Ga naar inhoud

Haringvliet

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    17

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Haringvliet

  1. Haringvliet
    Super bedankt voor jullie hulp
  2. Haringvliet
    Ik heb het geprobeerd, maar hij moet echt helemaal uit elkaar om schoon te maken http://speccy.piriform.com/results/uZBdqeZtvZqG7lwWrcJ2qWO Ik wil jullie echt bedanken voor de hulp, het loopt toch al een stuk beter. Super bedankt
  3. Haringvliet
    Schijfcontrole heeft inderdaad een aantal bestanden gerepareerd. Laptop start ook sneller op. Nogmaals super bedankt voor jullie hulp
  4. Haringvliet
    In de bijlage de HD tune printscreen
  5. Haringvliet
    Ik heb de verwijder tool ook gedaan, maar geen resultaat helaas. Verder heb ik nog de link naar speccy : http://speccy.piriform.com/results/u6R7oFBR3dpMQ0CLluryV2O Nog steeds de conclusie : geen virus of adware ? Welke opstarttijd zou reëel zijn voor deze specificatie's ?
  6. Haringvliet
    Ik heb Malwarebytes geupdate en dit is het log. De gevonden items staan in quarantaine. De verwijdertool moet ik nog doen Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Scandatum: 29-9-2014 Scantijd: 22:27:57 Logbestand: Beheerder: Ja Versie: 2.00.2.1012 Malwaredatabase: v2014.09.29.11 Rootkitdatabase: v2014.09.19.01 Licentie: Premium Malwarebescherming: Ingeschakeld Kwaadaardige Website Bescherming: Ingeschakeld Self-protection: Uitgeschakeld Besturingssysteem: Windows Vista Service Pack 2 Processor: x86 Bestandssysteem: NTFS Gebruiker: Maarten Scantype: Aangepaste Scan Resultaat: Voltooid Objecten Gescand: 547231 Verstreken Tijd: 4 u, 12 m, 18 s Geheugen: Uitgeschakeld Opstarten: Uitgeschakeld Bestandssysteem: Ingeschakeld Archieven: Uitgeschakeld Rootkits: Ingeschakeld Diepgewortelde-Rootkit Scan: Ingeschakeld Heuristics: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registersleutels: 1 PUP.Optional.Complitly.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\defdhglnppeioeflggkmglipcecffkhk, In Quarantaine, [4243579890eb9f97dc7a8eeb6f9504fc], Registerwaardes: 0 (No malicious items detected) Registerdata: 0 (No malicious items detected) Mappen: 0 (No malicious items detected) Bestanden: 2 PUP.Optional.MindSpark.A, C:\AdwCleaner\Quarantine\C\Program Files\VideoDownloadConverter_4z\bar\1.bin\T8EXTPEX.DLL.vir, In Quarantaine, [5f26c926710af046bf1165e7718f738d], PUP.Optional.MindSpark.A, C:\AdwCleaner\Quarantine\C\Program Files\VideoDownloadConverter_4z\bar\1.bin\T8TICKER.DLL.vir, In Quarantaine, [e4a15e91225982b42d81be8201040df3], Fysieke Sectoren: 0 (No malicious items detected) (end)
  7. Haringvliet
    Ik heb de Pro versie van malwarebytes draaien, maar kon die scan naar rootkits niet vinden. Ik heb daarom malwarebytes anti rootkit beta gedaan , maar geen resultaat.
  8. Haringvliet
    TDSS killer heeft iets gevonden : 18:55:23.0634 0x00ac TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58 18:55:26.0677 0x00ac ============================================================ 18:55:26.0677 0x00ac Current date / time: 2014/09/29 18:55:26.0677 18:55:26.0677 0x00ac SystemInfo: 18:55:26.0677 0x00ac 18:55:26.0677 0x00ac OS Version: 6.0.6002 ServicePack: 2.0 18:55:26.0677 0x00ac Product type: Workstation 18:55:26.0677 0x00ac ComputerName: PC_VAN_MAARTEN 18:55:26.0678 0x00ac UserName: Maarten 18:55:26.0678 0x00ac Windows directory: C:\Windows 18:55:26.0678 0x00ac System windows directory: C:\Windows 18:55:26.0678 0x00ac Processor architecture: Intel x86 18:55:26.0678 0x00ac Number of processors: 2 18:55:26.0678 0x00ac Page size: 0x1000 18:55:26.0678 0x00ac Boot type: Normal boot 18:55:26.0678 0x00ac ============================================================ 18:55:46.0748 0x00ac KLMD registered as C:\Windows\system32\drivers\15307339.sys 18:55:47.0096 0x00ac System UUID: {99E226EE-19F4-D7B1-18CF-6A2EF641581D} 18:55:47.0985 0x00ac Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 18:55:47.0988 0x00ac ============================================================ 18:55:47.0988 0x00ac \Device\Harddisk0\DR0: 18:55:47.0988 0x00ac MBR partitions: 18:55:47.0988 0x00ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F000, BlocksNum 0x1400000 18:55:47.0988 0x00ac \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x143F000, BlocksNum 0xCB55000 18:55:47.0988 0x00ac ============================================================ 18:55:48.0044 0x00ac C: <-> \Device\Harddisk0\DR0\Partition2 18:55:48.0128 0x00ac D: <-> \Device\Harddisk0\DR0\Partition1 18:55:48.0129 0x00ac ============================================================ 18:55:48.0129 0x00ac Initialize success 18:55:48.0129 0x00ac ============================================================ 18:56:03.0158 0x09e4 ============================================================ 18:56:03.0158 0x09e4 Scan started 18:56:03.0158 0x09e4 Mode: Manual; SigCheck; TDLFS; 18:56:03.0158 0x09e4 ============================================================ 18:56:03.0158 0x09e4 KSN ping started 18:56:03.0373 0x09e4 KSN ping finished: true 18:56:06.0091 0x09e4 ================ Scan system memory ======================== 18:56:06.0091 0x09e4 System memory - ok 18:56:06.0092 0x09e4 ================ Scan services ============================= 18:56:06.0426 0x09e4 [ B0CC0B50441372157F31C4C023D43A3E, A0FCC03588C06E42D3B8465AC7D0F7A909E8CABEEE3C82B3CBD68F150D7692EE ] A2DDA C:\USERS\MAARTEN\DOWNLOADS\EMSISOFTEMERGENCYKIT\RUN\a2ddax86.sys 18:56:06.0632 0x09e4 A2DDA - ok 18:56:07.0298 0x09e4 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys 18:56:07.0327 0x09e4 ACPI - ok 18:56:07.0478 0x09e4 [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 18:56:07.0505 0x09e4 AdobeFlashPlayerUpdateSvc - ok 18:56:07.0614 0x09e4 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 18:56:07.0661 0x09e4 adp94xx - ok 18:56:07.0742 0x09e4 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys 18:56:07.0769 0x09e4 adpahci - ok 18:56:07.0808 0x09e4 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 18:56:07.0841 0x09e4 adpu160m - ok 18:56:07.0881 0x09e4 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 18:56:07.0917 0x09e4 adpu320 - ok 18:56:07.0995 0x09e4 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:56:08.0346 0x09e4 AeLookupSvc - ok 18:56:08.0413 0x09e4 [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys 18:56:08.0508 0x09e4 AFD - ok 18:56:08.0583 0x09e4 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4, 2E89838BD068314F4BE59753486E5D666FE2A3DD0A616E00EED4E0F83DB87401 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:56:08.0615 0x09e4 agp440 - ok 18:56:08.0695 0x09e4 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys 18:56:08.0745 0x09e4 aic78xx - ok 18:56:08.0836 0x09e4 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe 18:56:09.0011 0x09e4 ALG - ok 18:56:09.0073 0x09e4 [ E32A92E1574A467F7C762922F6162D76, 8FFDB6DF3DCA371BF0252BA42A4D9E67D6CC08B67C9008F6992646156E3DDAF7 ] aliide C:\Windows\system32\drivers\aliide.sys 18:56:09.0108 0x09e4 aliide - ok 18:56:09.0158 0x09e4 [ 848F27E5B27C1C253F6CEFDC1A5D8F21, 0FE955D82CE68A1FC5DCA33626179005B90803821005A370EB36352817433089 ] amdagp C:\Windows\system32\drivers\amdagp.sys 