Mededeling

Collapse
No announcement yet.

Veel pop ups van nep anti virus programma's

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Veel pop ups van nep anti virus programma's

    Dag allen,

    Ik krijg de laatste tijd enorm veel pop ups van allerlei (nep) anti virus aanbieders. Heb MBAM gedraaid. Deze vond aardig wat besmettingen. Nu zegt MBAM echter dat de computer schoon is, maar helaas is het probleem nog niet verholpen. Inmiddels ook HiJackThis gedraaid. Hieronder de log.
    Wie kan mij helpen?

    HiJackThis log:
    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 11:07:16, on 7-5-2014
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v10.0 (10.00.9200.16537)


    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    c:\program files (x86)\teamviewer\version9\TeamViewer.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
    C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
    C:\Program Files\Alienware\Command Center\AlienFusionController.exe
    C:\Users\Jan\Desktop\Egbert\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1396969835&from=amt&uid=WDCXWD10EZEX-75ZF5A0_WD-WCC1S236683066830&q={searchTerms}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (file missing)
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
    O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
    O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe
    O23 - Service: AlienFXWindowsService - Alienware - C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: Alienware Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: MSI_ODD_Service - Micro-Star Int'l Co., Ltd. - c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\AlienRespawn\SftService.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

    --
    End of file - 9509 bytes


    Bij voorbaat dank!

  • #2
    Hoi Highfive0980 en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub . ( INFO )
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Stap 1:

    Malware scannen en verwijderen....

    Heb je MBAM reeds op je pc staan, moet je niet downloaden uiteraard.

    Download Malwarebytes Anti-Malware naar je bureaublad .

    Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    KLIK HIER voor een vergroting! 
    Klik op de foto voor een vergroting...

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    .
    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs. Dus een tweede "snelle scan" log enkel indien de VOLLEDIGE scan "iets" gevonden heeft.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    .___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scan
    • Klik op Clean
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent een logfile (C:\ AdwCleaner\AdwCleaner[xx].txt
    Post deze inhoud hier op het Forum.

    Enkel de log na de "clean" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in.
    Deze word standaard door AdwCleaner terug gezet naar Google.com
    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.


    ___________________________________________________________

    Stap 4:

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.


    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      log files

      Dag Emphyrio,

      Hartelijk dank voor je reactie. Hierbij de gevraagde logs:

      MBAM:
      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Scandatum: 7-5-2014
      Scantijd: 14:18:05
      Logbestand: mbam.txt
      Beheerder: Ja

      Versie: 2.00.1.1004
      Malwaredatabase: v2014.05.07.03
      Rootkitdatabase: v2014.03.27.01
      Licentie: Gratis
      Malwarebescherming: Uitgeschakeld
      Kwaadaardige Website Bescherming: Uitgeschakeld
      Chameleon: Uitgeschakeld

      Besturingssysteem: Windows 8
      Processor: x64
      Bestandssysteem: NTFS
      Gebruiker: Jan

      Scantype: Bedreigingsscan
      Resultaat: Voltooid
      Objecten Gescand: 299119
      Verstreken Tijd: 4 m, 33 s

      Geheugen: Ingeschakeld
      Opstarten: Ingeschakeld
      Bestandssysteem: Ingeschakeld
      Archieven: Ingeschakeld
      Rootkits: Uitgeschakeld
      Shuriken: Ingeschakeld
      POP: Ingeschakeld
      POA: Ingeschakeld

      Processen: 0
      (No malicious items detected)

      Modules: 0
      (No malicious items detected)

      Registersleutels: 0
      (No malicious items detected)

      Registerwaardes: 0
      (No malicious items detected)

      Registerdata: 0
      (No malicious items detected)

      Mappen: 0
      (No malicious items detected)

      Bestanden: 0
      (No malicious items detected)

      Fysieke Sectoren: 0
      (No malicious items detected)


      (end)

      AdwCleaner:
      # AdwCleaner v3.207 - Rapport aangemaakt 07/05/2014 op 14:19:32
      # Laatste Update 05/05/2014 door Xplode
      # Besturingssysteem : Windows 8 (64 bits)
      # Gebruikersnaam : Jan - KINDER-PC
      # Gestart vanuit : C:\Users\Jan\Desktop\Egbert\adwcleaner.exe
      # Optie : Verwijderen

      ***** [ Services ] *****


      ***** [ Bestanden / Mappen ] *****

      Map Verwijderd : C:\ProgramData\WPM
      Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Dr
      Map Verwijderd : C:\Program Files (x86)\Registry Dr
      Map Verwijderd : C:\windows\SysWOW64\AI_RecycleBin
      Map Verwijderd : C:\Users\Jan\AppData\Local\RegistryDr
      Map Verwijderd : C:\Users\Jan\AppData\Roaming\SupTab
      Map Verwijderd : C:\Users\Jan\Documents\RegistryDr

      ***** [ Snelkoppelingen ] *****

      Snelkoppeling Gedesinfecteerd : C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      Snelkoppeling Gedesinfecteerd : C:\Users\Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

      ***** [ Register ] *****

      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
      Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]
      Sleutel Verwijderd : HKCU\Software\installedbrowserextensions
      Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
      Sleutel Verwijderd : HKLM\Software\IePlugin
      Sleutel Verwijderd : HKLM\Software\installedbrowserextensions
      Sleutel Verwijderd : HKLM\Software\supTab
      Sleutel Verwijderd : HKLM\Software\supWPM
      Sleutel Verwijderd : HKLM\Software\Wpm
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\installedbrowserextensions

      ***** [ Browsers ] *****

      -\\ Internet Explorer v10.0.9200.16537

      Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
      Instelling Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

      *************************

      AdwCleaner[R0].txt - [3120 octets] - [07/05/2014 14:19:16]
      AdwCleaner[S0].txt - [2539 octets] - [07/05/2014 14:19:32]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2599 octets] ##########

      DDS:
      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.55.2
      Run by Jan at 14:23:48 on 2014-05-07
      Microsoft Windows 8 6.2.9200.0.1252.31.1043.18.8079.6447 [GMT 2:00]
      .
      AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      ============== Running Processes ===============
      .
      C:\windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\nvvsvc.exe
      C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
      C:\windows\system32\svchost.exe -k RPCSS
      C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\windows\system32\svchost.exe -k netsvcs
      C:\windows\system32\svchost.exe -k LocalService
      C:\windows\system32\dwm.exe
      C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\windows\system32\svchost.exe -k NetworkService
      C:\windows\System32\spoolsv.exe
      C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
      C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
      C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
      C:\windows\system32\nvvsvc.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
      C:\windows\system32\dashost.exe
      C:\Program Files\Intel\iCLS Client\HeciServer.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe
      C:\windows\System32\svchost.exe -k HPZ12
      C:\windows\System32\svchost.exe -k HPZ12
      C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
      C:\windows\system32\svchost.exe -k imgsvc
      C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
      C:\Program Files\Windows Defender\MsMpEng.exe
      C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
      C:\windows\system32\wbem\wmiprvse.exe
      C:\windows\system32\svchost.exe -k HPService
      C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\windows\System32\svchost.exe -k LocalServicePeerNet
      C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
      C:\windows\system32\taskhostex.exe
      C:\windows\Explorer.EXE
      c:\program files (x86)\teamviewer\version9\TeamViewer.exe
      C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
      C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
      C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
      C:\windows\system32\SearchIndexer.exe
      C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      C:\windows\System32\igfxpers.exe
      C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
      C:\Program Files (x86)\Skype\Phone\Skype.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
      C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
      C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
      C:\Program Files (x86)\iTunes\iTunesHelper.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
      C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
      C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
      C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Alienware\Command Center\AlienFusionService.exe
      C:\Program Files\Alienware\Command Center\AlienFusionController.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      C:\Program Files (x86)\AlienRespawn\SftService.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Program Files (x86)\AlienRespawn\TOASTER.EXE
      C:\windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxps://www.google.nl/
      uDefault_Page_URL = www.google.com
      mStart Page = www.google.com
      mSearch Page = hxxp://www.google.com
      mDefault_Page_URL = www.google.com
      mDefault_Search_URL = www.google.com
      mWinlogon: Userinit = userinit.exe,
      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
      uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
      mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
      mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
      mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
      mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
      mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001055-0002-0055-ABCDEFFEDCBC} - <orphaned>
      TCP: NameServer = 192.168.10.1
      TCP: Interfaces\{D9D92B5A-679B-4F9F-9F1F-877B50984D95} : DHCPNameServer = 192.168.10.1
      TCP: Interfaces\{D9D92B5A-679B-4F9F-9F1F-877B50984D95}\44560235075656C626F6562746562796A6 : DHCPNameServer = 192.168.10.1
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
      AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll
      SSODL: WebCheck - <orphaned>
      x64-mStart Page = www.google.com
      x64-mSearch Page = hxxp://www.google.com
      x64-mDefault_Page_URL = www.google.com
      x64-mDefault_Search_URL = www.google.com
      x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
      x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4
      x64-Run: [Command Center Controllers] "C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe"
      x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
      x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
      x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
      x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
      x64-Notify: igfxcui - igfxdev.dll
      x64-SSODL: WebCheck - <orphaned>
      .
      ============= SERVICES / DRIVERS ===============
      .
      R1 {01531192-f7ef-415f-a549-cfdb11836731}w64;{01531192-f7ef-415f-a549-cfdb11836731}w64;C:\windows\System32\Drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [2014-5-1 61120]
      R1 CLVirtualDrive;CLVirtualDrive;C:\windows\System32\Drivers\CLVirtualDrive.sys [2013-2-8 92536]
      R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-2-8 98208]
      R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2012-7-25 14704]
      R2 AlienFXWindowsService;AlienFXWindowsService;C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [2012-7-25 13168]
      R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
      R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-2-8 166720]
      R2 MSI_ODD_Service;MSI_ODD_Service;C:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe [2011-10-5 76800]
      R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\AlienRespawn\SftService.exe [2013-2-8 1914728]
      R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-7-31 382312]
      R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-5-7 5024576]
      R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-2-8 365376]
      R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2013-2-8 77824]
      R3 CompFilter64;UVCCompositeFilter;C:\windows\System32\Drivers\lvbflt64.sys [2012-10-26 26784]
      R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2013-2-8 342528]
      R3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\Drivers\lvrs64.sys [2012-10-26 351520]
      R3 LVUVC64;@oem153.inf,%PID_0826_DD%(UVC);Logitech HD Webcam C525(UVC);C:\windows\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]
      R3 NTIOLib_X64;NTIOLib_X64;C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [2010-1-18 14136]
      R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2013-2-8 683664]
      S2 DellDigitalDelivery;Alienware Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-6-19 173056]
      S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
      S3 DellRbtn;Airplane Mode Switch;C:\windows\System32\Drivers\DellRbtn.sys [2013-2-8 10752]
      S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\windows\System32\Drivers\nvstusb.sys [2013-2-8 445288]
      S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2013-3-18 54784]
      S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
      .
      =============== Created Last 30 ================
      .
      2014-05-07 12:18:59 -------- d-----w- C:\AdwCleaner
      2014-05-07 07:01:09 119512 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
      2014-05-07 07:00:57 88280 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
      2014-05-07 07:00:57 63192 ----a-w- C:\windows\System32\drivers\mwac.sys
      2014-05-07 07:00:57 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
      2014-05-07 07:00:57 -------- d-----w- C:\ProgramData\Malwarebytes
      2014-05-07 07:00:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
      2014-05-07 05:54:22 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B46B8A95-BF92-49DA-AB38-8A2960374DD8}\mpengine.dll
      2014-05-06 08:16:58 10651704 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
      2014-05-02 06:00:36 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
      2014-05-02 06:00:36 2706432 ----a-w- C:\windows\System32\mshtml.tlb
      2014-05-01 18:49:36 61120 ----a-w- C:\windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys
      2014-04-27 16:01:06 -------- d-sh--w- C:\Recovery
      2014-04-27 07:07:54 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
      2014-04-24 19:38:34 693760 ----a-w- C:\windows\System32\WSShared.dll
      2014-04-24 19:38:34 628024 ----a-w- C:\windows\System32\NotificationUI.exe
      2014-04-24 19:38:33 566784 ----a-w- C:\windows\SysWow64\WSShared.dll
      2014-04-24 19:38:33 163840 ----a-w- C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
      2014-04-24 19:38:33 124928 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
      2014-04-23 07:47:38 217776 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10237.bin
      2014-04-11 23:43:59 3959808 ----a-w- C:\windows\System32\jscript9.dll
      2014-04-11 23:43:59 2877952 ----a-w- C:\windows\SysWow64\jscript9.dll
      2014-04-11 23:43:56 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
      2014-04-09 12:36:54 978432 ----a-w- C:\windows\System32\KernelBase.dll
      2014-04-09 12:36:54 666112 ----a-w- C:\windows\SysWow64\KernelBase.dll
      2014-04-08 16:40:23 61120 ----a-w- C:\windows\System32\drivers\wStLibG64.sys
      2014-04-08 15:22:29 -------- d-----w- C:\ProgramData\Oracle
      2014-04-08 15:19:21 -------- d-----w- C:\Users\Jan\AppData\Roaming\.minecraft
      2014-04-08 15:16:44 -------- d-----w- C:\Users\Jan\AppData\Local\EuroTrade_A.L._Ltd
      2014-04-08 15:11:51 -------- d-----w- C:\Program Files (x86)\Minecraft
      2014-04-08 15:11:39 -------- d-----w- C:\Program Files (x86)\Privacy DR
      2014-04-08 15:11:31 -------- d-----w- C:\Users\Jan\AppData\Roaming\EuroTrade A.L. Ltd
      .
      ==================== Find3M ====================
      .
      2014-04-22 23:47:16 78296 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2014-04-22 23:47:16 694232 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
      2014-03-07 00:48:11 1766400 ----a-w- C:\windows\SysWow64\wininet.dll
      2014-03-07 00:08:30 2240000 ----a-w- C:\windows\System32\wininet.dll
      2014-03-07 00:08:27 915968 ----a-w- C:\windows\System32\uxtheme.dll
      2014-02-08 04:34:42 4036608 ----a-w- C:\windows\System32\win32k.sys
      .
      ============= FINISH: 14:24:41,22 ===============

      checkup.txt:
      Results of screen317's Security Check version 0.99.82
      x64 (UAC is enabled)
      Internet Explorer 10 Out of date!
      ``````````````Antivirus/Firewall Check:``````````````
      Windows Firewall Enabled!
      Windows Defender
      WMI entry may not exist for antivirus; attempting automatic update.
      `````````Anti-malware/Other Utilities Check:`````````
      Java 7 Update 55
      ````````Process Check: objlist.exe by Laurent````````
      Windows Defender MSMpEng.exe
      Windows Defender MsMpEng.exe
      Windows Defender MpCmdRun.exe
      `````````````````System Health check`````````````````
      Total Fragmentation on Drive C: %
      ````````````````````End of Log``````````````````````

      Comment


      • #4
        Prima.

