2013-08-29 02:16:14 859648 ----a-w- C:\windows\System32\tdh.dll
      2013-08-29 02:13:28 878080 ----a-w- C:\windows\System32\advapi32.dll
      2013-08-29 01:51:45 3969472 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
      2013-08-29 01:51:45 3914176 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
      2013-08-29 01:50:31 5120 ----a-w- C:\windows\SysWow64\wow32.dll
      2013-08-29 01:50:30 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll
      2013-08-29 01:50:16 619520 ----a-w- C:\windows\SysWow64\tdh.dll
      2013-08-29 01:48:17 640512 ----a-w- C:\windows\SysWow64\advapi32.dll
      2013-08-29 01:48:15 44032 ----a-w- C:\windows\apppatch\acwow64.dll
      2013-08-29 00:49:53 25600 ----a-w- C:\windows\SysWow64\setup16.exe
      2013-08-29 00:49:52 7680 ----a-w- C:\windows\SysWow64\instnm.exe
      2013-08-29 00:49:52 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
      2013-08-29 00:49:49 2048 ----a-w- C:\windows\SysWow64\user.exe
      2013-08-28 01:21:06 3155968 ----a-w- C:\windows\System32\win32k.sys
      2013-08-28 01:12:33 461312 ----a-w- C:\windows\System32\scavengeui.dll
      2013-08-05 02:25:45 155584 ----a-w- C:\windows\System32\drivers\ataport.sys
      .
      ============= FINISH: 13:53:17,37 ===============

      Comment


      • #4
        Het Gmer logbestand is te groot dus toch als bijlage... gmer2.txt

        Comment


        • #5
          Hallo Lisanne,

          Voer eens een scan uit met ADWcleaner.
          Instructies vind je hier: http://users.telenet.be/marcvn/spyware/adwcleaner.html
          Post het logje dat je krijgt en geef ook een update van de problemen.

          Comment


          • #6
            Hoi Marckie,

            Bedankt voor je snelle reactie. Hier de log van ADWcleaner:

            # AdwCleaner v3.010 - Report created 01/11/2013 at 22:13:51
            # Updated 20/10/2013 by Xplode
            # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
            # Username : PC - KRAAKMAN
            # Running from : C:\Users\PC\Desktop\adwcleaner.exe
            # Option : Scan

            ***** [ Services ] *****


            ***** [ Files / Folders ] *****

            File Found : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\invalidprefs.js
            File Found : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\user.js
            Folder Found C:\Program Files (x86)\OApps
            Folder Found C:\ProgramData\Babylon

            ***** [ Shortcuts ] *****


            ***** [ Registry ] *****

            Key Found : HKCU\Software\Delta
            Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
            Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
            Key Found : HKCU\Software\Softonic
            Key Found : [x64] HKCU\Software\Delta
            Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
            Key Found : [x64] HKCU\Software\Softonic
            Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
            Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
            Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
            Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
            Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
            Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
            Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
            Key Found : HKLM\SOFTWARE\Classes\Prod.cap
            Key Found : HKLM\Software\Delta
            Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
            Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
            Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
            Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

            ***** [ Browsers ] *****

            -\\ Internet Explorer v10.0.9200.16720


            -\\ Mozilla Firefox v24.0 (nl)

            [ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\prefs.js ]

            Line Found : user_pref("extensions.delta.admin", false);
            Line Found : user_pref("extensions.delta.aflt", "babsst");
            Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
            Line Found : user_pref("extensions.delta.autoRvrt", "false");
            Line Found : user_pref("extensions.delta.bbDpng", "23");
            Line Found : user_pref("extensions.delta.cntry", "NL");
            Line Found : user_pref("extensions.delta.dfltLng", "nl");
            Line Found : user_pref("extensions.delta.excTlbr", false);
            Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
            Line Found : user_pref("extensions.delta.hdrMd5", "6569EF4CB4BD32C0CF315A3085BC3220");
            Line Found : user_pref("extensions.delta.id", "5875b8920000000000008c89a585c9d9");
            Line Found : user_pref("extensions.delta.instlDay", "15940");
            Line Found : user_pref("extensions.delta.instlRef", "sst");
            Line Found : user_pref("extensions.delta.lastVrsnTs", "1.8.24.611:57:19");
            Line Found : user_pref("extensions.delta.newTab", false);
            Line Found : user_pref("extensions.delta.prdct", "delta");
            Line Found : user_pref("extensions.delta.prtnrId", "delta");
            Line Found : user_pref("extensions.delta.rvrt", "false");
            Line Found : user_pref("extensions.delta.sg", "azb");
            Line Found : user_pref("extensions.delta.smplGrp", "none");
            Line Found : user_pref("extensions.delta.tlbrId", "base");
            Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
            Line Found : user_pref("extensions.delta.vrsn", "1.8.24.6");
            Line Found : user_pref("extensions.delta.vrsnTs", "1.8.24.611:57:19");
            Line Found : user_pref("extensions.delta.vrsni", "1.8.24.6");
            Line Found : user_pref("extensions.delta_i.babExt", "");
            Line Found : user_pref("extensions.delta_i.babTrack", "affID=119842&tsp=4983");
            Line Found : user_pref("extensions.delta_i.srcExt", "ss");

            *************************

            AdwCleaner[R0].txt - [4207 octets] - [01/11/2013 22:13:51]

            ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4267 octets] ##########

            Comment


            • #7
              Prima. Klik nu op de knop "Clean" en laat alles verwijderen wat gevonden.
              Meldt of er nog problemen zijn.

              Comment


              • #8
                Hoi Marckie,

                Helaas... Er is niks veranderd.. Nog steeds overal links en popups!

                Comment


                • #9
                  Post het logje dat ADWCleaner gemaakt heeft.