18:56:09.0174 0x09e4 amdagp - ok 18:56:09.0242 0x09e4 [ B52B576CB0099A62F87214F371031561, E11C1FC16CF8D7B26856EB07E59537EFF5D2AFBB83B4A18CCFA3909DC8FD3196 ] amdide C:\Windows\system32\drivers\amdide.sys 18:56:09.0260 0x09e4 amdide - ok 18:56:09.0311 0x09e4 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 18:56:09.0550 0x09e4 AmdK7 - ok 18:56:09.0605 0x09e4 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 18:56:09.0705 0x09e4 AmdK8 - ok 18:56:09.0808 0x09e4 [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll 18:56:09.0888 0x09e4 Appinfo - ok 18:56:10.0135 0x09e4 [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:56:10.0169 0x09e4 Apple Mobile Device - ok 18:56:10.0243 0x09e4 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys 18:56:10.0261 0x09e4 arc - ok 18:56:10.0333 0x09e4 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys 18:56:10.0360 0x09e4 arcsas - ok 18:56:10.0651 0x09e4 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 18:56:10.0858 0x09e4 aspnet_state - ok 18:56:10.0925 0x09e4 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:56:10.0984 0x09e4 AsyncMac - ok 18:56:11.0037 0x09e4 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys 18:56:11.0054 0x09e4 atapi - ok 18:56:11.0248 0x09e4 [ CDAB1FB2AC6160EF35B44D6337A04DD4, 6243184A9E31C8F541047E12BD3BF3173343D9CE26504588DF50F355E12D6188 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe 18:56:11.0406 0x09e4 Ati External Event Utility - ok 18:56:11.0468 0x09e4 [ 4AA1EB65481C392955939E735D27118B, 167F91B0F48C13FA4B976EAB2DC0B29C31A2A98E276B2BF80323E051D54934CB ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 18:56:11.0536 0x09e4 AtiPcie - ok 18:56:11.0654 0x09e4 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:56:11.0733 0x09e4 AudioEndpointBuilder - ok 18:56:11.0752 0x09e4 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll 18:56:11.0790 0x09e4 Audiosrv - ok 18:56:11.0835 0x09e4 BCM42RLY - ok 18:56:12.0148 0x09e4 [ ABD543E555BC0453BF52664936DF4DCD, BB9A1EDD708089F75AF6E4942CEA015DE00E058FDB4D1E0B46C85BA507709620 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys 18:56:12.0231 0x09e4 BCM43XX - ok 18:56:12.0257 0x09e4 [ CD4646067CC7DCBA1907FA0ACF7E3966, 705DF801ACB8719213E95D6214E6C30F7A217663305DBB718F7ECD40F0084340 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys 18:56:12.0339 0x09e4 bcm4sbxp - ok 18:56:12.0430 0x09e4 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys 18:56:12.0493 0x09e4 Beep - ok 18:56:12.0595 0x09e4 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll 18:56:12.0727 0x09e4 BFE - ok 18:56:12.0804 0x09e4 [ ACC9C8C560C567FAD6F79C977AB2EA09, 24FF3254680E46B5F3822D26E9AA5020B4B9809AC7B4FF32D95B7D4EAD808AD5 ] bgsvcgen C:\Windows\System32\bgsvcgen.exe 18:56:12.0823 0x09e4 bgsvcgen - ok 18:56:12.0956 0x09e4 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\system32\qmgr.dll 18:56:13.0074 0x09e4 BITS - ok 18:56:13.0086 0x09e4 blbdrive - ok 18:56:13.0254 0x09e4 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 18:56:13.0301 0x09e4 Bonjour Service - ok 18:56:13.0345 0x09e4 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:56:13.0416 0x09e4 bowser - ok 18:56:13.0473 0x09e4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 18:56:13.0514 0x09e4 BrFiltLo - ok 18:56:13.0563 0x09e4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 18:56:13.0646 0x09e4 BrFiltUp - ok 18:56:13.0726 0x09e4 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll 18:56:13.0809 0x09e4 Browser - ok 18:56:13.0860 0x09e4 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys 18:56:13.0957 0x09e4 Brserid - ok 18:56:13.0994 0x09e4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 18:56:14.0078 0x09e4 BrSerWdm - ok 18:56:14.0106 0x09e4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 18:56:14.0175 0x09e4 BrUsbMdm - ok 18:56:14.0203 0x09e4 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 18:56:14.0282 0x09e4 BrUsbSer - ok 18:56:14.0315 0x09e4 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 18:56:14.0390 0x09e4 BTHMODEM - ok 18:56:14.0500 0x09e4 catchme - ok 18:56:14.0579 0x09e4 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:56:14.0646 0x09e4 cdfs - ok 18:56:14.0725 0x09e4 [ E0042BD5BEF17A6A3EF1DF576BDE24D1, 7C9C3351943527FC605D1D2C3FD31CA2F48318F57BBFA42E979CAF9B4DAF8C02 ] cdrbsdrv C:\Windows\system32\drivers\cdrbsdrv.sys 18:56:14.0771 0x09e4 cdrbsdrv - detected UnsignedFile.Multi.Generic ( 1 ) 18:56:14.0857 0x09e4 Detect skipped due to KSN trusted 18:56:14.0857 0x09e4 cdrbsdrv - ok 18:56:14.0916 0x09e4 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:56:14.0985 0x09e4 cdrom - ok 18:56:15.0082 0x09e4 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll 18:56:15.0146 0x09e4 CertPropSvc - ok 18:56:15.0209 0x09e4 [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys 18:56:15.0285 0x09e4 circlass - ok 18:56:15.0383 0x09e4 [ DBC8CDAFC84E96E894C3BAAED9B30F47, A25CDF4BBF8227878D3CBB8E74904A43751EC4E98DFEBFE4CBD3953890A170F9 ] cleanhlp C:\Users\Maarten\Downloads\EmsisoftEmergencyKit\Run\cleanhlp32.sys 18:56:15.0417 0x09e4 cleanhlp - ok 18:56:15.0522 0x09e4 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys 18:56:15.0558 0x09e4 CLFS - ok 18:56:15.0663 0x09e4 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:56:15.0682 0x09e4 clr_optimization_v2.0.50727_32 - ok 18:56:15.0753 0x09e4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:56:16.0194 0x09e4 clr_optimization_v4.0.30319_32 - ok 18:56:16.0260 0x09e4 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:56:16.0323 0x09e4 CmBatt - ok 18:56:16.0351 0x09e4 [ C177DD90B5DC1DCAA96CCECE752E6F0F, 4469A32BFE9D0207A55AB222E4AF111D8780FCDB3E2D0BFB24742B4CE9040BA7 ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:56:16.0368 0x09e4 cmdide - ok 18:56:16.0420 0x09e4 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 18:56:16.0436 0x09e4 Compbatt - ok 18:56:16.0444 0x09e4 COMSysApp - ok 18:56:16.0509 0x09e4 cpuz136 - ok 18:56:16.0545 0x09e4 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 18:56:16.0561 0x09e4 crcdisk - ok 18:56:16.0605 0x09e4 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys 18:56:16.0698 0x09e4 Crusoe - ok 18:56:16.0801 0x09e4 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:56:16.0905 0x09e4 CryptSvc - ok 18:56:17.0067 0x09e4 [ F054744F67576A01139885173392502B, 4FEA15AABC4FC63A3E991412CAF17283BBD257172EF7E255F40F5E22E0286902 ] CrystalSysInfo C:\Program Files\MediaCoder\SysInfo.sys 18:56:17.0102 0x09e4 CrystalSysInfo - ok 18:56:17.0232 0x09e4 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:56:17.0326 0x09e4 DcomLaunch - ok 18:56:17.0424 0x09e4 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:56:17.0544 0x09e4 DfsC - ok 18:56:17.0839 0x09e4 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe 18:56:18.0138 0x09e4 DFSR - ok 18:56:18.0208 0x09e4 [ 6216FD7FD227DE454238A702B218CEC7, 5699FDD253754AE274B8624A41CBE778D74383E95D5167785A48A51AAD67FC70 ] dgderdrv C:\Windows\system32\drivers\dgderdrv.sys 18:56:18.0222 0x09e4 dgderdrv - ok 18:56:18.0288 0x09e4 [ B575C523F537F24D66D31F8877E6BCAB, E2EA9A4DA052D60E7C79A07DF16CD33D5ECB53CB3C6135EDDE8403B951032C38 