        Download of Update Ccleaner

        Start CCleaner op.
        • Run Ccleaner en klik in de linkse kolom op Opties
        • Selecteer het tabblad Geavanceerd
        • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
        • Selecteer het tabblad Instellingen
        • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
        • Klik in de linkse kolom op Cleaner.
        • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
        • Klik vervolgens in de linkse kolom op Register
        • Klik op Scan naar problemen.
        • Op de vraag of je een backup wil maken van het register, klik je "Ja".
        • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK



        Download TDSSKiller en plaats het op je bureaublad.
        Pak de bestanden in tdsskiller.zip uit.
        Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

        Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit (Load update).

        Klik op de knop "Start Scan" en volg de instructies.
        Zet de items dat het vind in quarantaine

        Als er een Reboot (herstart) wordt gevraagt, dan klik je op Reboot Now.
        Anders klik je op Report.
        Kopie en plak de logfile die tevoorschijn komt.

        Opmerking:

        Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Dag Emphyrio,

          Beide opdrachten uitgevoerd.
          Hierondert de log van TDSSKiller in meerdere posts:

          14:57:52.0765 0x0b88 TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
          14:57:52.0765 0x0b88 UEFI system
          14:57:57.0750 0x0b88 ============================================================
          14:57:57.0750 0x0b88 Current date / time: 2014/05/07 14:57:57.0750
          14:57:57.0750 0x0b88 SystemInfo:
          14:57:57.0750 0x0b88
          14:57:57.0750 0x0b88 OS Version: 6.2.9200 ServicePack: 0.0
          14:57:57.0750 0x0b88 Product type: Workstation
          14:57:57.0750 0x0b88 ComputerName: KINDER-PC
          14:57:57.0750 0x0b88 UserName: Jan
          14:57:57.0750 0x0b88 Windows directory: C:\windows
          14:57:57.0750 0x0b88 System windows directory: C:\windows
          14:57:57.0750 0x0b88 Running under WOW64
          14:57:57.0750 0x0b88 Processor architecture: Intel x64
          14:57:57.0750 0x0b88 Number of processors: 8
          14:57:57.0750 0x0b88 Page size: 0x1000
          14:57:57.0750 0x0b88 Boot type: Normal boot
          14:57:57.0750 0x0b88 ============================================================
          14:57:58.0170 0x0b88 KLMD registered as C:\windows\system32\drivers\38882554.sys
          14:57:58.0290 0x0b88 System UUID: {AC8A65F6-D814-75CD-65F7-4A59B910A144}
          14:57:58.0635 0x0b88 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
          14:57:58.0635 0x0b88 ============================================================
          14:57:58.0635 0x0b88 \Device\Harddisk0\DR0:
          14:57:58.0640 0x0b88 GPT partitions:
          14:57:58.0660 0x0b88 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CCDC5232-8720-42D3-8866-91EC3B317ACE}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
          14:57:58.0660 0x0b88 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {FD74F51A-30EC-42F6-B981-4B8FD11C3726}, Name: Basic data partition, StartLBA 0xFC000, BlocksNum 0x14000
          14:57:58.0660 0x0b88 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A0307BA8-7EEC-4D89-BB41-EA15C8288998}, Name: Microsoft reserved partition, StartLBA 0x110000, BlocksNum 0x40000
          14:57:58.0660 0x0b88 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5DCA94B9-8253-43C1-8CB5-BA8ECACA942F}, Name: Basic data partition, StartLBA 0x150000, BlocksNum 0xFA000
          14:57:58.0660 0x0b88 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3E781D25-D8B2-4FE5-9CCE-946C489E7EB7}, Name: Basic data partition, StartLBA 0x24A000, BlocksNum 0x7332F000
          14:57:58.0660 0x0b88 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {803A6959-7FC8-4449-9D6C-2CFDB1065E58}, Name: , StartLBA 0x73579000, BlocksNum 0xE1000
          14:57:58.0660 0x0b88 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3EA468EB-97C6-4BCD-9902-8F48845CB19A}, Name: Microsoft recovery partition, StartLBA 0x7365A000, BlocksNum 0x10AC5B0
          14:57:58.0660 0x0b88 MBR partitions:
          14:57:58.0660 0x0b88 ============================================================
          14:57:58.0685 0x0b88 C: <-> \Device\Harddisk0\DR0\Partition5
          14:57:58.0685 0x0b88 ============================================================
          14:57:58.0685 0x0b88 Initialize success
          14:57:58.0685 0x0b88 ============================================================
          14:58:01.0472 0x0db8 ============================================================
          14:58:01.0472 0x0db8 Scan started
          14:58:01.0472 0x0db8 Mode: Manual;
          14:58:01.0472 0x0db8 ============================================================
          14:58:01.0472 0x0db8 KSN ping started
          14:58:03.0852 0x0db8 KSN ping finished: true
          14:58:03.0967 0x0db8 ================ Scan system memory ========================
          14:58:03.0967 0x0db8 System memory - ok
          14:58:03.0967 0x0db8 ================ Scan services =============================
          14:58:04.0027 0x0db8 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
          14:58:04.0027 0x0db8 1394ohci - ok
          14:58:04.0047 0x0db8 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\windows\system32\drivers\3ware.sys
          14:58:04.0047 0x0db8 3ware - ok
          14:58:04.0072 0x0db8 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\windows\system32\drivers\ACPI.sys
          14:58:04.0077 0x0db8 ACPI - ok
          14:58:04.0087 0x0db8 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\windows\system32\Drivers\acpiex.sys
          14:58:04.0087 0x0db8 acpiex - ok
          14:58:04.0092 0x0db8 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
          14:58:04.0092 0x0db8 acpipagr - ok
          14:58:04.0092 0x0db8 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
          14:58:04.0092 0x0db8 AcpiPmi - ok
          14:58:04.0097 0x0db8 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\windows\System32\drivers\acpitime.sys
          14:58:04.0097 0x0db8 acpitime - ok
          14:58:04.0102 0x0db8 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\windows\system32\drivers\adp94xx.sys
          14:58:04.0112 0x0db8 adp94xx - ok
          14:58:04.0127 0x0db8 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\windows\system32\drivers\adpahci.sys
          14:58:04.0132 0x0db8 adpahci - ok
          14:58:04.0137 0x0db8 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\windows\system32\drivers\adpu320.sys
          14:58:04.0137 0x0db8 adpu320 - ok
          14:58:04.0157 0x0db8 [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
          14:58:04.0162 0x0db8 AeLookupSvc - ok
          14:58:04.0182 0x0db8 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
          14:58:04.0182 0x0db8 AERTFilters - ok
          14:58:04.0217 0x0db8 [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD C:\windows\system32\drivers\afd.sys
          14:58:04.0227 0x0db8 AFD - ok
          14:58:04.0227 0x0db8 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\windows\system32\drivers\agp440.sys
          14:58:04.0232 0x0db8 agp440 - ok
          14:58:04.0247 0x0db8 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\windows\System32\alg.exe
          14:58:04.0247 0x0db8 ALG - ok
          14:58:04.0282 0x0db8 [ 4C9F377F3C303E5C49A6FE29F50375DB, 8C60E8AC94A679A65C9F372DB133D1FE7BB1797143E26353BE16223615409E7F ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe
          14:58:04.0282 0x0db8 AlienFusionService - ok
          14:58:04.0297 0x0db8 [ 8D5A280918BDD171AE414F85D743B9A9, 168381C4D10422A58E1148ABA58154330EB032FEB4B9B50EEA665F9CAAC3D1A0 ] AlienFXWindowsService C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
          14:58:04.0297 0x0db8 AlienFXWindowsService - ok
          14:58:04.0307 0x0db8 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
          14:58:04.0312 0x0db8 AllUserInstallAgent - ok
          14:58:04.0332 0x0db8 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\windows\System32\drivers\amdk8.sys
          14:58:04.0332 0x0db8 AmdK8 - ok
          14:58:04.0342 0x0db8 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\windows\System32\drivers\amdppm.sys
          14:58:04.0342 0x0db8 AmdPPM - ok
          14:58:04.0357 0x0db8 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\windows\system32\drivers\amdsata.sys
          14:58:04.0357 0x0db8 amdsata - ok
          14:58:04.0372 0x0db8 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
          14:58:04.0377 0x0db8 amdsbs - ok
          14:58:04.0377 0x0db8 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\windows\system32\drivers\amdxata.sys
          14:58:04.0377 0x0db8 amdxata - ok
          14:58:04.0382 0x0db8 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\windows\system32\drivers\appid.sys
          14:58:04.0382 0x0db8 AppID - ok
          14:58:04.0392 0x0db8 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\windows\System32\appidsvc.dll
          14:58:04.0397 0x0db8 AppIDSvc - ok
          14:58:04.0422 0x0db8 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\windows\System32\appinfo.dll
          14:58:04.0422 0x0db8 Appinfo - ok
          14:58:04.0487 0x0db8 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
          14:58:04.0487 0x0db8 Apple Mobile Device - ok
          14:58:04.0492 0x0db8 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\windows\system32\drivers\arc.sys
          14:58:04.0492 0x0db8 arc - ok
          14:58:04.0497 0x0db8 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\windows\system32\drivers\arcsas.sys
          14:58:04.0497 0x0db8 arcsas - ok
          14:58:04.0502 0x0db8 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
          14:58:04.0502 0x0db8 AsyncMac - ok
          14:58:04.0502 0x0db8 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\windows\system32\drivers\atapi.sys
          14:58:04.0502 0x0db8 atapi - ok
          14:58:04.0572 0x0db8 [ CBBD8F724C6C0B3D05477BB5C982D4B8, FE591060960F34E926CDCA4B03A59CB1FDDA098B84C6C4FCF5D0592F79F07670 ] athr C:\windows\system32\DRIVERS\athw8x.sys
          14:58:04.0612 0x0db8 athr - ok
          14:58:04.0642 0x0db8 [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
          14:58:04.0647 0x0db8 AudioEndpointBuilder - ok
          14:58:04.0687 0x0db8 [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv C:\windows\System32\Audiosrv.dll
          14:58:04.0692 0x0db8 Audiosrv - ok
          14:58:04.0707 0x0db8 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\windows\System32\AxInstSV.dll
          14:58:04.0707 0x0db8 AxInstSV - ok
          14:58:04.0727 0x0db8 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
          14:58:04.0732 0x0db8 b06bdrv - ok
          14:58:04.0737 0x0db8 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
          14:58:04.0742 0x0db8 BasicDisplay - ok
          14:58:04.0747 0x0db8 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
          14:58:04.0747 0x0db8 BasicRender - ok
          14:58:04.0772 0x0db8 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\windows\System32\bdesvc.dll
          14:58:04.0777 0x0db8 BDESVC - ok
          14:58:04.0782 0x0db8 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\windows\system32\drivers\Beep.sys
          14:58:04.0782 0x0db8 Beep - ok
          14:58:04.0817 0x0db8 [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\windows\System32\bfe.dll
          14:58:04.0827 0x0db8 BFE - ok
          14:58:04.0852 0x0db8 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\windows\System32\qmgr.dll
          14:58:04.0862 0x0db8 BITS - ok
          14:58:04.0902 0x0db8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
          14:58:04.0907 0x0db8 Bonjour Service - ok
          14:58:04.0922 0x0db8 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
          14:58:04.0922 0x0db8 bowser - ok
          14:58:04.0942 0x0db8 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
          14:58:04.0942 0x0db8 BrokerInfrastructure - ok
          14:58:04.0967 0x0db8 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\windows\System32\browser.dll
          14:58:04.0967 0x0db8 Browser - ok
          14:58:04.0987 0x0db8 [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
          14:58:04.0987 0x0db8 BthAvrcpTg - ok
          14:58:04.0992 0x0db8 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
          14:58:04.0992 0x0db8 BthHFEnum - ok
          14:58:05.0007 0x0db8 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
          14:58:05.0007 0x0db8 bthhfhid - ok
          14:58:05.0012 0x0db8 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
          14:58:05.0012 0x0db8 BTHMODEM - ok
          14:58:05.0027 0x0db8 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\windows\system32\bthserv.dll
          14:58:05.0027 0x0db8 bthserv - ok
          14:58:05.0032 0x0db8 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
          14:58:05.0032 0x0db8 cdfs - ok
          14:58:05.0037 0x0db8 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\windows\System32\drivers\cdrom.sys
          14:58:05.0037 0x0db8 cdrom - ok
          14:58:05.0052 0x0db8 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\windows\System32\certprop.dll
          14:58:05.0057 0x0db8 CertPropSvc - ok
          14:58:05.0062 0x0db8 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\windows\System32\drivers\circlass.sys
          14:58:05.0062 0x0db8 circlass - ok
          14:58:05.0072 0x0db8 [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\windows\system32\drivers\CLFS.sys
          14:58:05.0077 0x0db8 CLFS - ok
          14:58:05.0092 0x0db8 [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\windows\system32\DRIVERS\CLVirtualDrive.sys
          14:58:05.0092 0x0db8 CLVirtualDrive - ok
          14:58:05.0097 0x0db8 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\windows\System32\drivers\CmBatt.sys
          14:58:05.0097 0x0db8 CmBatt - ok
          14:58:05.0122 0x0db8 [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG C:\windows\system32\Drivers\cng.sys
          14:58:05.0132 0x0db8 CNG - ok