                  Comment


                  • #10
                    Dit is t log van de quarantine:

                    C:\Program Files (x86)\OApps\chrome-sl.crx->C:\AdwCleaner\Quarantine\C\Program Files (x86)\OApps\chrome-sl.crx.vir
                    C:\Program Files (x86)\OApps\dler.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\OApps\dler.exe.vir
                    C:\Program Files (x86)\OApps\SelectionLinks.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\OApps\SelectionLinks.exe.vir
                    C:\Program Files (x86)\OApps\sl-dlc_uninstall.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\OApps\sl-dlc_uninstall.exe.vir
                    C:\Program Files (x86)\OApps\status2.txt->C:\AdwCleaner\Quarantine\C\Program Files (x86)\OApps\status2.txt.vir
                    C:\Program Files (x86)\OApps\status3.txt->C:\AdwCleaner\Quarantine\C\Program Files (x86)\OApps\status3.txt.vir
                    C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\invalidprefs.js->C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\inval idprefs.js.vir
                    C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\user.js->C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\user. js.vir


                    En dit de log [S01] (de vorige post was log [R01]):
                    # AdwCleaner v3.010 - Report created 01/11/2013 at 22:15:53
                    # Updated 20/10/2013 by Xplode
                    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
                    # Username : PC - KRAAKMAN
                    # Running from : C:\Users\PC\Desktop\adwcleaner.exe
                    # Option : Clean

                    ***** [ Services ] *****


                    ***** [ Files / Folders ] *****

                    Folder Deleted : C:\ProgramData\Babylon
                    Folder Deleted : C:\Program Files (x86)\OApps
                    File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\invalidprefs.js
                    File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\user.js

                    ***** [ Shortcuts ] *****


                    ***** [ Registry ] *****

                    Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
                    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
                    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
                    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
                    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
                    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
                    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
                    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
                    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
                    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
                    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
                    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
                    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
                    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
                    Key Deleted : HKCU\Software\Delta
                    Key Deleted : HKCU\Software\Softonic
                    Key Deleted : HKLM\Software\Delta

                    ***** [ Browsers ] *****

                    -\\ Internet Explorer v10.0.9200.16720


                    -\\ Mozilla Firefox v24.0 (nl)

                    [ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\prefs.js ]

                    Line Deleted : user_pref("extensions.delta.admin", false);
                    Line Deleted : user_pref("extensions.delta.aflt", "babsst");
                    Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
                    Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
                    Line Deleted : user_pref("extensions.delta.bbDpng", "23");
                    Line Deleted : user_pref("extensions.delta.cntry", "NL");
                    Line Deleted : user_pref("extensions.delta.dfltLng", "nl");
                    Line Deleted : user_pref("extensions.delta.excTlbr", false);
                    Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
                    Line Deleted : user_pref("extensions.delta.hdrMd5", "6569EF4CB4BD32C0CF315A3085BC3220");
                    Line Deleted : user_pref("extensions.delta.id", "5875b8920000000000008c89a585c9d9");
                    Line Deleted : user_pref("extensions.delta.instlDay", "15940");
                    Line Deleted : user_pref("extensions.delta.instlRef", "sst");
                    Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.24.611:57:19");
                    Line Deleted : user_pref("extensions.delta.newTab", false);
                    Line Deleted : user_pref("extensions.delta.prdct", "delta");
                    Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
                    Line Deleted : user_pref("extensions.delta.rvrt", "false");
                    Line Deleted : user_pref("extensions.delta.sg", "azb");
                    Line Deleted : user_pref("extensions.delta.smplGrp", "none");
                    Line Deleted : user_pref("extensions.delta.tlbrId", "base");
                    Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
                    Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
                    Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.611:57:19");
                    Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
                    Line Deleted : user_pref("extensions.delta_i.babExt", "");
                    Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119842&tsp=4983");
                    Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");

                    *************************

                    AdwCleaner[R0].txt - [4367 octets] - [01/11/2013 22:13:51]
                    AdwCleaner[S0].txt - [4188 octets] - [01/11/2013 22:15:53]

                    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4248 octets] ##########

                    Comment


                    • #11
                      Oh overigens hebben we niet alleen een C-schijf, maar ook nog een D-schijf waar alle documenten, foto's, downloads etc op staan... Misschien handig om te weten?

                      Comment


                      • #12
                        Hallo,

                        Scan opnieuw met ADWcleaner en post het logje dat je krijgt.

                        Comment


                        • #13
                          Ik heb gisteravond laat (R1) vanochtend nog een keer gescand en toen weer op clean gedrukt (R2) en nu zojuist weer gescand (R3), maar nog niet op clean gedrukt! Daarvan zijn dit de logs

                          R1:
                          # AdwCleaner v3.010 - Report created 01/11/2013 at 22:32:04
                          # Updated 20/10/2013 by Xplode
                          # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
                          # Username : PC - KRAAKMAN
                          # Running from : C:\Users\PC\Desktop\adwcleaner.exe
                          # Option : Scan

                          ***** [ Services ] *****


                          ***** [ Files / Folders ] *****


                          ***** [ Shortcuts ] *****


                          ***** [ Registry ] *****


                          ***** [ Browsers ] *****

                          -\\ Internet Explorer v10.0.9200.16720


                          -\\ Mozilla Firefox v24.0 (nl)

                          [ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\prefs.js ]


                          *************************

                          AdwCleaner[R0].txt - [4367 octets] - [01/11/2013 22:13:51]
                          AdwCleaner[R1].txt - [681 octets] - [01/11/2013 22:32:04]
                          AdwCleaner[S0].txt - [4336 octets] - [01/11/2013 22:15:53]

                          ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [800 octets] ##########

                          S1:

                          # AdwCleaner v3.010 - Report created 01/11/2013 at 22:32:31
                          # Updated 20/10/2013 by Xplode
                          # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
                          # Username : PC - KRAAKMAN
                          # Running from : C:\Users\PC\Desktop\adwcleaner.exe
                          # Option : Clean

                          ***** [ Services ] *****


                          ***** [ Files / Folders ] *****


                          ***** [ Shortcuts ] *****


                          ***** [ Registry ] *****


                          ***** [ Browsers ] *****

                          -\\ Internet Explorer v10.0.9200.16720


                          -\\ Mozilla Firefox v24.0 (nl)

                          [ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\prefs.js ]