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 18:56:18.0317 0x09e4 dg_ssudbus - ok 18:56:18.0412 0x09e4 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll 18:56:18.0487 0x09e4 Dhcp - ok 18:56:18.0537 0x09e4 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys 18:56:18.0555 0x09e4 disk - ok 18:56:18.0641 0x09e4 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:56:18.0706 0x09e4 Dnscache - ok 18:56:18.0809 0x09e4 [ 73B37188B998D9C51CF2016CAD0848AC, 760C6290110CDB04103750D377FF7B75462AE4EC4563FD2B799C53365E2CBA2D ] Dokan C:\Windows\system32\drivers\dokan.sys 18:56:18.0850 0x09e4 Dokan - detected UnsignedFile.Multi.Generic ( 1 ) 18:56:18.0936 0x09e4 Detect skipped due to KSN trusted 18:56:18.0936 0x09e4 Dokan - ok 18:56:19.0053 0x09e4 [ F4FEAE56DA1B5B7DC78D5F9214CDEF5E, 042C20052FDC6DF0F90DEFB51DB0ED15222730A25836ECAB8C845CC00651422E ] DokanMounter C:\Program Files\Dokan\DokanLibrary\mounter.exe 18:56:19.0085 0x09e4 DokanMounter - detected UnsignedFile.Multi.Generic ( 1 ) 18:56:19.0185 0x09e4 Detect skipped due to KSN trusted 18:56:19.0185 0x09e4 DokanMounter - ok 18:56:19.0320 0x09e4 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll 18:56:19.0384 0x09e4 dot3svc - ok 18:56:19.0469 0x09e4 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll 18:56:19.0533 0x09e4 DPS - ok 18:56:19.0595 0x09e4 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:56:19.0733 0x09e4 drmkaud - ok 18:56:19.0886 0x09e4 [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:56:19.0963 0x09e4 DXGKrnl - ok 18:56:20.0050 0x09e4 [ 7505290504C8E2D172FA378CC0497BCC, 8DD69E1B27EC13E62529C87B6B796675681E6329C825E64EEC9134B15C08161C ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys 18:56:20.0138 0x09e4 e1express - ok 18:56:20.0171 0x09e4 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 18:56:20.0246 0x09e4 E1G60 - ok 18:56:20.0341 0x09e4 [ 16FF05BE2BD95824B487B1476862A84B, 5EAFACB026BBA833F4FC79E041DE7E061B26519D7C703B40503A9F93FDEDE5E8 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys 18:56:20.0364 0x09e4 eamonm - ok 18:56:20.0437 0x09e4 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll 18:56:20.0502 0x09e4 EapHost - ok 18:56:20.0590 0x09e4 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys 18:56:20.0620 0x09e4 Ecache - ok 18:56:20.0713 0x09e4 [ 366369746D1818FDD8589D1F2C8A6D03, 3EF30C36DEAB79C2E971CA189BDEBAC2491956D3C834E0D1ECCACBD23717B128 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys 18:56:20.0732 0x09e4 ehdrv - ok 18:56:20.0856 0x09e4 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:56:20.0951 0x09e4 ehRecvr - ok 18:56:20.0984 0x09e4 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe 18:56:21.0077 0x09e4 ehSched - ok 18:56:21.0099 0x09e4 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll 18:56:21.0135 0x09e4 ehstart - ok 18:56:21.0419 0x09e4 [ 92D594450A59686DA534E9BC5782EF58, C803F1D2D7F454AF446C3FF4FDC284A656619F64F26843864E76579352FD9396 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe 18:56:21.0585 0x09e4 ekrn - ok 18:56:21.0654 0x09e4 [ 0634299FC837B47B531E4762D946B2AE, F85EB576ACB5DB0D2F48E5F09A7244165A876FA1CA8697EBB773E4D7071D4439 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 18:56:21.0669 0x09e4 ElbyCDIO - ok 18:56:21.0684 0x09e4 [ E205C313417DA6FA7AFE85912A310A65, E58941DEDA9F48BB0D1E1DBAA1CB196CCC6FCFC102825823B34BF878B345215A ] ElbyDelay C:\Windows\system32\Drivers\ElbyDelay.sys 18:56:21.0699 0x09e4 ElbyDelay - ok 18:56:21.0790 0x09e4 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys 18:56:21.0825 0x09e4 elxstor - ok 18:56:22.0024 0x09e4 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 18:56:22.0147 0x09e4 EMDMgmt - ok 18:56:22.0246 0x09e4 [ 5F08103444A1B5B2A38EAB729DE0A1A3, 0A8C2F9064F67A167B17E22A57F1C2866B4923C8BB702D0AAE4AE0D5D9C4F689 ] epfw C:\Windows\system32\DRIVERS\epfw.sys 18:56:22.0286 0x09e4 epfw - ok 18:56:22.0374 0x09e4 [ CCA5BF8C921CDCAE262924F406A1D93C, B21E354D9E77EF9A380223C416CF785C9879FC268B0AD92A1430450E2F125D1B ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys 18:56:22.0389 0x09e4 EpfwLWF - ok 18:56:22.0442 0x09e4 [ 9DFF2C0E4420A22CA37B655E314CAC69, 67FE1C160C41BB18B3AE857E733275655BCD2CF31D730AB2DD0E1C4A3AFFF0F6 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys 18:56:22.0457 0x09e4 epfwwfp - ok 18:56:22.0603 0x09e4 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll 18:56:22.0667 0x09e4 EventSystem - ok 18:56:22.0740 0x09e4 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys 18:56:22.0827 0x09e4 exfat - ok 18:56:22.0895 0x09e4 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:56:22.0957 0x09e4 fastfat - ok 18:56:22.0996 0x09e4 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys 18:56:23.0075 0x09e4 fdc - ok 18:56:23.0134 0x09e4 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll 18:56:23.0192 0x09e4 fdPHost - ok 18:56:23.0226 0x09e4 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll 18:56:23.0313 0x09e4 FDResPub - ok 18:56:23.0347 0x09e4 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:56:23.0365 0x09e4 FileInfo - ok 18:56:23.0437 0x09e4 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:56:23.0517 0x09e4 Filetrace - ok 18:56:23.0543 0x09e4 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 18:56:23.0620 0x09e4 flpydisk - ok 18:56:23.0724 0x09e4 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:56:23.0756 0x09e4 FltMgr - ok 18:56:23.0896 0x09e4 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll 18:56:24.0119 0x09e4 FontCache - ok 18:56:24.0220 0x09e4 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 18:56:24.0238 0x09e4 FontCache3.0.0.0 - ok 18:56:24.0336 0x09e4 [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS 18:56:24.0365 0x09e4 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 ) 18:56:24.0531 0x09e4 Detect skipped due to KSN trusted 18:56:24.0531 0x09e4 FsUsbExDisk - ok 18:56:24.0610 0x09e4 [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe 18:56:24.0656 0x09e4 FsUsbExService - detected UnsignedFile.Multi.Generic ( 1 ) 18:56:24.0899 0x09e4 Detect skipped due to KSN trusted 18:56:24.0900 0x09e4 FsUsbExService - ok 18:56:24.0952 0x09e4 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:56:25.0056 0x09e4 Fs_Rec - ok 18:56:25.0118 0x09e4 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 18:56:25.0153 0x09e4 gagp30kx - ok 18:56:25.0226 0x09e4 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 18:56:25.0239 0x09e4 GEARAspiWDM - ok 18:56:25.0383 0x09e4 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F, 6D2B301E77839FFF1C74425B37D02C3F3837CE50E856C21AE4CF7ABABB04ADDC ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 18:56:25.0399 0x09e4 GoogleDesktopManager-051210-111108 - ok 18:56:25.0619 0x09e4 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll 18:56:25.0726 0x09e4 gpsvc - ok 18:56:25.0923 0x09e4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 18:56:25.0950 0x09e4 gupdate - ok 18:56:25.0960 0x09e4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 18:56:25.0977 0x09e4 gupdatem - ok 18:56:26.0170 0x09e4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 18:56:26.0219 0x09e4 gusvc - ok 18:56:26.0280 0x09e4 [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:56:26.0374 