          14:58:05.0147 0x0db8 [ 81F2B52C47B8AD32CC4FF967FC8D73DA, 13D84B4096E0F9AB9D04F6CD9E9C0DE4B6DF6F11D63C797266D719FD2429A655 ] CompFilter64 C:\windows\System32\drivers\lvbflt64.sys
          14:58:05.0152 0x0db8 CompFilter64 - ok
          14:58:05.0162 0x0db8 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
          14:58:05.0162 0x0db8 CompositeBus - ok
          14:58:05.0162 0x0db8 COMSysApp - ok
          14:58:05.0172 0x0db8 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\windows\system32\drivers\condrv.sys
          14:58:05.0172 0x0db8 condrv - ok
          14:58:05.0217 0x0db8 [ BAC3B9819BFD603290AC0A2C87D605D3, 26AC456B94251E85B5E0C83050CEABAE04BE9C3F81B9851F259C415C421591CE ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
          14:58:05.0222 0x0db8 cphs - ok
          14:58:05.0252 0x0db8 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\windows\system32\cryptsvc.dll
          14:58:05.0252 0x0db8 CryptSvc - ok
          14:58:05.0282 0x0db8 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\windows\system32\drivers\dam.sys
          14:58:05.0287 0x0db8 dam - ok
          14:58:05.0312 0x0db8 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\windows\system32\rpcss.dll
          14:58:05.0322 0x0db8 DcomLaunch - ok
          14:58:05.0347 0x0db8 [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc C:\windows\System32\defragsvc.dll
          14:58:05.0352 0x0db8 defragsvc - ok
          14:58:05.0392 0x0db8 [ 18B5C959CBE24D4D4C2381EFB87611DE, 57E974F13D316E1A89BDB93CEF8D790B499219A159277944644F533A5010AB23 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
          14:58:05.0392 0x0db8 DellDigitalDelivery - ok
          14:58:05.0412 0x0db8 [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn C:\windows\System32\drivers\DellRbtn.sys
          14:58:05.0412 0x0db8 DellRbtn - ok
          14:58:05.0432 0x0db8 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
          14:58:05.0437 0x0db8 DeviceAssociationService - ok
          14:58:05.0457 0x0db8 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\windows\system32\umpnpmgr.dll
          14:58:05.0457 0x0db8 DeviceInstall - ok
          14:58:05.0477 0x0db8 [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
          14:58:05.0482 0x0db8 Dfsc - ok
          14:58:05.0487 0x0db8 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\windows\system32\dhcpcore.dll
          14:58:05.0492 0x0db8 Dhcp - ok
          14:58:05.0507 0x0db8 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\windows\system32\drivers\discache.sys
          14:58:05.0507 0x0db8 discache - ok
          14:58:05.0537 0x0db8 [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\windows\system32\drivers\disk.sys
          14:58:05.0542 0x0db8 disk - ok
          14:58:05.0547 0x0db8 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\windows\System32\drivers\dmvsc.sys
          14:58:05.0547 0x0db8 dmvsc - ok
          14:58:05.0567 0x0db8 [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\windows\System32\dnsrslvr.dll
          14:58:05.0572 0x0db8 Dnscache - ok
          14:58:05.0587 0x0db8 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\windows\System32\dot3svc.dll
          14:58:05.0587 0x0db8 dot3svc - ok
          14:58:05.0602 0x0db8 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\windows\system32\dps.dll
          14:58:05.0607 0x0db8 DPS - ok
          14:58:05.0617 0x0db8 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
          14:58:05.0617 0x0db8 drmkaud - ok
          14:58:05.0637 0x0db8 [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
          14:58:05.0642 0x0db8 DsmSvc - ok
          14:58:05.0682 0x0db8 [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
          14:58:05.0697 0x0db8 DXGKrnl - ok
          14:58:05.0722 0x0db8 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\windows\System32\eapsvc.dll
          14:58:05.0722 0x0db8 Eaphost - ok
          14:58:05.0797 0x0db8 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\windows\system32\drivers\evbda.sys
          14:58:05.0832 0x0db8 ebdrv - ok
          14:58:05.0842 0x0db8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS C:\windows\System32\lsass.exe
          14:58:05.0842 0x0db8 EFS - ok
          14:58:05.0847 0x0db8 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
          14:58:05.0847 0x0db8 EhStorClass - ok
          14:58:05.0862 0x0db8 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
          14:58:05.0862 0x0db8 EhStorTcgDrv - ok
          14:58:05.0862 0x0db8 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\windows\System32\drivers\errdev.sys
          14:58:05.0867 0x0db8 ErrDev - ok
          14:58:05.0882 0x0db8 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\windows\system32\es.dll
          14:58:05.0892 0x0db8 EventSystem - ok
          14:58:05.0902 0x0db8 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\windows\system32\drivers\exfat.sys
          14:58:05.0907 0x0db8 exfat - ok
          14:58:05.0912 0x0db8 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\windows\system32\drivers\fastfat.sys
          14:58:05.0912 0x0db8 fastfat - ok
          14:58:05.0932 0x0db8 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\windows\system32\fxssvc.exe
          14:58:05.0942 0x0db8 Fax - ok
          14:58:05.0942 0x0db8 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\windows\System32\drivers\fdc.sys
          14:58:05.0948 0x0db8 fdc - ok
          14:58:05.0963 0x0db8 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\windows\system32\fdPHost.dll
          14:58:05.0963 0x0db8 fdPHost - ok
          14:58:05.0973 0x0db8 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\windows\system32\fdrespub.dll
          14:58:05.0978 0x0db8 FDResPub - ok
          14:58:05.0993 0x0db8 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\windows\system32\fhsvc.dll
          14:58:05.0993 0x0db8 fhsvc - ok
          14:58:05.0998 0x0db8 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
          14:58:05.0998 0x0db8 FileInfo - ok
          14:58:06.0008 0x0db8 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\windows\system32\drivers\filetrace.sys
          14:58:06.0008 0x0db8 Filetrace - ok
          14:58:06.0008 0x0db8 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\windows\System32\drivers\flpydisk.sys
          14:58:06.0008 0x0db8 flpydisk - ok
          14:58:06.0028 0x0db8 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
          14:58:06.0033 0x0db8 FltMgr - ok
          14:58:06.0063 0x0db8 [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\windows\system32\FntCache.dll
          14:58:06.0078 0x0db8 FontCache - ok
          14:58:06.0128 0x0db8 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
          14:58:06.0128 0x0db8 FontCache3.0.0.0 - ok
          14:58:06.0138 0x0db8 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
          14:58:06.0138 0x0db8 FsDepends - ok
          14:58:06.0148 0x0db8 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
          14:58:06.0148 0x0db8 Fs_Rec - ok
          14:58:06.0173 0x0db8 [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
          14:58:06.0178 0x0db8 fvevol - ok
          14:58:06.0193 0x0db8 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\windows\System32\drivers\fxppm.sys
          14:58:06.0193 0x0db8 FxPPM - ok
          14:58:06.0203 0x0db8 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
          14:58:06.0203 0x0db8 gagp30kx - ok
          14:58:06.0228 0x0db8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
          14:58:06.0228 0x0db8 GEARAspiWDM - ok
          14:58:06.0238 0x0db8 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
          14:58:06.0238 0x0db8 gencounter - ok
          14:58:06.0263 0x0db8 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
          14:58:06.0263 0x0db8 GPIOClx0101 - ok
          14:58:06.0293 0x0db8 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\windows\System32\gpsvc.dll
          14:58:06.0308 0x0db8 gpsvc - ok
          14:58:06.0328 0x0db8 [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
          14:58:06.0328 0x0db8 HDAudBus - ok
          14:58:06.0338 0x0db8 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\windows\System32\drivers\HidBatt.sys
          14:58:06.0338 0x0db8 HidBatt - ok
          14:58:06.0358 0x0db8 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\windows\System32\drivers\hidbth.sys
          14:58:06.0363 0x0db8 HidBth - ok
          14:58:06.0373 0x0db8 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
          14:58:06.0373 0x0db8 hidi2c - ok
          14:58:06.0378 0x0db8 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\windows\System32\drivers\hidir.sys
          14:58:06.0378 0x0db8 HidIr - ok
          14:58:06.0388 0x0db8 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\windows\system32\hidserv.dll
          14:58:06.0388 0x0db8 hidserv - ok
          14:58:06.0408 0x0db8 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\windows\System32\drivers\hidusb.sys
          14:58:06.0408 0x0db8 HidUsb - ok
          14:58:06.0418 0x0db8 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\windows\system32\kmsvc.dll
          14:58:06.0418 0x0db8 hkmsvc - ok
          14:58:06.0438 0x0db8 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
          14:58:06.0443 0x0db8 HomeGroupListener - ok
          14:58:06.0468 0x0db8 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
          14:58:06.0473 0x0db8 HomeGroupProvider - ok
          14:58:06.0543 0x0db8 [ 930370725FA0FE272346583A7A7D6BDB, 98195638D548A6E5E574E062FDCF4E5833DDE834399787EC51C340699B6E5E64 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
          14:58:06.0548 0x0db8 hpqcxs08 - ok
          14:58:06.0553 0x0db8 [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
          14:58:06.0558 0x0db8 hpqddsvc - ok
          14:58:06.0558 0x0db8 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
          14:58:06.0563 0x0db8 HpSAMD - ok
          14:58:06.0588 0x0db8 [ C995EA1C6915D897E06D41AF95B9312C, 65DE6599F1C735BBDCCE4728F7F98167BCA0BF1B8D4218BBF7546B025C9A38BD ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
          14:58:06.0598 0x0db8 HPSLPSVC - ok
          14:58:06.0633 0x0db8 [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\windows\system32\drivers\HTTP.sys
          14:58:06.0643 0x0db8 HTTP - ok
          14:58:06.0658 0x0db8 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
          14:58:06.0658 0x0db8 hwpolicy - ok
          14:58:06.0668 0x0db8 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
          14:58:06.0673 0x0db8 hyperkbd - ok
          14:58:06.0673 0x0db8 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
          14:58:06.0673 0x0db8 HyperVideo - ok
          14:58:06.0678 0x0db8 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\windows\System32\drivers\i8042prt.sys
          14:58:06.0678 0x0db8 i8042prt - ok
          14:58:06.0688 0x0db8 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
          14:58:06.0693 0x0db8 iaStorV - ok
          14:58:06.0728 0x0db8 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
          14:58:06.0733 0x0db8 IDriverT - ok
          14:58:06.0893 0x0db8 [ 87B67C33144BE5A68D20D9BE4D528E43, 7F8F0CF99541DD721ACAB8A709B6BA2418B2F79532BF252859012E43D83A3F5B ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
          14:58:06.0993 0x0db8 igfx - ok
          14:58:07.0003 0x0db8 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\windows\system32\drivers\iirsp.sys
          14:58:07.0003 0x0db8 iirsp - ok
          14:58:07.0038 0x0db8 [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\windows\System32\ikeext.dll
          14:58:07.0053 0x0db8 IKEEXT - ok
          14:58:07.0138 0x0db8 [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
          14:58:07.0183 0x0db8 IntcAzAudAddService - ok
          14:58:07.0213 0x0db8 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
          14:58:07.0218 0x0db8 IntcDAud - ok
          14:58:07.0258 0x0db8 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
          14:58:07.0268 0x0db8 Intel(R) Capability Licensing Service Interface - ok
          14:58:07.0268 0x0db8 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\windows\system32\drivers\intelide.sys
          14:58:07.0268 0x0db8 intelide - ok
          14:58:07.0283 0x0db8 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\windows\System32\drivers\intelppm.sys
          14:58:07.0283 0x0db8 intelppm - ok
          14:58:07.0288 0x0db8 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
          14:58:07.0288 0x0db8 IpFilterDriver - ok
          14:58:07.0318 0x0db8 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\windows\System32\iphlpsvc.dll
          14:58:07.0328 0x0db8 iphlpsvc - ok
          14:58:07.0333 0x0db8 [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
          14:58:07.0333 0x0db8 IPMIDRV - ok
          14:58:07.0338 0x0db8 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\windows\system32\drivers\ipnat.sys
          14:58:07.0338 0x0db8 IPNAT - ok
          14:58:07.0368 0x0db8 [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
          14:58:07.0378 0x0db8 iPod Service - ok
          14:58:07.0388 0x0db8 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\windows\system32\drivers\irenum.sys
          14:58:07.0388 0x0db8 IRENUM - ok
          14:58:07.0393 0x0db8 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\windows\system32\drivers\isapnp.sys
          14:58:07.0393 0x0db8 isapnp - ok
          14:58:07.0418 0x0db8 [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
          14:58:07.0418 0x0db8 iScsiPrt - ok
          14:58:07.0463 0x0db8 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
          14:58:07.0463 0x0db8 jhi_service - ok
          14:58:07.0473 0x0db8 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\windows\System32\drivers\kbdclass.sys
          14:58:07.0478 0x0db8 kbdclass - ok
          14:58:07.0483 0x0db8 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\windows\System32\drivers\kbdhid.sys
          14:58:07.0483 0x0db8 kbdhid - ok
          14:58:07.0493 0x0db8 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
          14:58:07.0493 0x0db8 kdnic - ok
          14:58:07.0503 0x0db8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso C:\windows\system32\lsass.exe
          14:58:07.0503 0x0db8 KeyIso - ok
          14:58:07.0518 0x0db8 [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
          14:58:07.0518 0x0db8 KSecDD - ok