                          *************************

                          AdwCleaner[R0].txt - [4367 octets] - [01/11/2013 22:13:51]
                          AdwCleaner[R1].txt - [879 octets] - [01/11/2013 22:32:04]
                          AdwCleaner[S0].txt - [4336 octets] - [01/11/2013 22:15:53]
                          AdwCleaner[S1].txt - [801 octets] - [01/11/2013 22:32:31]

                          ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [860 octets] ##########

                          R2:

                          # AdwCleaner v3.010 - Report created 02/11/2013 at 09:13:04
                          # Updated 20/10/2013 by Xplode
                          # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
                          # Username : PC - KRAAKMAN
                          # Running from : C:\Users\PC\Desktop\adwcleaner.exe
                          # Option : Scan

                          ***** [ Services ] *****


                          ***** [ Files / Folders ] *****


                          ***** [ Shortcuts ] *****


                          ***** [ Registry ] *****


                          ***** [ Browsers ] *****

                          -\\ Internet Explorer v10.0.9200.16720


                          -\\ Mozilla Firefox v24.0 (nl)

                          [ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\prefs.js ]


                          *************************

                          AdwCleaner[R0].txt - [4367 octets] - [01/11/2013 22:13:51]
                          AdwCleaner[R1].txt - [879 octets] - [01/11/2013 22:32:04]
                          AdwCleaner[R2].txt - [740 octets] - [02/11/2013 09:13:04]
                          AdwCleaner[S0].txt - [4336 octets] - [01/11/2013 22:15:53]
                          AdwCleaner[S1].txt - [939 octets] - [01/11/2013 22:32:31]

                          ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [918 octets] ##########

                          S2:

                          # AdwCleaner v3.010 - Report created 02/11/2013 at 09:14:35
                          # Updated 20/10/2013 by Xplode
                          # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
                          # Username : PC - KRAAKMAN
                          # Running from : C:\Users\PC\Desktop\adwcleaner.exe
                          # Option : Clean

                          ***** [ Services ] *****


                          ***** [ Files / Folders ] *****


                          ***** [ Shortcuts ] *****


                          ***** [ Registry ] *****


                          ***** [ Browsers ] *****

                          -\\ Internet Explorer v10.0.9200.16720


                          -\\ Mozilla Firefox v24.0 (nl)

                          [ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\prefs.js ]


                          *************************

                          AdwCleaner[R0].txt - [4367 octets] - [01/11/2013 22:13:51]
                          AdwCleaner[R1].txt - [879 octets] - [01/11/2013 22:32:04]
                          AdwCleaner[R2].txt - [997 octets] - [02/11/2013 09:13:04]
                          AdwCleaner[S0].txt - [4336 octets] - [01/11/2013 22:15:53]
                          AdwCleaner[S1].txt - [939 octets] - [01/11/2013 22:32:31]
                          AdwCleaner[S2].txt - [919 octets] - [02/11/2013 09:14:35]

                          ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [978 octets] ##########



                          R3:
                          # AdwCleaner v3.010 - Report created 02/11/2013 at 11:08:35
                          # Updated 20/10/2013 by Xplode
                          # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
                          # Username : PC - KRAAKMAN
                          # Running from : C:\Users\PC\Desktop\adwcleaner.exe
                          # Option : Scan

                          ***** [ Services ] *****


                          ***** [ Files / Folders ] *****


                          ***** [ Shortcuts ] *****


                          ***** [ Registry ] *****


                          ***** [ Browsers ] *****

                          -\\ Internet Explorer v10.0.9200.16720


                          -\\ Mozilla Firefox v24.0 (nl)

                          [ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\az5pn00u.default\prefs.js ]


                          *************************

                          AdwCleaner[R0].txt - [4367 octets] - [01/11/2013 22:13:51]
                          AdwCleaner[R1].txt - [879 octets] - [01/11/2013 22:32:04]
                          AdwCleaner[R2].txt - [997 octets] - [02/11/2013 09:13:04]
                          AdwCleaner[R3].txt - [799 octets] - [02/11/2013 11:08:35]
                          AdwCleaner[S0].txt - [4336 octets] - [01/11/2013 22:15:53]
                          AdwCleaner[S1].txt - [939 octets] - [01/11/2013 22:32:31]
                          AdwCleaner[S2].txt - [1057 octets] - [02/11/2013 09:14:35]

                          ########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1037 octets] ##########

                          Comment


                          • #14
                            Die logjes zien er goed uit. Het probleem is er nog steeds neem ik aan?


                            Downloadt TDSSKiller en plaats het op je bureaublad.
                            Dubbelklik op TDSSKiller.exe om de tool te starten.
                            Klik op "Change parameters" en vink aan:
                            - Services and drivers
                            - Boot sectors
                            - Verify drivers digital signatures
                            Klik op "OK"
                            Klik op de knop "Start Scan" en volg de instructies.
                            Wanneer de scan klaar is klik je op de knop "Report".
                            Er opent een kladblokbestand. Post de inhoud van dit bestand.
                            Geeft TDSSKiller aan om een bestand te genezen (Cure),dan sta je dit toe. In dit geval wordt gevraagd om de computer te herstarten. Doe dit onmiddellijk.
                            De unsigned files skip je.
                            Rootkit.Boot.SST.b en anderen zoals Sinowal, ZeroAccess of Whistler laat je herstellen Cure.
                            Na reboot vind je de log op c:\ met de naam TDSSKiller.versie_datum_uur_log.txt.
                            Post dat logje.

                            Comment


                            • #15
                              Hallo,

                              Hier het logje (de eerste helft). Geen vraag gehad om een bestand te genezen.