0x09e4 HdAudAddService - ok 18:56:26.0647 0x09e4 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 18:56:26.0726 0x09e4 HDAudBus - ok 18:56:26.0780 0x09e4 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys 18:56:26.0882 0x09e4 HidBth - ok 18:56:26.0903 0x09e4 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys 18:56:26.0975 0x09e4 HidIr - ok 18:56:27.0048 0x09e4 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll 18:56:27.0149 0x09e4 hidserv - ok 18:56:27.0236 0x09e4 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:56:27.0321 0x09e4 HidUsb - ok 18:56:27.0426 0x09e4 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll 18:56:27.0479 0x09e4 hkmsvc - ok 18:56:27.0526 0x09e4 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 18:56:27.0542 0x09e4 HpCISSs - ok 18:56:27.0766 0x09e4 [ 99F85640054BA65190B860D878A7C9AE, CE87323FFA4A74EA721A5E7CA6F233C54F21C2C1C6BF7DE84049CE7CEB0741AE ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys 18:56:27.0937 0x09e4 HSF_DPV - ok 18:56:27.0975 0x09e4 [ CFBC2B81972E298F0E19EE68FA9E73DA, F149EE69F7300494329A5609ACC2D2F4A6D2F681CD368E7DA43C4D768D5B6C64 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys 18:56:28.0033 0x09e4 HSXHWAZL - ok 18:56:28.0205 0x09e4 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:56:28.0278 0x09e4 HTTP - ok 18:56:28.0324 0x09e4 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys 18:56:28.0392 0x09e4 i2omp - ok 18:56:28.0466 0x09e4 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 18:56:28.0505 0x09e4 i8042prt - ok 18:56:28.0587 0x09e4 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 18:56:28.0614 0x09e4 iaStorV - ok 18:56:28.0811 0x09e4 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 18:56:28.0857 0x09e4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 18:56:29.0025 0x09e4 Detect skipped due to KSN trusted 18:56:29.0025 0x09e4 IDriverT - ok 18:56:29.0396 0x09e4 [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:56:29.0508 0x09e4 idsvc - ok 18:56:29.0540 0x09e4 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys 18:56:29.0568 0x09e4 iirsp - ok 18:56:29.0655 0x09e4 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll 18:56:29.0735 0x09e4 IKEEXT - ok 18:56:29.0780 0x09e4 [ 59B00EFB24EAD979BECF413703BB1FAC, CC094DF02F2D894DCE31AB21CA3A90AB93AF9782535FBDE8B383CAD48BAB13DF ] intelide C:\Windows\system32\drivers\intelide.sys 18:56:29.0796 0x09e4 intelide - ok 18:56:29.0858 0x09e4 [ CE44CC04262F28216DD4341E9E36A16F, 2B316C4124DCFEAD7838B3D8FB8DBEC3F3B1EA8EA612AABB05B1275D0B230CCD ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:56:29.0939 0x09e4 intelppm - ok 18:56:29.0984 0x09e4 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:56:30.0046 0x09e4 IPBusEnum - ok 18:56:30.0120 0x09e4 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:56:30.0185 0x09e4 IpFilterDriver - ok 18:56:30.0244 0x09e4 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:56:30.0363 0x09e4 iphlpsvc - ok 18:56:30.0370 0x09e4 IpInIp - ok 18:56:30.0458 0x09e4 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 18:56:30.0516 0x09e4 IPMIDRV - ok 18:56:30.0567 0x09e4 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 18:56:30.0620 0x09e4 IPNAT - ok 18:56:30.0689 0x09e4 [ 781ABA6C29AD40259602703A328DAEC6, 2DB936C8DE6D4424C6A10D4200F3D7F97A3A129A3B1064A83AB9846C3A828BE0 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 18:56:30.0740 0x09e4 iPod Service - ok 18:56:30.0802 0x09e4 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:56:30.0870 0x09e4 IRENUM - ok 18:56:30.0901 0x09e4 [ 2F8ECE2699E7E2070545E9B0960A8ED2, 40214A9220C6EC232C245939E4F40A9FF6D30497E180EDC809B87938A922E52D ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:56:30.0925 0x09e4 isapnp - ok 18:56:30.0991 0x09e4 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 18:56:31.0015 0x09e4 iScsiPrt - ok 18:56:31.0040 0x09e4 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 18:56:31.0056 0x09e4 iteatapi - ok 18:56:31.0094 0x09e4 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys 18:56:31.0115 0x09e4 iteraid - ok 18:56:31.0145 0x09e4 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:56:31.0162 0x09e4 kbdclass - ok 18:56:31.0182 0x09e4 [ ED61DBC6603F612B7338283EDBACBC4B, E43F2AEC4F0462BCD74B68682A3E8E6C3B3C24F043CC1603BBA200416581E080 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 18:56:31.0270 0x09e4 kbdhid - ok 18:56:31.0333 0x09e4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe 18:56:31.0403 0x09e4 KeyIso - ok 18:56:31.0524 0x09e4 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:56:31.0564 0x09e4 KSecDD - ok 18:56:31.0666 0x09e4 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll 18:56:31.0745 0x09e4 KtmRm - ok 18:56:31.0828 0x09e4 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll 18:56:31.0900 0x09e4 LanmanServer - ok 18:56:31.0984 0x09e4 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:56:32.0034 0x09e4 LanmanWorkstation - ok 18:56:32.0121 0x09e4 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:56:32.0177 0x09e4 lltdio - ok 18:56:32.0305 0x09e4 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:56:32.0395 0x09e4 lltdsvc - ok 18:56:32.0458 0x09e4 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:56:32.0546 0x09e4 lmhosts - ok 18:56:32.0593 0x09e4 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 18:56:32.0611 0x09e4 LSI_FC - ok 18:56:32.0651 0x09e4 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 18:56:32.0687 0x09e4 LSI_SAS - ok 18:56:32.0742 0x09e4 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 18:56:32.0758 0x09e4 LSI_SCSI - ok 18:56:32.0811 0x09e4 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys 18:56:32.0875 0x09e4 luafv - ok 18:56:32.0999 0x09e4 [ A3E700D78EEC390F1208098CDCA5C6B6, 37D92D4AF24C43B4C468974CBBD55B6DF3AB92780560285039A0B078E566985A ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys 18:56:33.0017 0x09e4 MarvinBus - detected UnsignedFile.Multi.Generic ( 1 ) 18:56:33.0184 0x09e4 Detect skipped due to KSN trusted 18:56:33.0184 0x09e4 MarvinBus - ok 18:56:33.0256 0x09e4 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 18:56:33.0273 0x09e4 MBAMProtector - ok 18:56:33.0528 0x09e4 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 18:56:33.0567 0x09e4 MBAMScheduler - ok 18:56:33.0694 0x09e4 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 18:56:33.0780 0x09e4 MBAMService - ok 18:56:33.0898 0x09e4 [ 8FD868E32459ECE2A1BB0169F513D31E, F28E47FBEC8EC8424FFFB359668E0FEEA66A69E9D737D75472934FAC39770390 ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys 18:56:33.0935 0x09e4 mcdbus - detected UnsignedFile.Multi.Generic ( 1 ) 18:56:34.0033 0x09e4 Detect skipped due to KSN trusted 18:56:34.0033 0x09e4 mcdbus - ok 18:56:34.0109 0x09e4 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:56:34.0170 0x09e4 Mcx2Svc - ok 18:56:34.0314 0x09e4 [ 4468FBDCA9563B50F6234766044BD70D, BF899813613865EF24C4B6749DFB5DDE90ED5B16E184D0093500C42387CD1377 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe 18:56:34.0375 0x09e4 MDM - detected UnsignedFile.Multi.Generic ( 1 ) 18:56:34.0560 0x09e4 MDM ( UnsignedFile.Multi.Generic ) - warning 18:56:34.0705 0x09e4 [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 18:56:34.0740 0x09e4 mdmxsdk - ok 18:56:34.0844 0x09e4 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys 18:56:34.0873 0x09e4 megasas - ok 18:56:34.0950 0x09e4 [ BAFDD5E28BAEA99D7F4772AF2F5EC7EE, 11AF8935DE8309A2F8653CE0B602464D1F470A25675B160B9D95647345325475 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys 18:56:34.0966 0x09e4 mfeavfk - ok 18:56:35.0027 0x09e4 [ 1D003E3056A43D881597D6763E83B943, 388C3A78BA36957465B853E2B53E1ADD2E2472D9296C92757A8AE0C08C9EF665 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys 18:56:35.0041 0x09e4 mfebopk - ok 18:56:35.0114 0x09e4 [ 3F138A1C8A0659F329F242D1E389B2CF, 49A0E7673A81A8715A33EE18422FDCB8A0D049A1B1CBA38167ACF9A24254E3CC ] mfehidk C:\Windows\system32\drivers\mfehidk.sys 18:56:35.0141 0x09e4 mfehidk - ok 18:56:35.0185 0x09e4 [ 41FE2F288E05A6C8AB85DD56770FFBAD, 75AB2C2882DEDB85DFCB313C0F469723AD252CA8D0D4C73D5CA72D7DDCA1B0E7 ] mferkdk C:\Windows\system32\drivers\mferkdk.sys 18:56:35.0199 0x09e4 mferkdk - ok 18:56:35.0267 0x09e4 [ 096B52EA918AA909BA5903D79E129005, A34B7E5DA4053B0C9A01EEAA1538B2950287DD56BC602D2E35365ABA6E7AA4DC ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys 18:56:35.0310 0x09e4 mfesmfk - ok 18:56:35.0556 0x09e4 Microsoft SharePoint Workspace Audit Service - ok 18:56:35.0607 0x09e4 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll 18:56:35.0664 0x09e4 MMCSS - ok 18:56:35.0726 0x09e4 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys 18:56:35.0793 0x09e4 Modem - ok 18:56:35.0848 0x09e4 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:56:35.0903 0x09e4 monitor - ok 18:56:35.0936 0x09e4 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:56:35.0975 0x09e4 mouclass - ok 18:56:36.0016 0x09e4 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:56:36.0081 0x09e4 mouhid - ok 18:56:36.0171 0x09e4 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 18:56:36.0190 0x09e4 MountMgr - ok 18:56:36.0262 0x09e4 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys 18:56:36.0291 0x09e4 mpio - ok 18:56:36.0357 0x09e4 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:56:36.0407 0x09e4 mpsdrv - ok 18:56:36.0593 0x09e4 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll 18:56:36.0695 0x09e4 MpsSvc - ok 18:56:36.0733 0x09e4 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 18:56:36.0760 0x09e4 Mraid35x - ok 18:56:36.0850 0x09e4 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:56:36.0904 0x09e4 MRxDAV - ok 18:56:37.0002 0x09e4 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:56:37.0060 0x09e4 mrxsmb - ok 18:56:37.0171 0x09e4 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:56:37.0200 0x09e4 mrxsmb10 - ok 18:56:37.0225 0x09e4 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:56:37.0274 0x09e4 mrxsmb20 - ok 18:56:37.0298 0x09e4 [ 2681302B63B318CBEA6C82902AC5428C, B3E243E8582AE92568231C197FC1CB2BA60EDDCBCAA7F404C4012D2A803B7A8E ] msahci C:\Windows\system32\drivers\msahci.sys 18:56:37.0316 0x09e4 msahci - ok 18:56:37.0333 0x09e4 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:56:37.0378 0x09e4 msdsm - ok 18:56:37.0437 0x09e4 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe 18:56:37.0493 0x09e4 MSDTC - ok 18:56:37.0552 0x09e4 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:56:37.0619 0x09e4 Msfs - ok 18:56:37.0696 0x09e4 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:56:37.0711 0x09e4 msisadrv - ok 18:56:37.0787 0x09e4 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:56:37.0844 0x09e4 MSiSCSI - ok 18:56:37.0872 0x09e4 msiserver - ok 18:56:37.0933 0x09e4 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:56:37.0990 0x09e4 MSKSSRV - ok 18:56:38.0043 0x09e4 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:56:38.0118 0x09e4 MSPCLOCK - ok 18:56:38.0172 0x09e4 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:56:38.0249 0x09e4 MSPQM - ok 18:56:38.0351 0x09e4 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:56:38.0390 0x09e4 MsRPC - ok 18:56:38.0423 0x09e4 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 18:56:38.0469 0x09e4 mssmbios - ok 18:56:38.0505 0x09e4 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:56:38.0537 0x09e4 MSTEE - ok 18:56:38.0584 0x09e4 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys 18:56:38.0602 0x09e4 Mup - ok 18:56:38.0735 0x09e4 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll 18:56:38.0818 0x09e4 napagent - ok 18:56:38.0899 0x09e4 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:56:38.0929 0x09e4 NativeWifiP - ok 18:56:39.0101 0x09e4 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys 18:56:39.0144 0x09e4 NDIS - ok 18:56:39.0242 0x09e4 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:56:39.0299 0x09e4 NdisTapi - ok 18:56:39.0361 0x09e4 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:56:39.0406 0x09e4 Ndisuio - ok 18:56:39.0452 0x09e4 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:56:39.0496 0x09e4 NdisWan - ok 18:56:39.0567 0x09e4 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:56:39.0610 0x09e4 NDProxy - ok 18:56:39.0878 0x09e4 [ C5052FB77AA42ED440F9F6B4E37145A9, 0A2F5F50104353BB665E3197D9ED044690C9C08F16140C8117A2FC46A25E0C04 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 18:56:40.0007 0x09e4 Nero BackItUp Scheduler 3 - ok 18:56:40.0371 0x09e4 [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe 18:56:40.0543 0x09e4 Nero BackItUp Scheduler 4.0 - ok 18:56:40.0597 0x09e4 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:56:40.0647 0x09e4 NetBIOS - ok 18:56:40.0743 0x09e4 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys 18:56:40.0813 0x09e4 netbt - ok 18:56:40.0845 0x09e4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe 18:56:40.0861 0x09e4 Netlogon - ok 18:56:40.0987 0x09e4 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll 18:56:41.0080 0x09e4 Netman - ok 18:56:41.0209 0x09e4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:56:41.0310 0x09e4 NetMsmqActivator - ok 18:56:41.0343 0x09e4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:56:41.0365 0x09e4 NetPipeActivator - ok 18:56:41.0460 0x09e4 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll 18:56:41.0537 0x09e4 netprofm - ok 18:56:41.0739 0x09e4 [ C5639142FAB48FB1897888B4B6A09FA9, 9767D7670C1600012229A350BF29752977F389540DDF06B922D4A5BA5368081F ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys 18:56:41.0849 0x09e4 netr28u - ok 18:56:41.0861 0x09e4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:56:41.0897 0x09e4 NetTcpActivator - ok 18:56:41.0909 0x09e4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:56:41.0932 0x09e4 NetTcpPortSharing - ok 18:56:41.0978 0x09e4 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 18:56:42.0023 0x09e4 nfrd960 - ok 18:56:42.0116 0x09e4 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll 18:56:42.0190 0x09e4 NlaSvc - ok 18:56:42.0285 0x09e4 [ 74149BCF0307BB76D68C0F8912DF731C, 36FB518726E05F46C6CE379991D66A4C3227B1D70A3D90D6F84DCFD793953B1B ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 18:56:42.0358 0x09e4 NMIndexingService - ok 18:56:42.0429 0x09e4 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:56:42.0473 