          Comment


          • #6
            14:58:07.0548 0x0db8 [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
            14:58:07.0548 0x0db8 KSecPkg - ok
            14:58:07.0558 0x0db8 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
            14:58:07.0558 0x0db8 ksthunk - ok
            14:58:07.0583 0x0db8 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\windows\system32\msdtckrm.dll
            14:58:07.0588 0x0db8 KtmRm - ok
            14:58:07.0623 0x0db8 [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\windows\system32\srvsvc.dll
            14:58:07.0628 0x0db8 LanmanServer - ok
            14:58:07.0643 0x0db8 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
            14:58:07.0648 0x0db8 LanmanWorkstation - ok
            14:58:07.0653 0x0db8 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
            14:58:07.0653 0x0db8 lltdio - ok
            14:58:07.0668 0x0db8 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\windows\System32\lltdsvc.dll
            14:58:07.0673 0x0db8 lltdsvc - ok
            14:58:07.0688 0x0db8 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\windows\System32\lmhsvc.dll
            14:58:07.0688 0x0db8 lmhosts - ok
            14:58:07.0698 0x0db8 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
            14:58:07.0703 0x0db8 LMS - ok
            14:58:07.0713 0x0db8 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
            14:58:07.0718 0x0db8 LSI_SAS - ok
            14:58:07.0718 0x0db8 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
            14:58:07.0723 0x0db8 LSI_SAS2 - ok
            14:58:07.0723 0x0db8 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
            14:58:07.0728 0x0db8 LSI_SCSI - ok
            14:58:07.0728 0x0db8 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
            14:58:07.0733 0x0db8 LSI_SSS - ok
            14:58:07.0738 0x0db8 [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM C:\windows\System32\lsm.dll
            14:58:07.0743 0x0db8 LSM - ok
            14:58:07.0768 0x0db8 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\windows\system32\drivers\luafv.sys
            14:58:07.0773 0x0db8 luafv - ok
            14:58:07.0793 0x0db8 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64 C:\windows\system32\DRIVERS\lvrs64.sys
            14:58:07.0798 0x0db8 LVRS64 - ok
            14:58:07.0883 0x0db8 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\windows\system32\DRIVERS\lvuvc64.sys
            14:58:07.0933 0x0db8 LVUVC64 - ok
            14:58:07.0943 0x0db8 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\windows\system32\drivers\megasas.sys
            14:58:07.0943 0x0db8 megasas - ok
            14:58:07.0948 0x0db8 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
            14:58:07.0953 0x0db8 MegaSR - ok
            14:58:07.0963 0x0db8 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\windows\System32\drivers\HECIx64.sys
            14:58:07.0968 0x0db8 MEIx64 - ok
            14:58:07.0978 0x0db8 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\windows\system32\mmcss.dll
            14:58:07.0983 0x0db8 MMCSS - ok
            14:58:07.0983 0x0db8 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\windows\system32\drivers\modem.sys
            14:58:07.0983 0x0db8 Modem - ok
            14:58:07.0998 0x0db8 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\windows\System32\drivers\monitor.sys
            14:58:08.0003 0x0db8 monitor - ok
            14:58:08.0008 0x0db8 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\windows\System32\drivers\mouclass.sys
            14:58:08.0008 0x0db8 mouclass - ok
            14:58:08.0013 0x0db8 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\windows\System32\drivers\mouhid.sys
            14:58:08.0013 0x0db8 mouhid - ok
            14:58:08.0018 0x0db8 [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
            14:58:08.0018 0x0db8 mountmgr - ok
            14:58:08.0038 0x0db8 [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
            14:58:08.0038 0x0db8 mpsdrv - ok
            14:58:08.0073 0x0db8 [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\windows\system32\mpssvc.dll
            14:58:08.0083 0x0db8 MpsSvc - ok
            14:58:08.0088 0x0db8 [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
            14:58:08.0088 0x0db8 MRxDAV - ok
            14:58:08.0118 0x0db8 [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
            14:58:08.0123 0x0db8 mrxsmb - ok
            14:58:08.0138 0x0db8 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
            14:58:08.0138 0x0db8 mrxsmb10 - ok
            14:58:08.0163 0x0db8 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
            14:58:08.0163 0x0db8 mrxsmb20 - ok
            14:58:08.0178 0x0db8 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
            14:58:08.0183 0x0db8 MsBridge - ok
            14:58:08.0193 0x0db8 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\windows\System32\msdtc.exe
            14:58:08.0193 0x0db8 MSDTC - ok
            14:58:08.0203 0x0db8 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\windows\system32\drivers\Msfs.sys
            14:58:08.0203 0x0db8 Msfs - ok
            14:58:08.0218 0x0db8 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
            14:58:08.0218 0x0db8 msgpiowin32 - ok
            14:58:08.0223 0x0db8 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
            14:58:08.0223 0x0db8 mshidkmdf - ok
            14:58:08.0233 0x0db8 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
            14:58:08.0233 0x0db8 mshidumdf - ok
            14:58:08.0248 0x0db8 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\windows\system32\drivers\msisadrv.sys
            14:58:08.0248 0x0db8 msisadrv - ok
            14:58:08.0268 0x0db8 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\windows\system32\iscsiexe.dll
            14:58:08.0273 0x0db8 MSiSCSI - ok
            14:58:08.0273 0x0db8 msiserver - ok
            14:58:08.0293 0x0db8 [ 583E83D46CCEDB47476AC0DB6114136A, BDC537A50DB1514E4ABA10DDB6A4CFBD0779D6E18085EB5B55CD0E76C4A0D3DB ] MSI_ODD_Service c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe
            14:58:08.0293 0x0db8 MSI_ODD_Service - ok
            14:58:08.0303 0x0db8 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
            14:58:08.0303 0x0db8 MSKSSRV - ok
            14:58:08.0318 0x0db8 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
            14:58:08.0318 0x0db8 MsLldp - ok
            14:58:08.0323 0x0db8 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
            14:58:08.0323 0x0db8 MSPCLOCK - ok
            14:58:08.0328 0x0db8 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
            14:58:08.0333 0x0db8 MSPQM - ok
            14:58:08.0338 0x0db8 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\windows\system32\drivers\MsRPC.sys
            14:58:08.0343 0x0db8 MsRPC - ok
            14:58:08.0353 0x0db8 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\windows\System32\drivers\mssmbios.sys
            14:58:08.0353 0x0db8 mssmbios - ok
            14:58:08.0358 0x0db8 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
            14:58:08.0358 0x0db8 MSTEE - ok
            14:58:08.0358 0x0db8 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\windows\System32\drivers\MTConfig.sys
            14:58:08.0358 0x0db8 MTConfig - ok
            14:58:08.0363 0x0db8 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\windows\system32\Drivers\mup.sys
            14:58:08.0363 0x0db8 Mup - ok
            14:58:08.0368 0x0db8 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\windows\system32\drivers\mvumis.sys
            14:58:08.0368 0x0db8 mvumis - ok
            14:58:08.0388 0x0db8 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\windows\system32\qagentRT.dll
            14:58:08.0393 0x0db8 napagent - ok
            14:58:08.0403 0x0db8 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
            14:58:08.0408 0x0db8 NativeWifiP - ok
            14:58:08.0428 0x0db8 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\windows\System32\ncasvc.dll
            14:58:08.0428 0x0db8 NcaSvc - ok
            14:58:08.0443 0x0db8 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
            14:58:08.0443 0x0db8 NcdAutoSetup - ok
            14:58:08.0483 0x0db8 [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\windows\system32\drivers\ndis.sys
            14:58:08.0493 0x0db8 NDIS - ok
            14:58:08.0508 0x0db8 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
            14:58:08.0513 0x0db8 NdisCap - ok
            14:58:08.0513 0x0db8 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
            14:58:08.0518 0x0db8 NdisImPlatform - ok
            14:58:08.0533 0x0db8 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
            14:58:08.0533 0x0db8 NdisTapi - ok
            14:58:08.0543 0x0db8 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
            14:58:08.0543 0x0db8 Ndisuio - ok
            14:58:08.0548 0x0db8 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
            14:58:08.0548 0x0db8 NdisWan - ok
            14:58:08.0553 0x0db8 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys
            14:58:08.0558 0x0db8 NDISWANLEGACY - ok
            14:58:08.0583 0x0db8 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\windows\system32\drivers\NDProxy.sys
            14:58:08.0583 0x0db8 NDProxy - ok
            14:58:08.0588 0x0db8 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\windows\system32\drivers\Ndu.sys
            14:58:08.0588 0x0db8 Ndu - ok
            14:58:08.0613 0x0db8 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
            14:58:08.0613 0x0db8 Net Driver HPZ12 - ok
            14:58:08.0628 0x0db8 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
            14:58:08.0628 0x0db8 NetBIOS - ok
            14:58:08.0633 0x0db8 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
            14:58:08.0638 0x0db8 NetBT - ok
            14:58:08.0648 0x0db8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon C:\windows\system32\lsass.exe
            14:58:08.0653 0x0db8 Netlogon - ok
            14:58:08.0663 0x0db8 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\windows\System32\netman.dll
            14:58:08.0668 0x0db8 Netman - ok
            14:58:08.0698 0x0db8 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\windows\System32\netprofmsvc.dll
            14:58:08.0703 0x0db8 netprofm - ok
            14:58:08.0738 0x0db8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
            14:58:08.0738 0x0db8 NetTcpPortSharing - ok
            14:58:08.0748 0x0db8 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
            14:58:08.0748 0x0db8 nfrd960 - ok
            14:58:08.0773 0x0db8 [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\windows\System32\nlasvc.dll
            14:58:08.0773 0x0db8 NlaSvc - ok
            14:58:08.0783 0x0db8 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\windows\system32\drivers\Npfs.sys
            14:58:08.0783 0x0db8 Npfs - ok
            14:58:08.0793 0x0db8 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
            14:58:08.0793 0x0db8 npsvctrig - ok
            14:58:08.0808 0x0db8 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\windows\system32\nsisvc.dll
            14:58:08.0808 0x0db8 nsi - ok
            14:58:08.0813 0x0db8 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
            14:58:08.0818 0x0db8 nsiproxy - ok
            14:58:08.0868 0x0db8 [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs C:\windows\system32\drivers\Ntfs.sys
            14:58:08.0888 0x0db8 Ntfs - ok
            14:58:08.0898 0x0db8 [ 3F39F013168428C8E505A7B9E6CBA8A2, 6F1FF29E2E710F6D064DC74E8E011331D807C32CC2A622CBE507FD4B4D43F8F4 ] NTIOLib_X64 C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys
            14:58:08.0903 0x0db8 NTIOLib_X64 - ok
            14:58:08.0913 0x0db8 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\windows\system32\drivers\Null.sys
            14:58:08.0913 0x0db8 Null - ok
            14:58:08.0928 0x0db8 [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
            14:58:08.0933 0x0db8 NVHDA - ok
            14:58:09.0163 0x0db8 [ 142E69816EC9C4ED274E1AD3E801F09E, CC8D8CA0C4E8ECA6B662E47031B8397ECFFD2AC71DE7B7033E2FFC6CF69D7D76 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
            14:58:09.0308 0x0db8 nvlddmkm - ok
            14:58:09.0325 0x0db8 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
            14:58:09.0327 0x0db8 nvraid - ok
            14:58:09.0331 0x0db8 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\windows\system32\drivers\nvstor.sys
            14:58:09.0333 0x0db8 nvstor - ok
            14:58:09.0361 0x0db8 [ 17DE7BC5906A7D80A4F86EF67F21F8DB, 9A653FE56A474C51477A6D5E6F69AB81EB7B9EE52EA09A02B24738B0542F2F1B ] NvStUSB C:\windows\System32\drivers\nvstusb.sys
            14:58:09.0366 0x0db8 NvStUSB - ok
            14:58:09.0391 0x0db8 [ EDEF3B2D77698F9FF8BD9A56D297638B, 5946EBF73187458C5C355A6ABDFF1E006C46E9DB120D52EF4E9D873E1197706E ] nvsvc C:\Windows\system32\nvvsvc.exe
            14:58:09.0401 0x0db8 nvsvc - ok
            14:58:09.0446 0x0db8 [ 249357999355A998AA94A3673C3367EB, D33A231EB1B09A838446CE7C4A057CF0DE7C1C62639703EB920BA554EB8A4E0B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
            14:58:09.0456 0x0db8 nvUpdatusService - ok
            14:58:09.0461 0x0db8 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
            14:58:09.0466 0x0db8 nv_agp - ok
            14:58:09.0486 0x0db8 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\windows\system32\pnrpsvc.dll
            14:58:09.0491 0x0db8 p2pimsvc - ok
            14:58:09.0511 0x0db8 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\windows\system32\p2psvc.dll
            14:58:09.0516 0x0db8 p2psvc - ok
            14:58:09.0521 0x0db8 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\windows\System32\drivers\parport.sys
            14:58:09.0521 0x0db8 Parport - ok
            14:58:09.0531 0x0db8 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\windows\system32\drivers\partmgr.sys
            14:58:09.0536 0x0db8 partmgr - ok
            14:58:09.0561 0x0db8 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\windows\System32\pcasvc.dll
            14:58:09.0566 0x0db8 PcaSvc - ok
            14:58:09.0576 0x0db8 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\windows\system32\drivers\pci.sys
            14:58:09.0581 0x0db8 pci - ok
            14:58:09.0586 0x0db8 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\windows\system32\drivers\pciide.sys
            14:58:09.0586 0x0db8 pciide - ok
            14:58:09.0596 0x0db8 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
            14:58:09.0601 0x0db8 pcmcia - ok
            14:58:09.0606 0x0db8 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\windows\system32\drivers\pcw.sys
            14:58:09.0606 0x0db8 pcw - ok
            14:58:09.0631 0x0db8 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\windows\system32\drivers\pdc.sys
            14:58:09.0631 0x0db8 pdc - ok
            14:58:09.0671 0x0db8 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\windows\system32\drivers\peauth.sys
            14:58:09.0681 0x0db8 PEAUTH - ok
            14:58:09.0736 0x0db8 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\windows\SysWow64\perfhost.exe
            14:58:09.0736 0x0db8 PerfHost - ok
            14:58:09.0776 0x0db8 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\windows\system32\pla.dll
            14:58:09.0796 0x0db8 pla - ok