                              11:38:47.0004 0x0348 TDSS rootkit removing tool 3.0.0.16 Nov 1 2013 15:53:38
                              11:38:52.0828 0x0348 ============================================================
                              11:38:52.0828 0x0348 Current date / time: 2013/11/02 11:38:52.0828
                              11:38:52.0828 0x0348 SystemInfo:
                              11:38:52.0828 0x0348
                              11:38:52.0828 0x0348 OS Version: 6.1.7601 ServicePack: 1.0
                              11:38:52.0828 0x0348 Product type: Workstation
                              11:38:52.0828 0x0348 ComputerName: KRAAKMAN
                              11:38:52.0828 0x0348 UserName: PC
                              11:38:52.0828 0x0348 Windows directory: C:\windows
                              11:38:52.0828 0x0348 System windows directory: C:\windows
                              11:38:52.0828 0x0348 Running under WOW64
                              11:38:52.0828 0x0348 Processor architecture: Intel x64
                              11:38:52.0828 0x0348 Number of processors: 4
                              11:38:52.0828 0x0348 Page size: 0x1000
                              11:38:52.0828 0x0348 Boot type: Normal boot
                              11:38:52.0828 0x0348 ============================================================
                              11:38:57.0729 0x0348 System UUID: {CE3B257E-7521-4B88-CB84-FA55ABA47F5C}
                              11:38:58.0251 0x0348 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
                              11:38:58.0256 0x0348 ============================================================
                              11:38:58.0256 0x0348 \Device\Harddisk0\DR0:
                              11:38:58.0257 0x0348 MBR partitions:
                              11:38:58.0257 0x0348 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2710800, BlocksNum 0x32000
                              11:38:58.0257 0x0348 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2742800, BlocksNum 0xF03C000
                              11:38:58.0257 0x0348 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1177E800, BlocksNum 0xD7689800
                              11:38:58.0257 0x0348 ============================================================
                              11:38:58.0285 0x0348 C: <-> \Device\Harddisk0\DR0\Partition2
                              11:38:58.0308 0x0348 D: <-> \Device\Harddisk0\DR0\Partition3
                              11:38:58.0308 0x0348 ============================================================
                              11:38:58.0308 0x0348 Initialize success
                              11:38:58.0308 0x0348 ============================================================
                              11:39:34.0709 0x16e8 ============================================================
                              11:39:34.0709 0x16e8 Scan started
                              11:39:34.0709 0x16e8 Mode: Manual; SigCheck;
                              11:39:34.0709 0x16e8 ============================================================
                              11:39:34.0709 0x16e8 KSN ping started
                              11:39:35.0797 0x16e8 KSN ping finished: true
                              11:39:36.0775 0x16e8 ================ Scan services =============================
                              11:39:36.0879 0x16e8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
                              11:39:36.0956 0x16e8 1394ohci - ok
                              11:39:36.0976 0x16e8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
                              11:39:36.0992 0x16e8 ACPI - ok
                              11:39:37.0020 0x16e8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
                              11:39:37.0082 0x16e8 AcpiPmi - ok
                              11:39:37.0150 0x16e8 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                              11:39:37.0159 0x16e8 AdobeARMservice - ok
                              11:39:37.0244 0x16e8 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
                              11:39:37.0258 0x16e8 AdobeFlashPlayerUpdateSvc - ok
                              11:39:37.0295 0x16e8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
                              11:39:37.0339 0x16e8 adp94xx - ok
                              11:39:37.0365 0x16e8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
                              11:39:37.0388 0x16e8 adpahci - ok
                              11:39:37.0405 0x16e8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
                              11:39:37.0423 0x16e8 adpu320 - ok
                              11:39:37.0440 0x16e8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
                              11:39:37.0535 0x16e8 AeLookupSvc - ok
                              11:39:37.0563 0x16e8 [ 314C17917AC8523EC77A710215012A65, 725CF2D5F63C06F7704C24FE0CFA696215DADC6C0EC445D9671E82F8E23E56AD ] AFD C:\windows\system32\drivers\afd.sys
                              11:39:37.0622 0x16e8 AFD - ok
                              11:39:37.0635 0x16e8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
                              11:39:37.0655 0x16e8 agp440 - ok
                              11:39:37.0663 0x16e8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
                              11:39:37.0716 0x16e8 ALG - ok
                              11:39:37.0761 0x16e8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
                              11:39:37.0775 0x16e8 aliide - ok
                              11:39:37.0793 0x16e8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
                              11:39:37.0807 0x16e8 amdide - ok
                              11:39:37.0836 0x16e8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
                              11:39:37.0903 0x16e8 AmdK8 - ok
                              11:39:37.0918 0x16e8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
                              11:39:37.0948 0x16e8 AmdPPM - ok
                              11:39:37.0965 0x16e8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
                              11:39:37.0982 0x16e8 amdsata - ok
                              11:39:38.0008 0x16e8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
                              11:39:38.0028 0x16e8 amdsbs - ok
                              11:39:38.0038 0x16e8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
                              11:39:38.0046 0x16e8 amdxata - ok
                              11:39:38.0067 0x16e8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys
                              11:39:38.0202 0x16e8 AppID - ok
                              11:39:38.0221 0x16e8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll
                              11:39:38.0259 0x16e8 AppIDSvc - ok
                              11:39:38.0282 0x16e8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
                              11:39:38.0314 0x16e8 Appinfo - ok
                              11:39:38.0364 0x16e8 [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                              11:39:38.0373 0x16e8 Apple Mobile Device - ok
                              11:39:38.0408 0x16e8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
                              11:39:38.0423 0x16e8 arc - ok
                              11:39:38.0437 0x16e8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
                              11:39:38.0452 0x16e8 arcsas - ok
                              11:39:38.0542 0x16e8 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
                              11:39:38.0609 0x16e8 aspnet_state - ok
                              11:39:38.0625 0x16e8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