0x09e4 Npfs - ok 18:56:42.0542 0x09e4 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll 18:56:42.0598 0x09e4 nsi - ok 18:56:42.0656 0x09e4 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:56:42.0712 0x09e4 nsiproxy - ok 18:56:42.0915 0x09e4 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:56:43.0114 0x09e4 Ntfs - ok 18:56:43.0191 0x09e4 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 18:56:43.0280 0x09e4 ntrigdigi - ok 18:56:43.0349 0x09e4 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys 18:56:43.0418 0x09e4 Null - ok 18:56:43.0446 0x09e4 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:56:43.0481 0x09e4 nvraid - ok 18:56:43.0504 0x09e4 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:56:43.0519 0x09e4 nvstor - ok 18:56:43.0557 0x09e4 [ 055081FD5076401C1EE1BCAB08D81911, E6621F2D24E7E2544AFD249660F2D1026B94698CA841E79B3F1199ACB2203995 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:56:43.0576 0x09e4 nv_agp - ok 18:56:43.0583 0x09e4 NwlnkFlt - ok 18:56:43.0592 0x09e4 NwlnkFwd - ok 18:56:43.0641 0x09e4 [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:56:43.0714 0x09e4 ohci1394 - ok 18:56:43.0810 0x09e4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:56:43.0830 0x09e4 ose - ok 18:56:44.0288 0x09e4 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:56:44.0808 0x09e4 osppsvc - ok 18:56:44.0999 0x09e4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll 18:56:45.0136 0x09e4 p2pimsvc - ok 18:56:45.0174 0x09e4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll 18:56:45.0246 0x09e4 p2psvc - ok 18:56:45.0290 0x09e4 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys 18:56:45.0361 0x09e4 Parport - ok 18:56:45.0401 0x09e4 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:56:45.0420 0x09e4 partmgr - ok 18:56:45.0447 0x09e4 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 18:56:45.0525 0x09e4 Parvdm - ok 18:56:45.0576 0x09e4 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll 18:56:45.0658 0x09e4 PcaSvc - ok 18:56:45.0746 0x09e4 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys 18:56:45.0768 0x09e4 pci - ok 18:56:45.0809 0x09e4 [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide C:\Windows\system32\drivers\pciide.sys 18:56:45.0826 0x09e4 pciide - ok 18:56:45.0861 0x09e4 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 18:56:45.0893 0x09e4 pcmcia - ok 18:56:45.0970 0x09e4 [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys 18:56:46.0054 0x09e4 pcouffin - ok 18:56:46.0243 0x09e4 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:56:46.0418 0x09e4 PEAUTH - ok 18:56:46.0795 0x09e4 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll 18:56:46.0976 0x09e4 pla - ok 18:56:47.0036 0x09e4 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:56:47.0092 0x09e4 PlugPlay - ok 18:56:47.0213 0x09e4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 18:56:47.0259 0x09e4 PNRPAutoReg - ok 18:56:47.0328 0x09e4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll 18:56:47.0385 0x09e4 PNRPsvc - ok 18:56:47.0483 0x09e4 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:56:47.0586 0x09e4 PolicyAgent - ok 18:56:47.0634 0x09e4 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:56:47.0688 0x09e4 PptpMiniport - ok 18:56:47.0737 0x09e4 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys 18:56:47.0820 0x09e4 Processor - ok 18:56:47.0874 0x09e4 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll 18:56:47.0925 0x09e4 ProfSvc - ok 18:56:47.0965 0x09e4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe 18:56:47.0983 0x09e4 ProtectedStorage - ok 18:56:48.0043 0x09e4 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys 18:56:48.0086 0x09e4 PSched - ok 18:56:48.0161 0x09e4 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys 18:56:48.0276 0x09e4 ql2300 - ok 18:56:48.0301 0x09e4 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 18:56:48.0321 0x09e4 ql40xx - ok 18:56:48.0398 0x09e4 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll 18:56:48.0465 0x09e4 QWAVE - ok 18:56:48.0506 0x09e4 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:56:48.0555 0x09e4 QWAVEdrv - ok 18:56:48.0797 0x09e4 [ 554685122B4F973E21D66C2BAAF29543, 7D5B6CDFA5D4298103D543CAA23F1DBB45561D49683071C03593DD2BC9BF3909 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys 18:56:49.0006 0x09e4 R300 - ok 18:56:49.0104 0x09e4 [ 70DBDAB246C18B78E2200D6401D038BE, 18395D084AA9BEAF9C20736C90063CE1F862AF3A80F7752DB4FC0D1870D9996D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 18:56:49.0179 0x09e4 RapiMgr - ok 18:56:49.0237 0x09e4 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:56:49.0295 0x09e4 RasAcd - ok 18:56:49.0365 0x09e4 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll 18:56:49.0425 0x09e4 RasAuto - ok 18:56:49.0474 0x09e4 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:56:49.0510 0x09e4 Rasl2tp - ok 18:56:49.0626 0x09e4 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll 18:56:49.0678 0x09e4 RasMan - ok 18:56:49.0735 0x09e4 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:56:49.0807 0x09e4 RasPppoe - ok 18:56:49.0860 0x09e4 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:56:49.0916 0x09e4 RasSstp - ok 18:56:50.0040 0x09e4 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:56:50.0102 0x09e4 rdbss - ok 18:56:50.0163 0x09e4 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:56:50.0199 0x09e4 RDPCDD - ok 18:56:50.0266 0x09e4 [ 0245418224CFA77BF4B41C2FE0622258, 532A8ABB476A1723FDD25A12EA07C97F2588F24D0AE6F86C0105112A9AECCDB9 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 18:56:50.0318 0x09e4 rdpdr - ok 18:56:50.0345 0x09e4 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:56:50.0405 0x09e4 RDPENCDD - ok 18:56:50.0522 0x09e4 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:56:50.0635 0x09e4 RDPWD - ok 18:56:50.0711 0x09e4 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll 18:56:50.0765 0x09e4 RemoteAccess - ok 18:56:50.0818 0x09e4 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:56:50.0884 0x09e4 RemoteRegistry - ok 18:56:50.0919 0x09e4 [ D85E3FA9F5B1F29BB4ED185C450D1470, 5DCB3DF594E907B058CCF3EDA07EB019D9E1835177B6CDAEA2EDE9003699809E ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys 18:56:50.0968 0x09e4 rimmptsk - ok 18:56:50.0985 0x09e4 [ DB8EB01C58C9FADA00C70B1775278AE0, 35F0F3F15211D0F0B3EC85832C7E307ED7FDA6A2C9B463740EA0D7A49BC64926 ] rimsptsk C:\Windows\system32\drivers\rimsptsk.sys 18:56:51.0017 0x09e4 rimsptsk - ok 18:56:51.0035 0x09e4 [ 6C1F93C0760C9F79A1869D07233DF39D, 70DD037E76F6E89CE9630175772707BB8588324058079B5F18C505B31306BACE ] rismxdp C:\Windows\system32\drivers\rixdptsk.sys 18:56:51.0091 0x09e4 rismxdp - ok 18:56:51.0150 0x09e4 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe 18:56:51.0213 0x09e4 RpcLocator - ok 18:56:51.0398 0x09e4 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll 18:56:51.0448 0x09e4 RpcSs - ok 18:56:51.0539 0x09e4 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:56:51.0604 0x09e4 rspndr - ok 18:56:51.0626 0x09e4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe 18:56:51.0646 0x09e4 SamSs - ok 18:56:51.0704 0x09e4 