            Comment


            • #7
              14:58:09.0806 0x0db8 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\windows\system32\umpnpmgr.dll
              14:58:09.0806 0x0db8 PlugPlay - ok
              14:58:09.0831 0x0db8 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
              14:58:09.0831 0x0db8 Pml Driver HPZ12 - ok
              14:58:09.0846 0x0db8 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
              14:58:09.0846 0x0db8 PNRPAutoReg - ok
              14:58:09.0866 0x0db8 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\windows\system32\pnrpsvc.dll
              14:58:09.0866 0x0db8 PNRPsvc - ok
              14:58:09.0891 0x0db8 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\windows\System32\ipsecsvc.dll
              14:58:09.0896 0x0db8 PolicyAgent - ok
              14:58:09.0926 0x0db8 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\windows\system32\umpo.dll
              14:58:09.0926 0x0db8 Power - ok
              14:58:09.0931 0x0db8 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
              14:58:09.0931 0x0db8 PptpMiniport - ok
              14:58:10.0006 0x0db8 [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
              14:58:10.0036 0x0db8 PrintNotify - ok
              14:58:10.0051 0x0db8 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\windows\System32\drivers\processr.sys
              14:58:10.0051 0x0db8 Processor - ok
              14:58:10.0066 0x0db8 [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\windows\system32\profsvc.dll
              14:58:10.0071 0x0db8 ProfSvc - ok
              14:58:10.0076 0x0db8 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\windows\system32\DRIVERS\pacer.sys
              14:58:10.0076 0x0db8 Psched - ok
              14:58:10.0101 0x0db8 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\windows\system32\qwave.dll
              14:58:10.0101 0x0db8 QWAVE - ok
              14:58:10.0111 0x0db8 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
              14:58:10.0111 0x0db8 QWAVEdrv - ok
              14:58:10.0116 0x0db8 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
              14:58:10.0116 0x0db8 RasAcd - ok
              14:58:10.0126 0x0db8 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
              14:58:10.0131 0x0db8 RasAgileVpn - ok
              14:58:10.0141 0x0db8 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\windows\System32\rasauto.dll
              14:58:10.0141 0x0db8 RasAuto - ok
              14:58:10.0146 0x0db8 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
              14:58:10.0151 0x0db8 Rasl2tp - ok
              14:58:10.0166 0x0db8 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\windows\System32\rasmans.dll
              14:58:10.0171 0x0db8 RasMan - ok
              14:58:10.0176 0x0db8 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
              14:58:10.0176 0x0db8 RasPppoe - ok
              14:58:10.0181 0x0db8 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
              14:58:10.0181 0x0db8 RasSstp - ok
              14:58:10.0206 0x0db8 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
              14:58:10.0211 0x0db8 rdbss - ok
              14:58:10.0221 0x0db8 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
              14:58:10.0221 0x0db8 rdpbus - ok
              14:58:10.0241 0x0db8 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
              14:58:10.0241 0x0db8 RDPDR - ok
              14:58:10.0266 0x0db8 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
              14:58:10.0266 0x0db8 RdpVideoMiniport - ok
              14:58:10.0281 0x0db8 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
              14:58:10.0281 0x0db8 RDPWD - ok
              14:58:10.0286 0x0db8 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\windows\system32\drivers\rdyboost.sys
              14:58:10.0291 0x0db8 rdyboost - ok
              14:58:10.0306 0x0db8 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\windows\System32\mprdim.dll
              14:58:10.0306 0x0db8 RemoteAccess - ok
              14:58:10.0316 0x0db8 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\windows\system32\regsvc.dll
              14:58:10.0321 0x0db8 RemoteRegistry - ok
              14:58:10.0386 0x0db8 [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
              14:58:10.0391 0x0db8 RichVideo - ok
              14:58:10.0411 0x0db8 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
              14:58:10.0411 0x0db8 RpcEptMapper - ok
              14:58:10.0421 0x0db8 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\windows\system32\locator.exe
              14:58:10.0421 0x0db8 RpcLocator - ok
              14:58:10.0451 0x0db8 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\windows\system32\rpcss.dll
              14:58:10.0461 0x0db8 RpcSs - ok
              14:58:10.0466 0x0db8 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
              14:58:10.0466 0x0db8 rspndr - ok
              14:58:10.0496 0x0db8 [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys
              14:58:10.0506 0x0db8 RTL8168 - ok
              14:58:10.0511 0x0db8 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\windows\System32\drivers\vms3cap.sys
              14:58:10.0511 0x0db8 s3cap - ok
              14:58:10.0526 0x0db8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs C:\windows\system32\lsass.exe
              14:58:10.0526 0x0db8 SamSs - ok
              14:58:10.0531 0x0db8 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
              14:58:10.0531 0x0db8 sbp2port - ok
              14:58:10.0546 0x0db8 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\windows\System32\SCardSvr.dll
              14:58:10.0551 0x0db8 SCardSvr - ok
              14:58:10.0566 0x0db8 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
              14:58:10.0566 0x0db8 scfilter - ok
              14:58:10.0606 0x0db8 [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule C:\windows\system32\schedsvc.dll
              14:58:10.0621 0x0db8 Schedule - ok
              14:58:10.0646 0x0db8 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\windows\System32\certprop.dll
              14:58:10.0646 0x0db8 SCPolicySvc - ok
              14:58:10.0666 0x0db8 [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\windows\System32\drivers\sdbus.sys
              14:58:10.0666 0x0db8 sdbus - ok
              14:58:10.0676 0x0db8 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\windows\System32\SDRSVC.dll
              14:58:10.0681 0x0db8 SDRSVC - ok
              14:58:10.0696 0x0db8 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\windows\System32\drivers\sdstor.sys
              14:58:10.0701 0x0db8 sdstor - ok
              14:58:10.0711 0x0db8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
              14:58:10.0711 0x0db8 secdrv - ok
              14:58:10.0721 0x0db8 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\windows\system32\seclogon.dll
              14:58:10.0721 0x0db8 seclogon - ok
              14:58:10.0726 0x0db8 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\windows\System32\sens.dll
              14:58:10.0726 0x0db8 SENS - ok
              14:58:10.0736 0x0db8 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\windows\system32\sensrsvc.dll
              14:58:10.0736 0x0db8 SensrSvc - ok
              14:58:10.0741 0x0db8 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\windows\system32\drivers\SerCx.sys
              14:58:10.0741 0x0db8 SerCx - ok
              14:58:10.0746 0x0db8 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\windows\System32\drivers\serenum.sys
              14:58:10.0746 0x0db8 Serenum - ok
              14:58:10.0746 0x0db8 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\windows\System32\drivers\serial.sys
              14:58:10.0746 0x0db8 Serial - ok
              14:58:10.0751 0x0db8 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\windows\System32\drivers\sermouse.sys
              14:58:10.0751 0x0db8 sermouse - ok
              14:58:10.0771 0x0db8 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\windows\system32\sessenv.dll
              14:58:10.0776 0x0db8 SessionEnv - ok
              14:58:10.0781 0x0db8 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\windows\System32\drivers\sfloppy.sys
              14:58:10.0781 0x0db8 sfloppy - ok
              14:58:10.0846 0x0db8 [ AA37EE4C012656A974561D68E0A40291, 3C029D3A0929B698ED02185354DD2AAF9575774B3AE1FC2AEF65F08F19235A8C ] SftService C:\Program Files (x86)\AlienRespawn\SftService.exe
              14:58:10.0866 0x0db8 SftService - ok
              14:58:10.0911 0x0db8 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\windows\System32\ipnathlp.dll
              14:58:10.0916 0x0db8 SharedAccess - ok
              14:58:10.0936 0x0db8 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
              14:58:10.0941 0x0db8 ShellHWDetection - ok
              14:58:10.0946 0x0db8 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
              14:58:10.0946 0x0db8 SiSRaid2 - ok
              14:58:10.0951 0x0db8 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
              14:58:10.0951 0x0db8 SiSRaid4 - ok
              14:58:10.0976 0x0db8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
              14:58:10.0981 0x0db8 SkypeUpdate - ok
              14:58:10.0986 0x0db8 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\windows\System32\snmptrap.exe
              14:58:10.0986 0x0db8 SNMPTRAP - ok
              14:58:11.0006 0x0db8 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\windows\system32\drivers\spaceport.sys
              14:58:11.0011 0x0db8 spaceport - ok
              14:58:11.0016 0x0db8 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\windows\system32\drivers\SpbCx.sys
              14:58:11.0016 0x0db8 SpbCx - ok
              14:58:11.0041 0x0db8 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\windows\System32\spoolsv.exe
              14:58:11.0051 0x0db8 Spooler - ok
              14:58:11.0151 0x0db8 [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\windows\system32\sppsvc.exe
              14:58:11.0206 0x0db8 sppsvc - ok
              14:58:11.0221 0x0db8 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\windows\system32\DRIVERS\srv.sys
              14:58:11.0226 0x0db8 srv - ok
              14:58:11.0261 0x0db8 [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
              14:58:11.0266 0x0db8 srv2 - ok
              14:58:11.0291 0x0db8 [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
              14:58:11.0296 0x0db8 srvnet - ok
              14:58:11.0306 0x0db8 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
              14:58:11.0311 0x0db8 SSDPSRV - ok
              14:58:11.0316 0x0db8 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\windows\system32\sstpsvc.dll
              14:58:11.0316 0x0db8 SstpSvc - ok
              14:58:11.0336 0x0db8 Steam Client Service - ok
              14:58:11.0371 0x0db8 [ 048B32E0DBB8304A498483F5EB2551F2, 4ECA2D56758AE2E448F797C09B44304A70A674101E86B9F000A34FB194CC9AC0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
              14:58:11.0376 0x0db8 Stereo Service - ok
              14:58:11.0381 0x0db8 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\windows\system32\drivers\stexstor.sys
              14:58:11.0381 0x0db8 stexstor - ok
              14:58:11.0411 0x0db8 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\windows\System32\wiaservc.dll
              14:58:11.0416 0x0db8 stisvc - ok
              14:58:11.0448 0x0db8 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\windows\system32\drivers\storahci.sys
              14:58:11.0449 0x0db8 storahci - ok
              14:58:11.0456 0x0db8 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
              14:58:11.0456 0x0db8 storflt - ok
              14:58:11.0466 0x0db8 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\windows\system32\storsvc.dll
              14:58:11.0471 0x0db8 StorSvc - ok
              14:58:11.0476 0x0db8 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\windows\system32\drivers\storvsc.sys
              14:58:11.0476 0x0db8 storvsc - ok
              14:58:11.0481 0x0db8 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\windows\system32\svsvc.dll
              14:58:11.0481 0x0db8 svsvc - ok
              14:58:11.0491 0x0db8 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\windows\System32\drivers\swenum.sys
              14:58:11.0491 0x0db8 swenum - ok
              14:58:11.0506 0x0db8 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\windows\System32\swprv.dll
              14:58:11.0511 0x0db8 swprv - ok
              14:58:11.0551 0x0db8 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\windows\system32\sysmain.dll
              14:58:11.0566 0x0db8 SysMain - ok
              14:58:11.0596 0x0db8 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
              14:58:11.0596 0x0db8 SystemEventsBroker - ok
              14:58:11.0611 0x0db8 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
              14:58:11.0616 0x0db8 TabletInputService - ok
              14:58:11.0631 0x0db8 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\windows\System32\tapisrv.dll
              14:58:11.0631 0x0db8 TapiSrv - ok
              14:58:11.0691 0x0db8 [ B23882881EFD9404B62993906BC38709, C3F7A4E5155336BF1B3375423C98308268B56B3B834EB2BF10467B7CC4EE18D5 ] Tcpip C:\windows\system32\drivers\tcpip.sys
              14:58:11.0716 0x0db8 Tcpip - ok
              14:58:11.0761 0x0db8 [ B23882881EFD9404B62993906BC38709, C3F7A4E5155336BF1B3375423C98308268B56B3B834EB2BF10467B7CC4EE18D5 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
              14:58:11.0786 0x0db8 TCPIP6 - ok
              14:58:11.0801 0x0db8 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
              14:58:11.0801 0x0db8 tcpipreg - ok
              14:58:11.0806 0x0db8 [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\windows\system32\DRIVERS\tdx.sys
              14:58:11.0806 0x0db8 tdx - ok
              14:58:12.0102 0x0db8 [ 97F6FFB8A305A77D25C6C0E07B71D252, 97C5FC73A250FC2016E29148A6A37E54BD74AE983D99AAF4890C059719C93EC2 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
              14:58:12.0157 0x0db8 TeamViewer9 - ok
              14:58:12.0167 0x0db8 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\windows\System32\drivers\terminpt.sys
              14:58:12.0167 0x0db8 terminpt - ok
              14:58:12.0197 0x0db8 [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\windows\System32\termsrv.dll
              14:58:12.0202 0x0db8 TermService - ok
              14:58:12.0217 0x0db8 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\windows\system32\themeservice.dll
              14:58:12.0217 0x0db8 Themes - ok
              14:58:12.0227 0x0db8 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\windows\system32\mmcss.dll
              14:58:12.0232 0x0db8 THREADORDER - ok
              14:58:12.0252 0x0db8 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
              14:58:12.0252 0x0db8 TimeBroker - ok
              14:58:12.0272 0x0db8 [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\windows\system32\drivers\tpm.sys
              14:58:12.0277 0x0db8 TPM - ok
              14:58:12.0287 0x0db8 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\windows\System32\trkwks.dll
              14:58:12.0292 0x0db8 TrkWks - ok
              14:58:12.0322 0x0db8 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
              14:58:12.0322 0x0db8 TrustedInstaller - ok
              14:58:12.0327 0x0db8 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
              14:58:12.0327 0x0db8 TsUsbFlt - ok
              14:58:12.0332 0x0db8 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
              14:58:12.0332 0x0db8 TsUsbGD - ok
              14:58:12.0347 0x0db8 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
              14:58:12.0347 0x0db8 tunnel - ok
              14:58:12.0357 0x0db8 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\windows\system32\drivers\uagp35.sys
              14:58:12.0362 0x0db8 uagp35 - ok
              14:58:12.0362 0x0db8 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\windows\System32\drivers\uaspstor.sys
              14:58:12.0367 0x0db8 UASPStor - ok
              14:58:12.0382 0x0db8 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
              14:58:12.0382 0x0db8 UCX01000 - ok
              14:58:12.0417 0x0db8 [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\windows\system32\DRIVERS\udfs.sys
              14:58:12.0417 0x0db8 udfs - ok
              14:58:12.0432 0x0db8 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\windows\system32\UI0Detect.exe
              14:58:12.0432 0x0db8 UI0Detect - ok
              14:58:12.0437 0x0db8 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
              14:58:12.0437 0x0db8 uliagpkx - ok
              14:58:12.0447 0x0db8 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\windows\System32\drivers\umbus.sys
              14:58:12.0447 0x0db8 umbus - ok