                              11:39:38.0667 0x16e8 AsyncMac - ok
                              11:39:38.0686 0x16e8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
                              11:39:38.0694 0x16e8 atapi - ok
                              11:39:38.0727 0x16e8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
                              11:39:38.0771 0x16e8 AudioEndpointBuilder - ok
                              11:39:38.0812 0x16e8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\windows\System32\Audiosrv.dll
                              11:39:38.0852 0x16e8 AudioSrv - ok
                              11:39:39.0129 0x16e8 [ 6FDDD18A650764A59302A018765E5521, 60308CC76C8D65739B46835485CCA1E76B1459EE62520411F1E262C81BC8EBCB ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
                              11:39:39.0166 0x16e8 AVP - ok
                              11:39:39.0208 0x16e8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
                              11:39:39.0260 0x16e8 AxInstSV - ok
                              11:39:39.0291 0x16e8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
                              11:39:39.0343 0x16e8 b06bdrv - ok
                              11:39:39.0372 0x16e8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
                              11:39:39.0419 0x16e8 b57nd60a - ok
                              11:39:39.0471 0x16e8 [ 66E66FD5A83C8BBFB791D14246D84015, D1814B71DE284C9806962341888FE0641B2740190AF63FA05FF0EC594F105916 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
                              11:39:39.0484 0x16e8 BBSvc - ok
                              11:39:39.0518 0x16e8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
                              11:39:39.0554 0x16e8 BDESVC - ok
                              11:39:39.0557 0x16e8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
                              11:39:39.0587 0x16e8 Beep - ok
                              11:39:39.0616 0x16e8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
                              11:39:39.0693 0x16e8 BFE - ok
                              11:39:39.0726 0x16e8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll
                              11:39:39.0801 0x16e8 BITS - ok
                              11:39:39.0821 0x16e8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
                              11:39:39.0849 0x16e8 blbdrive - ok
                              11:39:39.0919 0x16e8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
                              11:39:39.0935 0x16e8 Bonjour Service - ok
                              11:39:39.0952 0x16e8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
                              11:39:39.0986 0x16e8 bowser - ok
                              11:39:39.0998 0x16e8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
                              11:39:40.0026 0x16e8 BrFiltLo - ok
                              11:39:40.0034 0x16e8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
                              11:39:40.0063 0x16e8 BrFiltUp - ok
                              11:39:40.0136 0x16e8 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
                              11:39:40.0184 0x16e8 BridgeMP - ok
                              11:39:40.0219 0x16e8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
                              11:39:40.0243 0x16e8 Browser - ok
                              11:39:40.0268 0x16e8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
                              11:39:40.0326 0x16e8 Brserid - ok
                              11:39:40.0342 0x16e8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
                              11:39:40.0367 0x16e8 BrSerWdm - ok
                              11:39:40.0383 0x16e8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
                              11:39:40.0407 0x16e8 BrUsbMdm - ok
                              11:39:40.0418 0x16e8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
                              11:39:40.0446 0x16e8 BrUsbSer - ok
                              11:39:40.0454 0x16e8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
                              11:39:40.0490 0x16e8 BTHMODEM - ok
                              11:39:40.0517 0x16e8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
                              11:39:40.0545 0x16e8 bthserv - ok
                              11:39:40.0568 0x16e8 catchme - ok
                              11:39:40.0581 0x16e8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
                              11:39:40.0621 0x16e8 cdfs - ok
                              11:39:40.0688 0x16e8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\drivers\cdrom.sys
                              11:39:40.0723 0x16e8 cdrom - ok
                              11:39:40.0745 0x16e8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
                              11:39:40.0781 0x16e8 CertPropSvc - ok
                              11:39:40.0798 0x16e8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
                              11:39:40.0821 0x16e8 circlass - ok
                              11:39:40.0837 0x16e8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
                              11:39:40.0853 0x16e8 CLFS - ok
                              11:39:40.0894 0x16e8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
                              11:39:40.0936 0x16e8 clr_optimization_v2.0.50727_32 - ok
                              11:39:40.0972 0x16e8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
                              11:39:40.0989 0x16e8 clr_optimization_v2.0.50727_64 - ok
                              11:39:41.0061 0x16e8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
                              11:39:41.0208 0x16e8 clr_optimization_v4.0.30319_32 - ok
                              11:39:41.0242 0x16e8 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
                              11:39:41.0255 0x16e8 clr_optimization_v4.0.30319_64 - ok
                              11:39:41.0265 0x16e8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\drivers\CmBatt.sys
                              11:39:41.0287 0x16e8 CmBatt - ok
                              11:39:41.0305 0x16e8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
                              11:39:41.0319 0x16e8 cmdide - ok
                              11:39:41.0353 0x16e8 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\windows\system32\Drivers\cng.sys
                              11:39:41.0375 0x16e8 CNG - ok
                              11:39:41.0387 0x16e8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
                              11:39:41.0400 0x16e8 Compbatt - ok
                              11:39:41.0429 0x16e8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
                              11:39:41.0450 0x16e8 CompositeBus - ok
                              11:39:41.0452 0x16e8 COMSysApp - ok
                              11:39:41.0530 0x16e8 [ F08C6020E57F5E5BF2FD034DB10BEDFB, 288EA64A57057EAD135685F2C46CA53BA0319EA28B7B7A2ECBE29E50ED807FCA ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
                              11:39:41.0579 0x16e8 cphs - ok
                              11:39:41.0594 0x16e8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
                              11:39:41.0609 0x16e8 crcdisk - ok
                              11:39:41.0658 0x16e8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll
                              11:39:41.0692 0x16e8 CryptSvc - ok
                              11:39:41.0720 0x16e8 [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA C:\windows\system32\DRIVERS\CVirtA64.sys
                              11:39:41.0733 0x16e8 CVirtA - ok