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:56:51.0722 0x09e4 sbp2port - ok 18:56:51.0800 0x09e4 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:56:51.0845 0x09e4 SCardSvr - ok 18:56:52.0067 0x09e4 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll 18:56:52.0158 0x09e4 Schedule - ok 18:56:52.0254 0x09e4 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll 18:56:52.0281 0x09e4 SCPolicySvc - ok 18:56:52.0332 0x09e4 [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 18:56:52.0380 0x09e4 sdbus - ok 18:56:52.0469 0x09e4 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:56:52.0554 0x09e4 SDRSVC - ok 18:56:52.0578 0x09e4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:56:52.0635 0x09e4 secdrv - ok 18:56:52.0692 0x09e4 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll 18:56:52.0743 0x09e4 seclogon - ok 18:56:52.0786 0x09e4 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\system32\sens.dll 18:56:52.0821 0x09e4 SENS - ok 18:56:52.0868 0x09e4 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys 18:56:52.0985 0x09e4 Serenum - ok 18:56:53.0010 0x09e4 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys 18:56:53.0086 0x09e4 Serial - ok 18:56:53.0141 0x09e4 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys 18:56:53.0174 0x09e4 sermouse - ok 18:56:53.0264 0x09e4 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll 18:56:53.0322 0x09e4 SessionEnv - ok 18:56:53.0364 0x09e4 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 18:56:53.0409 0x09e4 sffdisk - ok 18:56:53.0438 0x09e4 [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:56:53.0483 0x09e4 sffp_mmc - ok 18:56:53.0553 0x09e4 [ 9F66A46C55D6F1CCABC79BB7AFCCC545, 029115C69315D2298F7FC944A53EF7F120FF74919208EB5ABC190022176D9B16 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 18:56:53.0578 0x09e4 sffp_sd - ok 18:56:53.0599 0x09e4 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 18:56:53.0657 0x09e4 sfloppy - ok 18:56:53.0724 0x09e4 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:56:53.0775 0x09e4 SharedAccess - ok 18:56:53.0850 0x09e4 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:56:53.0947 0x09e4 ShellHWDetection - ok 18:56:53.0991 0x09e4 [ 08072B2FB92477FC813271A84B3A8698, A97ABDEB5E37F7B50DD6168FAAD524BE82418FC7818BB667C10951408FB6EB70 ] sisagp C:\Windows\system32\drivers\sisagp.sys 18:56:54.0008 0x09e4 sisagp - ok 18:56:54.0037 0x09e4 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 18:56:54.0053 0x09e4 SiSRaid2 - ok 18:56:54.0095 0x09e4 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 18:56:54.0131 0x09e4 SiSRaid4 - ok 18:56:54.0502 0x09e4 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe 18:56:54.0882 0x09e4 slsvc - ok 18:56:54.0959 0x09e4 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll 18:56:55.0030 0x09e4 SLUINotify - ok 18:56:55.0084 0x09e4 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:56:55.0127 0x09e4 Smb - ok 18:56:55.0177 0x09e4 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:56:55.0196 0x09e4 SNMPTRAP - ok 18:56:55.0253 0x09e4 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys 18:56:55.0271 0x09e4 spldr - ok 18:56:55.0347 0x09e4 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe 18:56:55.0411 0x09e4 Spooler - ok 18:56:55.0519 0x09e4 [ 71E276F6D189413266EA22171806597B, AF3DF0DEF023ADBC81D742424B57581D7680FA4FA64B761BEAEEE60C9FCD34BF ] sptd C:\Windows\system32\Drivers\sptd.sys 18:56:55.0520 0x09e4 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 71E276F6D189413266EA22171806597B, sha256: AF3DF0DEF023ADBC81D742424B57581D7680FA4FA64B761BEAEEE60C9FCD34BF 18:56:55.0523 0x09e4 sptd - detected LockedFile.Multi.Generic ( 1 ) 18:56:55.0608 0x09e4 Detect skipped due to KSN trusted 18:56:55.0609 0x09e4 sptd - ok 18:56:55.0678 0x09e4 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys 18:56:55.0755 0x09e4 srv - ok 18:56:55.0821 0x09e4 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:56:55.0907 0x09e4 srv2 - ok 18:56:55.0958 0x09e4 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:56:56.0000 0x09e4 srvnet - ok 18:56:56.0063 0x09e4 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:56:56.0147 0x09e4 SSDPSRV - ok 18:56:56.0231 0x09e4 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:56:56.0282 0x09e4 SstpSvc - ok 18:56:56.0358 0x09e4 [ CA22092117F4F8BA3700B4BF9962444A, 2E82F06E700179FE2C743506FEFD0D45E1CECCD97C0E4C574159EB3A9B8D101F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 18:56:56.0399 0x09e4 ssudmdm - ok 18:56:56.0445 0x09e4 [ D294949451D2DBB3FF22BA352978D99D, A70472316F71C4A29CE40E4C4A9372B47BFBFB341AB756596FAB94AF276B5C8A ] STacSV C:\Windows\system32\STacSV.exe 18:56:56.0470 0x09e4 STacSV - detected UnsignedFile.Multi.Generic ( 1 ) 18:56:56.0556 0x09e4 Detect skipped due to KSN trusted 18:56:56.0556 0x09e4 STacSV - ok 18:56:56.0608 0x09e4 [ 3CFEA727795243364BB6A7F9A091FAA3, 9F897F4AAA67C7331A26418B2483C8D48E9A9F1125A05DCC65CDE2D14FCFCF6C ] STHDA C:\Windows\system32\drivers\stwrt.sys 18:56:56.0687 0x09e4 STHDA - ok 18:56:56.0775 0x09e4 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll 18:56:56.0831 0x09e4 stisvc - ok 18:56:56.0861 0x09e4 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys 18:56:56.0877 0x09e4 swenum - ok 18:56:57.0005 0x09e4 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll 18:56:57.0078 0x09e4 swprv - ok 18:56:57.0125 0x09e4 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 18:56:57.0142 0x09e4 Symc8xx - ok 18:56:57.0180 0x09e4 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 18:56:57.0196 0x09e4 Sym_hi - ok 18:56:57.0233 0x09e4 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 18:56:57.0250 0x09e4 Sym_u3 - ok 18:56:57.0307 0x09e4 [ 451E8037E2EB6DA6BDF0A66F65D1810B, 98E94486560A00B33E19902BB1B5CE51168E583E9303B3A2F7337D3501887B34 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 18:56:57.0329 0x09e4 SynTP - ok 18:56:57.0413 0x09e4 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll 18:56:57.0497 0x09e4 SysMain - ok 18:56:57.0538 0x09e4 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:56:57.0590 0x09e4 TabletInputService - ok 18:56:57.0669 0x09e4 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll 18:56:57.0746 0x09e4 TapiSrv - ok 18:56:57.0813 0x09e4 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll 18:56:57.0884 0x09e4 TBS - ok 18:56:57.0976 0x09e4 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:56:58.0136 0x09e4 Tcpip - ok 18:56:58.0185 0x09e4 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 18:56:58.0267 0x09e4 Tcpip6 - ok 18:56:58.0325 0x09e4 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:56:58.0527 0x09e4 tcpipreg - ok 18:56:58.0589 0x09e4 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:56:58.0643 0x09e4 TDPIPE - ok 18:56:58.0696 0x09e4 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:56:58.0729 0x09e4 TDTCP - ok 18:56:58.0785 0x09e4 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:56:58.0830 0x09e4 tdx - ok 18:56:58.0853 0x09e4 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 18:56:58.0874 0x09e4 TermDD - ok 18:56:58.0930 0x09e4 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll 18:56:59.0027 0x09e4 TermService - ok 