              14:58:12.0457 0x0db8 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\windows\System32\drivers\umpass.sys
              14:58:12.0457 0x0db8 UmPass - ok
              14:58:12.0472 0x0db8 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\windows\System32\umrdp.dll
              14:58:12.0472 0x0db8 UmRdpService - ok
              14:58:12.0532 0x0db8 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
              14:58:12.0532 0x0db8 UNS - ok
              14:58:12.0552 0x0db8 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\windows\System32\upnphost.dll
              14:58:12.0557 0x0db8 upnphost - ok
              14:58:12.0577 0x0db8 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\windows\System32\Drivers\usbaapl64.sys
              14:58:12.0577 0x0db8 USBAAPL64 - ok
              14:58:12.0597 0x0db8 [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
              14:58:12.0597 0x0db8 usbaudio - ok
              14:58:12.0622 0x0db8 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\windows\System32\drivers\usbccgp.sys
              14:58:12.0622 0x0db8 usbccgp - ok
              14:58:12.0652 0x0db8 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\windows\System32\drivers\usbcir.sys
              14:58:12.0652 0x0db8 usbcir - ok
              14:58:12.0657 0x0db8 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\windows\System32\drivers\usbehci.sys
              14:58:12.0657 0x0db8 usbehci - ok
              14:58:12.0677 0x0db8 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\windows\System32\drivers\usbhub.sys
              14:58:12.0682 0x0db8 usbhub - ok
              14:58:12.0697 0x0db8 [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
              14:58:12.0702 0x0db8 USBHUB3 - ok
              14:58:12.0717 0x0db8 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\windows\System32\drivers\usbohci.sys
              14:58:12.0717 0x0db8 usbohci - ok
              14:58:12.0727 0x0db8 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\windows\System32\drivers\usbprint.sys
              14:58:12.0727 0x0db8 usbprint - ok
              14:58:12.0737 0x0db8 [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
              14:58:12.0737 0x0db8 USBSTOR - ok
              14:58:12.0747 0x0db8 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\windows\System32\drivers\usbuhci.sys
              14:58:12.0747 0x0db8 usbuhci - ok
              14:58:12.0757 0x0db8 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
              14:58:12.0757 0x0db8 usbvideo - ok
              14:58:12.0767 0x0db8 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
              14:58:12.0772 0x0db8 USBXHCI - ok
              14:58:12.0782 0x0db8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc C:\windows\system32\lsass.exe
              14:58:12.0787 0x0db8 VaultSvc - ok
              14:58:12.0802 0x0db8 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
              14:58:12.0802 0x0db8 vdrvroot - ok
              14:58:12.0832 0x0db8 [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\windows\System32\vds.exe
              14:58:12.0842 0x0db8 vds - ok
              14:58:12.0842 0x0db8 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
              14:58:12.0847 0x0db8 VerifierExt - ok
              14:58:12.0877 0x0db8 [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\windows\System32\drivers\vhdmp.sys
              14:58:12.0882 0x0db8 vhdmp - ok
              14:58:12.0892 0x0db8 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\windows\system32\drivers\viaide.sys
              14:58:12.0892 0x0db8 viaide - ok
              14:58:12.0897 0x0db8 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\windows\system32\drivers\vmbus.sys
              14:58:12.0902 0x0db8 vmbus - ok
              14:58:12.0902 0x0db8 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
              14:58:12.0902 0x0db8 VMBusHID - ok
              14:58:12.0922 0x0db8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\windows\System32\ICSvc.dll
              14:58:12.0927 0x0db8 vmicheartbeat - ok
              14:58:12.0932 0x0db8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
              14:58:12.0937 0x0db8 vmickvpexchange - ok
              14:58:12.0957 0x0db8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\windows\System32\ICSvc.dll
              14:58:12.0962 0x0db8 vmicrdv - ok
              14:58:12.0967 0x0db8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\windows\System32\ICSvc.dll
              14:58:12.0972 0x0db8 vmicshutdown - ok
              14:58:12.0977 0x0db8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\windows\System32\ICSvc.dll
              14:58:12.0982 0x0db8 vmictimesync - ok
              14:58:12.0987 0x0db8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\windows\System32\ICSvc.dll
              14:58:12.0992 0x0db8 vmicvss - ok
              14:58:12.0997 0x0db8 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\windows\system32\drivers\volmgr.sys
              14:58:12.0997 0x0db8 volmgr - ok
              14:58:13.0007 0x0db8 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
              14:58:13.0012 0x0db8 volmgrx - ok
              14:58:13.0037 0x0db8 [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap C:\windows\system32\drivers\volsnap.sys
              14:58:13.0042 0x0db8 volsnap - ok
              14:58:13.0042 0x0db8 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\windows\System32\drivers\vpci.sys
              14:58:13.0042 0x0db8 vpci - ok
              14:58:13.0057 0x0db8 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\windows\system32\drivers\vsmraid.sys
              14:58:13.0062 0x0db8 vsmraid - ok
              14:58:13.0137 0x0db8 [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\windows\system32\vssvc.exe
              14:58:13.0152 0x0db8 VSS - ok
              14:58:13.0162 0x0db8 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
              14:58:13.0167 0x0db8 VSTXRAID - ok
              14:58:13.0177 0x0db8 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
              14:58:13.0177 0x0db8 vwifibus - ok
              14:58:13.0182 0x0db8 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
              14:58:13.0182 0x0db8 vwififlt - ok
              14:58:13.0187 0x0db8 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
              14:58:13.0187 0x0db8 vwifimp - ok
              14:58:13.0202 0x0db8 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\windows\system32\w32time.dll
              14:58:13.0207 0x0db8 W32Time - ok
              14:58:13.0212 0x0db8 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\windows\System32\drivers\wacompen.sys
              14:58:13.0212 0x0db8 WacomPen - ok
              14:58:13.0232 0x0db8 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
              14:58:13.0232 0x0db8 Wanarp - ok
              14:58:13.0237 0x0db8 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
              14:58:13.0237 0x0db8 Wanarpv6 - ok
              14:58:13.0272 0x0db8 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\windows\system32\wbengine.exe
              14:58:13.0292 0x0db8 wbengine - ok
              14:58:13.0312 0x0db8 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\windows\System32\wbiosrvc.dll
              14:58:13.0317 0x0db8 WbioSrvc - ok
              14:58:13.0327 0x0db8 [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc C:\windows\System32\wcmsvc.dll
              14:58:13.0332 0x0db8 Wcmsvc - ok
              14:58:13.0357 0x0db8 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\windows\System32\wcncsvc.dll
              14:58:13.0362 0x0db8 wcncsvc - ok
              14:58:13.0372 0x0db8 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
              14:58:13.0377 0x0db8 WcsPlugInService - ok
              14:58:13.0377 0x0db8 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\windows\system32\drivers\wd.sys
              14:58:13.0377 0x0db8 Wd - ok
              14:58:13.0402 0x0db8 [ 07D19A55CD27B330534D2DDEA60D5FC6, 9C9441EA6943481838F61FD929F88FE25DC60BB8513A2C01CB4712918A883E3F ] WdBoot C:\windows\system32\drivers\WdBoot.sys
              14:58:13.0402 0x0db8 WdBoot - ok
              14:58:13.0437 0x0db8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
              14:58:13.0442 0x0db8 Wdf01000 - ok
              14:58:13.0472 0x0db8 [ CEBD9CDAADA11FAECCA82E4C06BCDD8E, 6D6E4BF0EB97004F9C07327923C9BD2B451FDDA567FAF39556595302EE5A1A54 ] WdFilter C:\windows\system32\drivers\WdFilter.sys
              14:58:13.0472 0x0db8 WdFilter - ok
              14:58:13.0477 0x0db8 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\windows\system32\wdi.dll
              14:58:13.0477 0x0db8 WdiServiceHost - ok
              14:58:13.0482 0x0db8 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\windows\system32\wdi.dll
              14:58:13.0487 0x0db8 WdiSystemHost - ok
              14:58:13.0502 0x0db8 [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\windows\System32\webclnt.dll
              14:58:13.0507 0x0db8 WebClient - ok
              14:58:13.0517 0x0db8 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\windows\system32\wecsvc.dll
              14:58:13.0517 0x0db8 Wecsvc - ok
              14:58:13.0532 0x0db8 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\windows\System32\wercplsupport.dll
              14:58:13.0537 0x0db8 wercplsupport - ok
              14:58:13.0557 0x0db8 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\windows\System32\WerSvc.dll
              14:58:13.0557 0x0db8 WerSvc - ok
              14:58:13.0577 0x0db8 [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
              14:58:13.0582 0x0db8 WFPLWFS - ok
              14:58:13.0592 0x0db8 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\windows\System32\wiarpc.dll
              14:58:13.0592 0x0db8 WiaRpc - ok
              14:58:13.0607 0x0db8 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\windows\system32\drivers\wimmount.sys
              14:58:13.0607 0x0db8 WIMMount - ok
              14:58:13.0622 0x0db8 WinDefend - ok
              14:58:13.0647 0x0db8 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
              14:58:13.0652 0x0db8 WinHttpAutoProxySvc - ok
              14:58:13.0702 0x0db8 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
              14:58:13.0707 0x0db8 Winmgmt - ok
              14:58:13.0772 0x0db8 [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\windows\system32\WsmSvc.dll
              14:58:13.0802 0x0db8 WinRM - ok
              14:58:13.0827 0x0db8 [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
              14:58:13.0832 0x0db8 WinUsb - ok
              14:58:13.0862 0x0db8 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\windows\System32\wlansvc.dll
              14:58:13.0877 0x0db8 WlanSvc - ok
              14:58:13.0922 0x0db8 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\windows\system32\wlidsvc.dll
              14:58:13.0942 0x0db8 wlidsvc - ok
              14:58:13.0957 0x0db8 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
              14:58:13.0957 0x0db8 WmiAcpi - ok
              14:58:13.0967 0x0db8 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
              14:58:13.0972 0x0db8 wmiApSrv - ok
              14:58:13.0977 0x0db8 WMPNetworkSvc - ok
              14:58:13.0982 0x0db8 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
              14:58:13.0982 0x0db8 wpcfltr - ok
              14:58:13.0987 0x0db8 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\windows\System32\wpcsvc.dll
              14:58:13.0992 0x0db8 WPCSvc - ok
              14:58:14.0017 0x0db8 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
              14:58:14.0017 0x0db8 WPDBusEnum - ok
              14:58:14.0032 0x0db8 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
              14:58:14.0032 0x0db8 WpdUpFltr - ok
              14:58:14.0057 0x0db8 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
              14:58:14.0057 0x0db8 ws2ifsl - ok
              14:58:14.0077 0x0db8 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\windows\System32\wscsvc.dll
              14:58:14.0082 0x0db8 wscsvc - ok
              14:58:14.0082 0x0db8 WSearch - ok
              14:58:14.0142 0x0db8 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\windows\System32\WSService.dll
              14:58:14.0167 0x0db8 WSService - ok
              14:58:14.0242 0x0db8 [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv C:\windows\system32\wuaueng.dll
              14:58:14.0277 0x0db8 wuauserv - ok
              14:58:14.0287 0x0db8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
              14:58:14.0292 0x0db8 WudfPf - ok
              14:58:14.0302 0x0db8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys
              14:58:14.0307 0x0db8 WUDFRd - ok
              14:58:14.0312 0x0db8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP C:\windows\system32\DRIVERS\WUDFRd.sys
              14:58:14.0312 0x0db8 WUDFSensorLP - ok
              14:58:14.0322 0x0db8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
              14:58:14.0327 0x0db8 wudfsvc - ok
              14:58:14.0337 0x0db8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys
              14:58:14.0337 0x0db8 WUDFWpdFs - ok
              14:58:14.0342 0x0db8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\windows\system32\DRIVERS\WUDFRd.sys
              14:58:14.0347 0x0db8 WUDFWpdMtp - ok
              14:58:14.0377 0x0db8 [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\windows\System32\wwansvc.dll
              14:58:14.0382 0x0db8 WwanSvc - ok
              14:58:14.0407 0x0db8 [ 67BB3DC074C640AD609B19E0BBA42BDC, 452CCC94F361A9BE5C032DEA16742B788AF1BA44277E9C8B27A259347C0AB358 ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
              14:58:14.0412 0x0db8 ZAtheros Wlan Agent - ok
              14:58:14.0432 0x0db8 [ BD137446D3AACA2315E00446E8D24AAC, C8027A984F904DF392830B06A63476C44C90DE0ACCE5793A77E4D62129445D77 ] {01531192-f7ef-415f-a549-cfdb11836731}w64 C:\windows\system32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys
              14:58:14.0437 0x0db8 {01531192-f7ef-415f-a549-cfdb11836731}w64 - ok
              14:58:14.0437 0x0db8 ================ Scan global ===============================
              14:58:14.0467 0x0db8 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
              14:58:14.0487 0x0db8 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
              14:58:14.0502 0x0db8 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
              14:58:14.0522 0x0db8 [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\windows\system32\services.exe
              14:58:14.0527 0x0db8 [ Global ] - ok
              14:58:14.0527 0x0db8 ================ Scan MBR ==================================
              14:58:14.0552 0x0db8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
              14:58:14.0562 0x0db8 \Device\Harddisk0\DR0 - ok
              14:58:14.0562 0x0db8 ================ Scan VBR ==================================
              14:58:14.0567 0x0db8 [ BBE96A7F357B8F8D3F8384937D05F8FA ] \Device\Harddisk0\DR0\Partition1
              14:58:14.0622 0x0db8 \Device\Harddisk0\DR0\Partition1 - ok
              14:58:14.0627 0x0db8 [ 20E684C23BF82F1D6096C92D4E4673A5 ] \Device\Harddisk0\DR0\Partition2
              14:58:14.0687 0x0db8 \Device\Harddisk0\DR0\Partition2 - ok
              14:58:14.0697 0x0db8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
              14:58:14.0697 0x0db8 \Device\Harddisk0\DR0\Partition3 - ok
              14:58:14.0702 0x0db8 [ F1CDDBF6BC7BE95337E254387F2CD933 ] \Device\Harddisk0\DR0\Partition4
              14:58:14.0767 0x0db8 \Device\Harddisk0\DR0\Partition4 - ok
              14:58:14.0772 0x0db8 [ EED049AFA88C0D43C8F4E20251EB1651 ] \Device\Harddisk0\DR0\Partition5
              14:58:14.0827 0x0db8 \Device\Harddisk0\DR0\Partition5 - ok
              14:58:14.0857 0x0db8 [ 6BBB3C1255276E896174584C9817AB42 ] \Device\Harddisk0\DR0\Partition6
              14:58:14.0857 0x0db8 \Device\Harddisk0\DR0\Partition6 - ok
              14:58:14.0867 0x0db8 [ 43B0339503B8F3083044E77ECD82A5C4 ] \Device\Harddisk0\DR0\Partition7
              14:58:14.0867 0x0db8 \Device\Harddisk0\DR0\Partition7 - ok
              14:58:14.0867 0x0db8 Waiting for KSN requests completion. In queue: 335
              14:58:15.0872 0x0db8 Waiting for KSN requests completion. In queue: 335
              14:58:16.0872 0x0db8 Waiting for KSN requests completion. In queue: 26
              14:58:17.0887 0x0db8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x61100 ( enabled : updated )
              14:58:17.0892 0x0db8 Win FW state via NFP2: enabled
              14:58:20.0263 0x0db8 ============================================================
              14:58:20.0263 0x0db8 Scan finished
              14:58:20.0263 0x0db8 ============================================================
              14:58:20.0263 0x122c Detected object count: 0
              14:58:20.0263 0x122c Actual detected object count: 0