                              11:39:41.0794 0x16e8 [ 98C413E1A2FB6E5A4C101C25B3D0B275, 86C02211285F1807A6B276F07C56DE1A54BD5947E513884D8D971A22F4362849 ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
                              11:39:41.0866 0x16e8 CVPND - ok
                              11:39:41.0894 0x16e8 [ 79AF0E203D089AF442A3F70ED00A37FB, BF28BF9AEE23A3052D5ADA6C1B4C255C5F09DED69BB88D2CA3C011D2C3CFA8C1 ] CVPNDRVA C:\windows\system32\Drivers\CVPNDRVA.sys
                              11:39:41.0907 0x16e8 CVPNDRVA - ok
                              11:39:41.0929 0x16e8 [ A5D3D53178394CC7A8A26BB532575B59, 2343AD3AD9598D49C3936BEAB633242AC7FC88CBC0A4DF6EAC19B2FEE694CF9E ] dc3d C:\windows\system32\drivers\dc3d.sys
                              11:39:41.0938 0x16e8 dc3d - ok
                              11:39:41.0970 0x16e8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
                              11:39:42.0024 0x16e8 DcomLaunch - ok
                              11:39:42.0062 0x16e8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
                              11:39:42.0106 0x16e8 defragsvc - ok
                              11:39:42.0121 0x16e8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
                              11:39:42.0173 0x16e8 DfsC - ok
                              11:39:42.0230 0x16e8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
                              11:39:42.0289 0x16e8 Dhcp - ok
                              11:39:42.0334 0x16e8 DigiRefresh - ok
                              11:39:42.0350 0x16e8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
                              11:39:42.0405 0x16e8 discache - ok
                              11:39:42.0432 0x16e8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
                              11:39:42.0441 0x16e8 Disk - ok
                              11:39:42.0447 0x16e8 [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE C:\windows\system32\DRIVERS\dne64x.sys
                              11:39:42.0462 0x16e8 DNE - ok
                              11:39:42.0475 0x16e8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
                              11:39:42.0517 0x16e8 Dnscache - ok
                              11:39:42.0541 0x16e8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
                              11:39:42.0573 0x16e8 dot3svc - ok
                              11:39:42.0601 0x16e8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
                              11:39:42.0639 0x16e8 DPS - ok
                              11:39:42.0656 0x16e8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
                              11:39:42.0675 0x16e8 drmkaud - ok
                              11:39:42.0716 0x16e8 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
                              11:39:42.0743 0x16e8 DXGKrnl - ok
                              11:39:42.0759 0x16e8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
                              11:39:42.0788 0x16e8 EapHost - ok
                              11:39:42.0880 0x16e8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
                              11:39:43.0045 0x16e8 ebdrv - ok
                              11:39:43.0059 0x16e8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\windows\System32\lsass.exe
                              11:39:43.0093 0x16e8 EFS - ok
                              11:39:43.0151 0x16e8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
                              11:39:43.0227 0x16e8 ehRecvr - ok
                              11:39:43.0245 0x16e8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
                              11:39:43.0279 0x16e8 ehSched - ok
                              11:39:43.0338 0x16e8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
                              11:39:43.0366 0x16e8 elxstor - ok
                              11:39:43.0384 0x16e8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
                              11:39:43.0417 0x16e8 ErrDev - ok
                              11:39:43.0445 0x16e8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
                              11:39:43.0490 0x16e8 EventSystem - ok
                              11:39:43.0501 0x16e8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
                              11:39:43.0536 0x16e8 exfat - ok
                              11:39:43.0561 0x16e8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
                              11:39:43.0592 0x16e8 fastfat - ok
                              11:39:43.0641 0x16e8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
                              11:39:43.0695 0x16e8 Fax - ok
                              11:39:43.0705 0x16e8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
                              11:39:43.0743 0x16e8 fdc - ok
                              11:39:43.0763 0x16e8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
                              11:39:43.0789 0x16e8 fdPHost - ok
                              11:39:43.0801 0x16e8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
                              11:39:43.0844 0x16e8 FDResPub - ok
                              11:39:43.0854 0x16e8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
                              11:39:43.0863 0x16e8 FileInfo - ok
                              11:39:43.0871 0x16e8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
                              11:39:43.0898 0x16e8 Filetrace - ok
                              11:39:43.0988 0x16e8 [ ACEFEEA621DCA62EFB7A7EEA59F5E91B, 1D998E25B2C4C2DB51BF5E76BD0EFCA172CFC9BC16AFE7044BFC7A9FCF346154 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
                              11:39:44.0061 0x16e8 FLEXnet Licensing Service - ok
                              11:39:44.0075 0x16e8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
                              11:39:44.0099 0x16e8 flpydisk - ok
                              11:39:44.0119 0x16e8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
                              11:39:44.0134 0x16e8 FltMgr - ok
                              11:39:44.0184 0x16e8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
                              11:39:44.0265 0x16e8 FontCache - ok
                              11:39:44.0298 0x16e8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
                              11:39:44.0313 0x16e8 FontCache3.0.0.0 - ok
                              11:39:44.0329 0x16e8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
                              11:39:44.0342 0x16e8 FsDepends - ok
                              11:39:44.0387 0x16e8 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
                              11:39:44.0413 0x16e8 fssfltr - ok
                              11:39:44.0532 0x16e8 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
                              11:39:44.0592 0x16e8 fsssvc - ok
                              11:39:44.0600 0x16e8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
                              11:39:44.0609 0x16e8 Fs_Rec - ok
                              11:39:44.0642 0x16e8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
                              11:39:44.0657 0x16e8 fvevol - ok
                              11:39:44.0674 0x16e8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
                              11:39:44.0690 0x16e8 gagp30kx - ok
                              11:39:44.0729 0x16e8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
                              11:39:44.0757 0x16e8 GEARAspiWDM - ok
                              11:39:44.0794 0x16e8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
                              11:39:44.0862 0x16e8 gpsvc - ok
                              11:39:44.0876 0x16e8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
                              11:39:44.0923 0x16e8 hcw85cir - ok
                              11:39:44.0955 0x16e8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
                              11:39:44.0989 0x16e8 HdAudAddService - ok
                              11:39:45.0008 0x16e8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
                              11:39:45.0028 0x16e8 HDAudBus - ok
                              11:39:45.0037 0x16e8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
                              11:39:45.0068 0x16e8 HidBatt - ok
                              11:39:45.0103 0x16e8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
                              11:39:45.0138 0x16e8 HidBth - ok
                              11:39:45.0162 0x16e8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
                              11:39:45.0181 0x16e8 HidIr - ok
                              11:39:45.0190 0x16e8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll
                              11:39:45.0218 0x16e8 hidserv - ok
                              11:39:45.0273 0x16e8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
                              11:39:45.0295 0x16e8 HidUsb - ok
                              11:39:45.0309 0x16e8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
                              11:39:45.0348 0x16e8 hkmsvc - ok
                              11:39:45.0365 0x16e8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
                              11:39:45.0385 0x16e8 HomeGroupListener - ok
                              11:39:45.0420 0x16e8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
                              11:39:45.0450 0x16e8 HomeGroupProvider - ok
                              11:39:45.0465 0x16e8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
                              11:39:45.0480 0x16e8 HpSAMD - ok
                              11:39:45.0552 0x16e8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
                              11:39:45.0610 0x16e8 HTTP - ok
                              11:39:45.0635 0x16e8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
                              11:39:45.0643 0x16e8 hwpolicy - ok
                              11:39:45.0664 0x16e8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
                              11:39:45.0676 0x16e8 i8042prt - ok
                              11:39:45.0700 0x16e8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
                              11:39:45.0726 0x16e8 iaStorV - ok
                              11:39:45.0779 0x16e8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
                              11:39:45.0822 0x16e8 idsvc - ok
                              11:39:46.0176 0x16e8 [ 371D7F91C0D2314EB984A4A6CBEABC92, DD4B04308596C1E6C75B8772D4421137F3A83285DBCFD4DF54166D2B0B45A317 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
                              11:39:46.0777 0x16e8 igfx - ok
                              11:39:46.0808 0x16e8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
                              11:39:46.0822 0x16e8 iirsp - ok
                              11:39:46.0861 0x16e8 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\windows\System32\ikeext.dll
                              11:39:46.0923 0x16e8 IKEEXT - ok
                              11:39:47.0031 0x16e8 [ CB7DADEF3D83FE2C12655A0BDCBA99F2, AD55A578986F008ED01635D3BB26414D71F418640099BFA92D9CABAB6A88E01D ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
                              11:39:47.0101 0x16e8 IntcAzAudAddService - ok
                              11:39:47.0114 0x16e8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
                              11:39:47.0127 0x16e8 intelide - ok
                              11:39:47.0137 0x16e8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
                              11:39:47.0159 0x16e8 intelppm - ok
                              11:39:47.0176 0x16e8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
                              11:39:47.0212 0x16e8 IPBusEnum - ok
                              11:39:47.0229 0x16e8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
                              11:39:47.0267 0x16e8 IpFilterDriver - ok
                              11:39:47.0306 0x16e8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
                              11:39:47.0353 0x16e8 iphlpsvc - ok
                              11:39:47.0370 0x16e8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
                              11:39:47.0388 0x16e8 IPMIDRV - ok
                              11:39:47.0399 0x16e8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
                              11:39:47.0427 0x16e8 IPNAT - ok
                              11:39:47.0495 0x16e8 [ 4EFFC8FF6D349E971E94B1C670C0C66A, E92DA19CE9725BB4CC34DF94873C6B441AE61679A8C615780E1A1E9404C8FA26 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
                              11:39:47.0516 0x16e8 iPod Service - ok
                              11:39:47.0525 0x16e8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
                              11:39:47.0552 0x16e8 IRENUM - ok
                              11:39:47.0576 0x16e8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
                              11:39:47.0590 0x16e8 isapnp - ok
                              11:39:47.0615 0x16e8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
                              11:39:47.0636 0x16e8 iScsiPrt - ok
                              11:39:47.0656 0x16e8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
                              11:39:47.0665 0x16e8 kbdclass - ok
                              11:39:47.0672 0x16e8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
                              11:39:47.0693 0x16e8 kbdhid - ok
                              11:39:47.0715 0x16e8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\windows\system32\lsass.exe
                              11:39:47.0725 0x16e8 KeyIso - ok
                              11:39:47.0846 0x16e8 [ 549F9D454E9E6697B108F16C569B505A, ED3D637383DB50F13153BBD7A91DD5CADDFA242C6DF1FEA41A3FEC1C6D6C789E ] KL1 C:\windows\system32\DRIVERS\kl1.sys
                              11:39:47.0863 0x16e8 KL1 - ok
                              11:39:47.0928 0x16e8 [ 08DF1B7A82837B92096EC7597C00889A, 3FED44D08BA52E02C8818CE9D08AC617998A025B39486289A41965AE9B7E88EF ] KLIF C:\windows\system32\DRIVERS\klif.sys
                              11:39:47.0948 0x16e8 KLIF - ok
                              11:39:47.0962 0x16e8 [ A7DFA9A2554143667E830E8ABE452D70, 98F6BAC5AEC48871819D50139AA6B6FB27AE9AEEEC8E18188D64B0736F8EC170 ] KLIM6 C:\windows\system32\DRIVERS\klim6.sys
                              11:39:47.0970 0x16e8 KLIM6 - ok
                              11:39:47.0977 0x16e8 [ E6FAA395058F7BAF0F3529CDBA9B7133, 089D1F0835DF99BC6A99C3E96DAE415494C5C33DB48753D23D91D2DEC0BEA192 ] klkbdflt C:\windows\system32\DRIVERS\klkbdflt.sys
                              11:39:47.0991 0x16e8 klkbdflt - ok
                              11:39:48.0007 0x16e8 [ D398DABD44FDDDBED305442BB7BCDB29, A478A5B7C3ADD7802F55D94A6A70BAB3414358136C86B46A720CF7427615460E ] klmouflt C:\windows\system32\DRIVERS\klmouflt.sys
                              11:39:48.0015 0x16e8 klmouflt - ok
                              11:39:48.0029 0x16e8 [ B9B2AEEE5E17B2CEBC034FF2748577A0, 9D36C9CAD35E679D74E903B7C7BBA16B6A013FB439418D29E5D16C0E55912E76 ] kltdi C:\windows\system32\DRIVERS\kltdi.sys
                              11:39:48.0038 0x16e8 kltdi - ok
                              11:39:48.0050 0x16e8 [ 8E880E08D7453DB58DAC36C2C48FFD45, BAB9443D728E7A4B7AD10A4681CBF1F53041451E2B8B67EFE0813027DB311BE7 ] kneps C:\windows\system32\DRIVERS\kneps.sys
                              11:39:48.0061 0x16e8 kneps - ok
                              11:39:48.0079 0x16e8 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
                              11:39:48.0089 0x16e8 KSecDD - ok