              Comment


              • #8
                Mooi zo.

                Download Combofix naar je bureaublad.
                (Dus niet naar een download map of temp map)

                Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

                Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

                Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                Als Combofix vraagt om een update, dan staat je dit toe.

                Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                Deze kan je vinden als C:\combofix.txt.

                Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                • Illegal operation attempted on a registry key that has been marked for deletion.
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Dag Emphyrio,

                  Combofix uitgevoerd. Hieronder het logje en een nieuwe DDS:

                  Combofix:
                  ComboFix 14-05-07.03 - Jan 07-05-2014 16:48:21.1.8 - x64
                  Microsoft Windows 8 6.2.9200.0.1252.31.1043.18.8079.6344 [GMT 2:00]
                  Gestart vanuit: c:\users\Jan\Desktop\ComboFix.exe
                  AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  * Nieuw herstelpunt werd aangemaakt
                  .
                  .
                  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  .
                  c:\programdata\PCDr\6426\AddOnDownloaded\c6bf01ba-05a7-4930-b8dd-7c5fd03e97ac.dll
                  c:\windows\SysWow64\SPCC1011.ocx
                  .
                  .
                  (((((((((((((((((((( Bestanden Gemaakt van 2014-04-07 to 2014-05-07 ))))))))))))))))))))))))))))))
                  .
                  .
                  2014-05-07 12:45 . 2014-05-07 12:45 -------- d-----w- c:\program files\CCleaner
                  2014-05-07 12:18 . 2014-05-07 12:19 -------- d-----w- C:\AdwCleaner
                  2014-05-07 07:01 . 2014-05-07 12:13 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                  2014-05-07 07:00 . 2014-05-07 07:01 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
                  2014-05-07 07:00 . 2014-05-07 07:00 -------- d-----w- c:\programdata\Malwarebytes
                  2014-05-07 07:00 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
                  2014-05-07 07:00 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
                  2014-05-07 07:00 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
                  2014-05-07 05:54 . 2014-04-16 10:22 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B46B8A95-BF92-49DA-AB38-8A2960374DD8}\mpengine.dll
                  2014-05-02 06:00 . 2014-04-29 14:14 19275264 ----a-w- c:\windows\system32\mshtml.dll
                  2014-05-02 06:00 . 2014-04-29 12:36 2706432 ----a-w- c:\windows\system32\mshtml.tlb
                  2014-05-02 06:00 . 2014-04-29 12:25 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
                  2014-05-01 18:49 . 2014-04-24 10:22 61120 ----a-w- c:\windows\system32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys
                  2014-04-27 16:01 . 2014-04-27 16:01 -------- d-----w- C:\Recovery
                  2014-04-27 07:07 . 2014-04-14 18:13 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                  2014-04-24 19:38 . 2014-04-19 09:39 628024 ----a-w- c:\windows\system32\NotificationUI.exe
                  2014-04-24 19:38 . 2014-04-19 08:45 693760 ----a-w- c:\windows\system32\WSShared.dll
                  2014-04-24 19:38 . 2014-04-19 08:45 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
                  2014-04-24 19:38 . 2014-04-19 06:57 566784 ----a-w- c:\windows\SysWow64\WSShared.dll
                  2014-04-24 19:38 . 2014-04-19 06:57 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
                  2014-04-23 07:47 . 2014-04-23 07:47 217776 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10237.bin
                  2014-04-11 23:43 . 2014-03-07 00:47 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
                  2014-04-11 23:43 . 2014-03-07 00:08 3959808 ----a-w- c:\windows\system32\jscript9.dll
                  2014-04-11 23:43 . 2014-03-07 00:08 2648576 ----a-w- c:\windows\system32\iertutil.dll
                  2014-04-11 23:43 . 2013-04-28 22:30 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
                  2014-04-09 12:36 . 2014-02-05 23:41 978432 ----a-w- c:\windows\system32\KernelBase.dll
                  2014-04-09 12:36 . 2014-02-05 23:41 1257984 ----a-w- c:\windows\system32\kernel32.dll
                  2014-04-09 12:36 . 2014-02-05 23:26 666112 ----a-w- c:\windows\SysWow64\KernelBase.dll
                  2014-04-08 16:40 . 2014-04-08 16:40 61120 ----a-w- c:\windows\system32\drivers\wStLibG64.sys
                  2014-04-08 15:22 . 2014-04-27 07:29 -------- d-----w- c:\programdata\Oracle
                  2014-04-08 15:22 . 2014-04-08 15:22 -------- d-----w- c:\program files (x86)\Common Files\Java
                  2014-04-08 15:22 . 2014-04-27 07:07 -------- d-----w- c:\program files (x86)\Java
                  2014-04-08 15:19 . 2014-04-12 16:37 -------- d-----w- c:\users\Jan\AppData\Roaming\.minecraft
                  2014-04-08 15:16 . 2014-04-08 15:16 -------- d-----w- c:\users\Jan\AppData\Local\EuroTrade_A.L._Ltd
                  2014-04-08 15:11 . 2014-04-08 15:12 -------- d-----w- c:\program files (x86)\Minecraft
                  2014-04-08 15:11 . 2014-04-08 15:11 -------- d-----w- c:\program files (x86)\Privacy DR
                  2014-04-08 15:11 . 2014-04-08 15:11 -------- d-----w- c:\users\Jan\AppData\Roaming\EuroTrade A.L. Ltd
                  .
                  .
                  .
                  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  2014-04-22 23:47 . 2012-07-26 08:14 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                  2014-04-22 23:47 . 2012-07-26 08:14 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                  2014-04-10 15:00 . 2013-11-11 06:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
                  2014-04-10 01:00 . 2013-02-21 02:05 90655440 ----a-w- c:\windows\system32\MRT.exe
                  2014-02-08 04:34 . 2014-03-14 18:14 4036608 ----a-w- c:\windows\system32\win32k.sys
                  .
                  .
                  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  .
                  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                  REGEDIT4
                  .
                  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                  "CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
                  "CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-04 491120]
                  "RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-06-01 143888]
                  "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
                  "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
                  "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
                  .
                  c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
                  HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2011-4-29 276328]
                  .
                  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                  "ConsentPromptBehaviorAdmin"= 5 (0x5)
                  "EnableUIADesktopToggle"= 0 (0x0)
                  "EnableCursorSuppression"= 1 (0x1)
                  "ConsentPromptBehaviorUser"= 3 (0x3)
                  .
                  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
                  "LoadAppInit_DLLs"=1 (0x1)
                  "AppInit_DLLs"=c:\progra~2\NVIDIA~1\3DVISI~1\nvStInit.dll
                  .
                  R2 DellDigitalDelivery;Alienware Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
                  R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                  R3 DellRbtn;Airplane Mode Switch;c:\windows\System32\drivers\DellRbtn.sys;c:\windows\SYSNATIVE\drivers\DellRbtn.sys [x]
                  R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\System32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
                  R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
                  R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
                  S1 {01531192-f7ef-415f-a549-cfdb11836731}w64;{01531192-f7ef-415f-a549-cfdb11836731}w64;c:\windows\system32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys;c:\windows\SYSNATIVE\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [x]
                  S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DR IVERS\CLVirtualDrive.sys [x]
                  S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
                  S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe;c:\program files\Alienware\Command Center\AlienFusionService.exe [x]
                  S2 AlienFXWindowsService;AlienFXWindowsService;c:\program files\Alienware\Command Center\AlienFXWindowsService.exe;c:\program files\Alienware\Command Center\AlienFXWindowsService.exe [x]
                  S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
                  S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
                  S2 MSI_ODD_Service;MSI_ODD_Service;c:\program files (x86)\msi\ODD Monitor\ODD_Monitor.exe;c:\program files (x86)\msi\ODD Monitor\ODD_Monitor.exe [x]
                  S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\SftService.exe;c:\program files (x86)\AlienRespawn\SftService.exe [x]
                  S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
                  S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
                  S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                  S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe [x]
                  S3 CompFilter64;UVCCompositeFilter;c:\windows\System32\drivers\lvbflt64.sys;c:\windows\SYSNATIVE\driver s\lvbflt64.sys [x]
                  S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
                  S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
                  S3 LVUVC64;@oem153.inf,%PID_0826_DD%(UVC);Logitech HD Webcam C525(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
                  S3 NTIOLib_X64;NTIOLib_X64;c:\program files (x86)\msi\ODD Monitor\NTIOLib_X64.sys;c:\program files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [x]
                  S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
                  .
                  .
                  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
                  hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
                  .
                  .
                  --------- X64 Entries -----------
                  .
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
                  "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-14 1212560]
                  "Command Center Controllers"="c:\program files\Alienware\Command Center\AWCCStartupOrchestrator.exe" [2012-07-25 12656]
                  "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-05 171040]
                  "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-05 399392]
                  "Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-05 441888]
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
                  "AppInit_DLLs"=c:\progra~2\NVIDIA~1\3DVISI~1\nvStInit64.dll
                  .
                  ------- Bijkomende Scan -------
                  .
                  uLocal Page = c:\windows\system32\blank.htm
                  uStart Page = https://www.google.nl/
                  mDefault_Search_URL = www.google.com
                  mDefault_Page_URL = www.google.com
                  mStart Page = www.google.com
                  mLocal Page = c:\windows\SysWOW64\blank.htm
                  mSearch Page = hxxp://www.google.com
                  uInternet Settings,ProxyOverride = *.local
                  TCP: DhcpNameServer = 192.168.10.1
                  .
                  - - - - ORPHANS VERWIJDERD - - - -
                  .
                  Toolbar-Locked - (no file)
                  Wow6432Node-HKLM-Run-<NO NAME> - (no file)
                  Toolbar-Locked - (no file)
                  .
                  .
                  .
                  --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                  .
                  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                  @Denied: (Full) (Everyone)
                  @SACL=(02 0000)
                  .
                  Voltooingstijd: 2014-05-07 16:52:54
                  ComboFix-quarantined-files.txt 2014-05-07 14:52
                  .
                  Pre-Run: 895.698.505.728 bytes free
                  Post-Run: 895.549.054.976 bytes free
                  .
                  - - End Of File - - 610F509F1A2E36D2FD67EAF9E8BFBAD0
                  5FB38429D5D77768867C76DCBDB35194