                              11:39:48.0100 0x16e8 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
                              11:39:48.0111 0x16e8 KSecPkg - ok
                              11:39:48.0114 0x16e8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
                              11:39:48.0146 0x16e8 ksthunk - ok
                              11:39:48.0172 0x16e8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
                              11:39:48.0220 0x16e8 KtmRm - ok
                              11:39:48.0254 0x16e8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll
                              11:39:48.0292 0x16e8 LanmanServer - ok
                              11:39:48.0307 0x16e8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
                              11:39:48.0341 0x16e8 LanmanWorkstation - ok
                              11:39:48.0352 0x16e8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
                              11:39:48.0379 0x16e8 lltdio - ok
                              11:39:48.0412 0x16e8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
                              11:39:48.0454 0x16e8 lltdsvc - ok
                              11:39:48.0472 0x16e8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
                              11:39:48.0499 0x16e8 lmhosts - ok
                              11:39:48.0527 0x16e8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
                              11:39:48.0543 0x16e8 LSI_FC - ok
                              11:39:48.0556 0x16e8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
                              11:39:48.0572 0x16e8 LSI_SAS - ok
                              11:39:48.0586 0x16e8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
                              11:39:48.0601 0x16e8 LSI_SAS2 - ok
                              11:39:48.0613 0x16e8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
                              11:39:48.0629 0x16e8 LSI_SCSI - ok
                              11:39:48.0645 0x16e8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
                              11:39:48.0681 0x16e8 luafv - ok
                              11:39:48.0703 0x16e8 [ E2C6A3F80C1979B911408C17E3893371, 56FD7B743303BDC751C031372D7242C5CD25DAF927942D2D90F71033E7DE625C ] MAUSBFASTTRACK C:\windows\system32\DRIVERS\MAudioFastTrack.sys
                              11:39:48.0721 0x16e8 MAUSBFASTTRACK - ok
                              11:39:48.0750 0x16e8 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\windows\system32\drivers\mbam.sys
                              11:39:48.0764 0x16e8 MBAMProtector - ok
                              11:39:48.0793 0x16e8 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
                              11:39:48.0808 0x16e8 MBAMScheduler - ok
                              11:39:48.0835 0x16e8 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
                              11:39:48.0857 0x16e8 MBAMService - ok
                              11:39:48.0870 0x16e8 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\windows\system32\drivers\MBfilt64.sys
                              11:39:48.0882 0x16e8 MBfilt - ok
                              11:39:48.0900 0x16e8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
                              11:39:48.0921 0x16e8 Mcx2Svc - ok
                              11:39:48.0927 0x16e8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
                              11:39:48.0941 0x16e8 megasas - ok
                              11:39:48.0961 0x16e8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
                              11:39:48.0983 0x16e8 MegaSR - ok
                              11:39:49.0003 0x16e8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
                              11:39:49.0031 0x16e8 MMCSS - ok
                              11:39:49.0040 0x16e8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
                              11:39:49.0078 0x16e8 Modem - ok
                              11:39:49.0094 0x16e8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
                              11:39:49.0118 0x16e8 monitor - ok
                              11:39:49.0140 0x16e8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
                              11:39:49.0149 0x16e8 mouclass - ok
                              11:39:49.0152 0x16e8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
                              11:39:49.0178 0x16e8 mouhid - ok
                              11:39:49.0200 0x16e8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
                              11:39:49.0210 0x16e8 mountmgr - ok
                              11:39:49.0251 0x16e8 [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
                              11:39:49.0262 0x16e8 MozillaMaintenance - ok
                              11:39:49.0275 0x16e8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
                              11:39:49.0292 0x16e8 mpio - ok
                              11:39:49.0303 0x16e8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
                              11:39:49.0330 0x16e8 mpsdrv - ok
                              11:39:49.0365 0x16e8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
                              11:39:49.0429 0x16e8 MpsSvc - ok
                              11:39:49.0456 0x16e8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
                              11:39:49.0489 0x16e8 MRxDAV - ok
                              11:39:49.0503 0x16e8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
                              11:39:49.0538 0x16e8 mrxsmb - ok
                              11:39:49.0557 0x16e8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
                              11:39:49.0574 0x16e8 mrxsmb10 - ok
                              11:39:49.0589 0x16e8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
                              11:39:49.0616 0x16e8 mrxsmb20 - ok
                              11:39:49.0648 0x16e8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
                              11:39:49.0662 0x16e8 msahci - ok
                              11:39:49.0675 0x16e8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
                              11:39:49.0693 0x16e8 msdsm - ok
                              11:39:49.0709 0x16e8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
                              11:39:49.0731 0x16e8 MSDTC - ok
                              11:39:49.0757 0x16e8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
                              11:39:49.0793 0x16e8 Msfs - ok
                              11:39:49.0826 0x16e8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
                              11:39:49.0864 0x16e8 mshidkmdf - ok
                              11:39:49.0884 0x16e8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
                              11:39:49.0892 0x16e8 msisadrv - ok
                              11:39:49.0936 0x16e8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
                              11:39:49.0985 0x16e8 MSiSCSI - ok
                              11:39:49.0987 0x16e8 msiserver - ok
                              11:39:50.0007 0x16e8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
                              11:39:50.0066 0x16e8 MSKSSRV - ok
                              11:39:50.0095 0x16e8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
                              11:39:50.0136 0x16e8 MSPCLOCK - ok
                              11:39:50.0154 0x16e8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
                              11:39:50.0189 0x16e8 MSPQM - ok
                              11:39:50.0212 0x16e8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
                              11:39:50.0228 0x16e8 MsRPC - ok

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X