                  DDS:
                  DDS (Ver_2012-11-20.01) - NTFS_AMD64
                  Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.55.2
                  Run by Jan at 16:53:39 on 2014-05-07
                  Microsoft Windows 8 6.2.9200.0.1252.31.1043.18.8079.6234 [GMT 2:00]
                  .
                  AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  .
                  ============== Running Processes ===============
                  .
                  C:\windows\system32\svchost.exe -k DcomLaunch
                  C:\Windows\system32\nvvsvc.exe
                  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
                  C:\windows\system32\svchost.exe -k RPCSS
                  C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                  C:\windows\system32\svchost.exe -k netsvcs
                  C:\windows\system32\svchost.exe -k LocalService
                  C:\windows\system32\dwm.exe
                  C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                  C:\windows\system32\svchost.exe -k NetworkService
                  C:\windows\System32\spoolsv.exe
                  C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
                  C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
                  C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
                  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                  C:\windows\system32\nvvsvc.exe
                  C:\Program Files\Bonjour\mDNSResponder.exe
                  C:\windows\system32\dashost.exe
                  C:\Program Files\Intel\iCLS Client\HeciServer.exe
                  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
                  c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe
                  C:\windows\System32\svchost.exe -k HPZ12
                  C:\windows\System32\svchost.exe -k HPZ12
                  C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
                  C:\windows\system32\svchost.exe -k imgsvc
                  C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
                  C:\Program Files\Windows Defender\MsMpEng.exe
                  C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
                  C:\windows\system32\wbem\wmiprvse.exe
                  C:\windows\system32\svchost.exe -k HPService
                  C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                  C:\windows\System32\svchost.exe -k LocalServicePeerNet
                  C:\windows\system32\taskhostex.exe
                  c:\program files (x86)\teamviewer\version9\TeamViewer.exe
                  C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
                  C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
                  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
                  C:\windows\system32\SearchIndexer.exe
                  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
                  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
                  C:\windows\System32\igfxpers.exe
                  C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
                  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
                  C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
                  C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
                  C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
                  C:\Program Files (x86)\iTunes\iTunesHelper.exe
                  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
                  C:\Program Files\iPod\bin\iPodService.exe
                  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
                  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
                  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
                  C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
                  C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
                  C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
                  C:\Program Files\Alienware\Command Center\AlienFusionService.exe
                  C:\Program Files\Alienware\Command Center\AlienFusionController.exe
                  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                  C:\Program Files (x86)\AlienRespawn\SftService.exe
                  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                  C:\Program Files\Windows Media Player\wmpnetwk.exe
                  C:\Program Files (x86)\AlienRespawn\TOASTER.EXE
                  C:\windows\system32\wbem\wmiprvse.exe
                  C:\windows\System32\svchost.exe -k swprv
                  C:\Program Files\Windows Defender\MpCmdRun.exe
                  c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe
                  C:\windows\system32\SearchProtocolHost.exe
                  C:\windows\system32\SearchFilterHost.exe
                  C:\windows\explorer.exe
                  C:\windows\System32\cscript.exe
                  .
                  ============== Pseudo HJT Report ===============
                  .
                  uStart Page = hxxps://www.google.nl/
                  mStart Page = www.google.com
                  mSearch Page = hxxp://www.google.com
                  mDefault_Page_URL = www.google.com
                  mDefault_Search_URL = www.google.com
                  BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
                  BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
                  uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
                  mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
                  mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
                  mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
                  mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
                  mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
                  mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
                  StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
                  uPolicies-Explorer: NoDrives = dword:0
                  mPolicies-Explorer: NoDrives = dword:0
                  IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001055-0002-0055-ABCDEFFEDCBC} - <orphaned>
                  TCP: NameServer = 192.168.10.1
                  TCP: Interfaces\{D9D92B5A-679B-4F9F-9F1F-877B50984D95} : DHCPNameServer = 192.168.10.1
                  TCP: Interfaces\{D9D92B5A-679B-4F9F-9F1F-877B50984D95}\44560235075656C626F6562746562796A6 : DHCPNameServer = 192.168.10.1
                  Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
                  AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll
                  SSODL: WebCheck - <orphaned>
                  x64-mStart Page = www.google.com
                  x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
                  x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4
                  x64-Run: [Command Center Controllers] "C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe"
                  x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
                  x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
                  x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
                  x64-mPolicies-Explorer: NoDrives = dword:0
                  x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
                  x64-Notify: igfxcui - igfxdev.dll
                  x64-SSODL: WebCheck - <orphaned>
                  .
                  ============= SERVICES / DRIVERS ===============
                  .
                  R1 {01531192-f7ef-415f-a549-cfdb11836731}w64;{01531192-f7ef-415f-a549-cfdb11836731}w64;C:\windows\System32\Drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [2014-5-1 61120]
                  R1 CLVirtualDrive;CLVirtualDrive;C:\windows\System32\Drivers\CLVirtualDrive.sys [2013-2-8 92536]
                  R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-2-8 98208]
                  R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2012-7-25 14704]
                  R2 AlienFXWindowsService;AlienFXWindowsService;C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [2012-7-25 13168]
                  R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
                  R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-2-8 166720]
                  R2 MSI_ODD_Service;MSI_ODD_Service;C:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe [2011-10-5 76800]
                  R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\AlienRespawn\SftService.exe [2013-2-8 1914728]
                  R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-7-31 382312]
                  R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-5-7 5024576]
                  R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-2-8 365376]
                  R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2013-2-8 77824]
                  R3 CompFilter64;UVCCompositeFilter;C:\windows\System32\Drivers\lvbflt64.sys [2012-10-26 26784]
                  R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2013-2-8 342528]
                  R3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\Drivers\lvrs64.sys [2012-10-26 351520]
                  R3 LVUVC64;@oem153.inf,%PID_0826_DD%(UVC);Logitech HD Webcam C525(UVC);C:\windows\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]
                  R3 NTIOLib_X64;NTIOLib_X64;C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [2010-1-18 14136]
                  R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2013-2-8 683664]
                  S2 DellDigitalDelivery;Alienware Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-6-19 173056]
                  S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
                  S3 DellRbtn;Airplane Mode Switch;C:\windows\System32\Drivers\DellRbtn.sys [2013-2-8 10752]
                  S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\windows\System32\Drivers\nvstusb.sys [2013-2-8 445288]
                  S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2013-3-18 54784]
                  S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
                  .
                  =============== Created Last 30 ================
                  .
                  2014-05-07 14:53:01 -------- d-sh--w- C:\$RECYCLE.BIN
                  2014-05-07 14:52:56 -------- d-----w- C:\Users\Jan\AppData\Local\temp
                  2014-05-07 14:47:15 98816 ----a-w- C:\windows\sed.exe
                  2014-05-07 14:47:15 256000 ----a-w- C:\windows\PEV.exe
                  2014-05-07 14:47:15 208896 ----a-w- C:\windows\MBR.exe
                  2014-05-07 12:45:54 -------- d-----w- C:\Program Files\CCleaner
                  2014-05-07 12:18:59 -------- d-----w- C:\AdwCleaner
                  2014-05-07 07:01:09 119512 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
                  2014-05-07 07:00:57 88280 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
                  2014-05-07 07:00:57 63192 ----a-w- C:\windows\System32\drivers\mwac.sys
                  2014-05-07 07:00:57 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
                  2014-05-07 07:00:57 -------- d-----w- C:\ProgramData\Malwarebytes
                  2014-05-07 07:00:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
                  2014-05-07 05:54:22 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B46B8A95-BF92-49DA-AB38-8A2960374DD8}\mpengine.dll
                  2014-05-06 08:16:58 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
                  2014-05-02 06:00:36 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
                  2014-05-02 06:00:36 2706432 ----a-w- C:\windows\System32\mshtml.tlb
                  2014-05-01 18:49:36 61120 ----a-w- C:\windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys
                  2014-04-27 16:01:06 -------- d-----w- C:\Recovery
                  2014-04-27 07:07:54 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
                  2014-04-24 19:38:34 693760 ----a-w- C:\windows\System32\WSShared.dll
                  2014-04-24 19:38:34 628024 ----a-w- C:\windows\System32\NotificationUI.exe
                  2014-04-24 19:38:33 566784 ----a-w- C:\windows\SysWow64\WSShared.dll
                  2014-04-24 19:38:33 163840 ----a-w- C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
                  2014-04-24 19:38:33 124928 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
                  2014-04-23 07:47:38 217776 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10237.bin
                  2014-04-11 23:43:59 3959808 ----a-w- C:\windows\System32\jscript9.dll
                  2014-04-11 23:43:59 2877952 ----a-w- C:\windows\SysWow64\jscript9.dll
                  2014-04-11 23:43:56 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
                  2014-04-09 12:36:54 978432 ----a-w- C:\windows\System32\KernelBase.dll
                  2014-04-09 12:36:54 666112 ----a-w- C:\windows\SysWow64\KernelBase.dll
                  2014-04-08 16:40:23 61120 ----a-w- C:\windows\System32\drivers\wStLibG64.sys
                  2014-04-08 15:22:29 -------- d-----w- C:\ProgramData\Oracle
                  2014-04-08 15:19:21 -------- d-----w- C:\Users\Jan\AppData\Roaming\.minecraft
                  2014-04-08 15:16:44 -------- d-----w- C:\Users\Jan\AppData\Local\EuroTrade_A.L._Ltd
                  2014-04-08 15:11:51 -------- d-----w- C:\Program Files (x86)\Minecraft
                  2014-04-08 15:11:39 -------- d-----w- C:\Program Files (x86)\Privacy DR
                  2014-04-08 15:11:31 -------- d-----w- C:\Users\Jan\AppData\Roaming\EuroTrade A.L. Ltd
                  .
                  ==================== Find3M ====================
                  .
                  2014-04-22 23:47:16 78296 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
                  2014-04-22 23:47:16 694232 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
                  2014-03-07 00:48:11 1766400 ----a-w- C:\windows\SysWow64\wininet.dll
                  2014-03-07 00:08:30 2240000 ----a-w- C:\windows\System32\wininet.dll
                  2014-03-07 00:08:27 915968 ----a-w- C:\windows\System32\uxtheme.dll
                  2014-02-08 04:34:42 4036608 ----a-w- C:\windows\System32\win32k.sys
                  .
                  ============= FINISH: 16:53:45,07 ===============

                  Comment


                  • #10
                    Goed zo.

                    Hoe is het nu?
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Dag Emphyrio,

                      Het lijkt nu allemaal weer prima te lopen. Ik heb al een tijdje geen pop up meer gezien.
                      Super bedankt voor je hulp! Ik hou het nog even in de gaten, maar voor nu lijkt alles weer goed te lopen!
                      Nogmaals bedankt.

                      Comment


                      • #12
                        Ok

                        We gaan nog wel Combofix verwijderen......


                        Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

                        ComboFix /Uninstall

                        Zorg ervoor dat er dus een spatie is tussen Combofix en /
                        Daarna klik je op Enter.


                        Klik op de afbeelding om te vergroten....


                        Dit zal Combofix verwijderen+gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw,
                        verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen
                        en reset je Systeemherstel opnieuw.



                        Start CCleaner op.
                        • Run Ccleaner en klik in de linkse kolom op Opties
                        • Selecteer het tabblad Geavanceerd
                        • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                        • Selecteer het tabblad Instellingen
                        • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                        • Klik in de linkse kolom op Cleaner.
                        • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                        • Klik vervolgens in de linkse kolom op Register
                        • Klik op Scan naar problemen.
                        • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                        • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK



                        1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                        2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                        Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                        3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                        4) Allerlei tips en hints kan je hier raadplegen.


                        Ik zet het topic op opgelost.

                        Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                        naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                        Dit is gedaan om het forum netjes en overzichtelijk te houden.

                        Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                        Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                        Emphyrio
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          Dag Emphyrio,

                          Met dat ik mijn reactie plaats krijg ik toch weer een pop up helaas.
                          Het gaat om een zogenaamd programma 'PrivacyDr.'
                          Helaas is het probleem dus nog niet helemaal verholpen...

                          Comment


                          • #14
                            kan ik deze programma's gewoon verwijderen via het configuratiescherm --> programma's?
                            staan namelijk wel in die lijst.

                            Comment


                            • #15
                              Oorspronkelijk geplaatst door Highfive0980 Bekijk Berichten
                              kan ik deze programma's gewoon verwijderen via het configuratiescherm --> programma's?
                              staan namelijk wel in die lijst.
                              Combofix verwijderen zoals aangegeven, de rest mag je via Software verwijderen.
                              Oorspronkelijk geplaatst door Highfive0980 Bekijk Berichten
                              Dag Emphyrio,

                              Met dat ik mijn reactie plaats krijg ik toch weer een pop up helaas.
                              Het gaat om een zogenaamd programma 'PrivacyDr.'
                              Helaas is het probleem dus nog niet helemaal verholpen...
                              Doe eens deze stappen met RIES om je IE settings te herstellen.


                              Open een kladblokbestand.
                              Kopieer onderstaande in dit kladblokbestand.

                              @ECHO OFF
                              IF EXIST log.txt DEL log.txt
                              ECHO Deleting folders>>log.txt
                              FOR %%I in (
                              "c:\program files (x86)\Privacy DR"
                              ) DO (
                              IF EXIST %%I (
                              RD /S /Q %%I
                              IF EXIST %%I (
                              ECHO %%I not deleted>>log.txt
                              ) ELSE (
                              ECHO %%I deleted>>log.txt)
                              ) ELSE (
                              ECHO %%I not found>>log.txt))
                              START NOTEPAD.EXE log.txt
                              DEL %0
                              Ga naar Bestand - Opslaan als.
                              Bij "Opslaan in" kies je: Bureaublad
                              Bij "Bestandsnaam" zet je: del.bat
                              Bij "Opslaan als type" selecteer je: Alle bestanden .
                              Klik op de knop Opslaan.
                              Rechtsklikken op del.bat en en Uitvoeren als Administrator
                              post de inhoud van de logfile die opent.
                              .
                              Last edited by Emphyrio; 07-05-14, 16:28.
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X