18:56:59.0094 0x09e4 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll 18:56:59.0128 0x09e4 Themes - ok 18:56:59.0173 0x09e4 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll 18:56:59.0211 0x09e4 THREADORDER - ok 18:56:59.0336 0x09e4 [ 0A03E85A641F2672796D34F506066594, B2AA139CC53F25DB1709844483D404A8FA1D010167BCF164B4A31A029C606F7D ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 18:56:59.0352 0x09e4 TomTomHOMEService - ok 18:56:59.0407 0x09e4 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll 18:56:59.0446 0x09e4 TrkWks - ok 18:56:59.0531 0x09e4 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:56:59.0558 0x09e4 TrustedInstaller - ok 18:56:59.0619 0x09e4 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:56:59.0677 0x09e4 tssecsrv - ok 18:56:59.0744 0x09e4 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 18:56:59.0825 0x09e4 tunmp - ok 18:56:59.0870 0x09e4 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:56:59.0914 0x09e4 tunnel - ok 18:57:00.0212 0x09e4 [ 444A3CFAB91479868692075086DC340A, 1F2E3DFCCD697EAA142FE21C96B5FE2652E2C924762F0855B28AD3C61DF15D10 ] TVersityMediaServer C:\Users\Maarten\AppData\Local\TVersity\Media Server\MediaServer.exe 18:57:00.0339 0x09e4 TVersityMediaServer - detected UnsignedFile.Multi.Generic ( 1 ) 18:57:00.0508 0x09e4 Detect skipped due to KSN trusted 18:57:00.0508 0x09e4 TVersityMediaServer - ok 18:57:00.0558 0x09e4 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys 18:57:00.0576 0x09e4 uagp35 - ok 18:57:00.0628 0x09e4 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:57:00.0680 0x09e4 udfs - ok 18:57:00.0755 0x09e4 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:57:00.0810 0x09e4 UI0Detect - ok 18:57:00.0857 0x09e4 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD, 9102CB4B5E8B858B61DE1508C6A00D75584741891899966258E510173DBF7BB9 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:57:00.0875 0x09e4 uliagpkx - ok 18:57:00.0922 0x09e4 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys 18:57:00.0984 0x09e4 uliahci - ok 18:57:01.0033 0x09e4 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys 18:57:01.0053 0x09e4 UlSata - ok 18:57:01.0086 0x09e4 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 18:57:01.0105 0x09e4 ulsata2 - ok 18:57:01.0144 0x09e4 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:57:01.0198 0x09e4 umbus - ok 18:57:01.0277 0x09e4 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll 18:57:01.0365 0x09e4 upnphost - ok 18:57:01.0442 0x09e4 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 18:57:01.0474 0x09e4 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 ) 18:57:01.0651 0x09e4 Detect skipped due to KSN trusted 18:57:01.0651 0x09e4 USBAAPL - ok 18:57:01.0720 0x09e4 [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 18:57:01.0777 0x09e4 usbaudio - ok 18:57:01.0859 0x09e4 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:57:01.0919 0x09e4 usbccgp - ok 18:57:01.0952 0x09e4 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:57:02.0011 0x09e4 usbcir - ok 18:57:02.0048 0x09e4 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 18:57:02.0067 0x09e4 usbehci - ok 18:57:02.0094 0x09e4 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:57:02.0155 0x09e4 usbhub - ok 18:57:02.0212 0x09e4 [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 18:57:02.0254 0x09e4 usbohci - ok 18:57:02.0290 0x09e4 [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint C:\Windows\system32\drivers\usbprint.sys 18:57:02.0367 0x09e4 usbprint - ok 18:57:02.0393 0x09e4 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:57:02.0422 0x09e4 USBSTOR - ok 18:57:02.0435 0x09e4 [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 18:57:02.0498 0x09e4 usbuhci - ok 18:57:02.0550 0x09e4 [ 228F444F9AF0D3B9ECA9FC3F4FEB12F2, D29C9A0ED5602BCD529A0D7F538DFA8771B1CAC6F433AA686C3A4917DC596369 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 18:57:02.0624 0x09e4 usb_rndisx - ok 18:57:02.0701 0x09e4 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll 18:57:02.0728 0x09e4 UxSms - ok 18:57:02.0823 0x09e4 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe 18:57:02.0876 0x09e4 vds - ok 18:57:02.0910 0x09e4 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:57:02.0970 0x09e4 vga - ok 18:57:03.0017 0x09e4 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys 18:57:03.0081 0x09e4 VgaSave - ok 18:57:03.0122 0x09e4 [ D5929A28BDFF4367A12CAF06AF901971, DE2A60A9EE1ABACEE6221E4AD5D4AA4CBA12FED448EB36CA3B7A9A5F09A8DC8C ] viaagp C:\Windows\system32\drivers\viaagp.sys 18:57:03.0158 0x09e4 viaagp - ok 18:57:03.0191 0x09e4 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys 18:57:03.0278 0x09e4 ViaC7 - ok 18:57:03.0308 0x09e4 [ 689547CE911998D1E0DA7A5992E025FC, F77F9732F2ACB7E227F692D582CD983C5B3AF3966204D5A6D6A580E3E2E3E084 ] viaide C:\Windows\system32\drivers\viaide.sys 18:57:03.0325 0x09e4 viaide - ok 18:57:03.0414 0x09e4 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:57:03.0448 0x09e4 volmgr - ok 18:57:03.0595 0x09e4 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:57:03.0643 0x09e4 volmgrx - ok 18:57:03.0706 0x09e4 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:57:03.0748 0x09e4 volsnap - ok 18:57:03.0780 0x09e4 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 18:57:03.0823 0x09e4 vsmraid - ok 18:57:03.0946 0x09e4 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe 18:57:04.0105 0x09e4 VSS - ok 18:57:04.0171 0x09e4 [ AA399E12D98F3CF7B5481A963C9D9AD6, 0E6CC89B47DC31F7AC9C8D533F62C4A38A65ABFF157FCE233A2FE04A4F26C63E ] vtcdrv C:\Windows\system32\DRIVERS\vtcdrv.sys 18:57:04.0257 0x09e4 vtcdrv - ok 18:57:04.0342 0x09e4 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll 18:57:04.0402 0x09e4 W32Time - ok 18:57:04.0447 0x09e4 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 18:57:04.0547 0x09e4 WacomPen - ok 18:57:04.0599 0x09e4 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 18:57:04.0648 0x09e4 Wanarp - ok 18:57:04.0658 0x09e4 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:57:04.0685 0x09e4 Wanarpv6 - ok 18:57:04.0753 0x09e4 [ 779F9C90D3FE9C70B6FFD8EF035F3E83, 4E38026BA53139B4A10D5E8F00413FAF442A2A42FE1388FCF2155F07BE826750 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 18:57:04.0811 0x09e4 WcesComm - ok 18:57:05.0001 0x09e4 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:57:05.0109 0x09e4 wcncsvc - ok 18:57:05.0149 0x09e4 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:57:05.0202 0x09e4 WcsPlugInService - ok 18:57:05.0251 0x09e4 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys 18:57:05.0289 0x09e4 Wd - ok 18:57:05.0389 0x09e4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:57:05.0446 0x09e4 Wdf01000 - ok 18:57:05.0540 0x09e4 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:57:05.0606 0x09e4 WdiServiceHost - ok 18:57:05.0613 0x09e4 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:57:05.0653 0x09e4 WdiSystemHost - ok 18:57:05.0714 0x09e4 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll 18:57:05.0774 0x09e4 WebClient - ok 18:57:05.0841 0x09e4 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:57:05.0926 0x09e4 Wecsvc - ok 18:57:05.0992 0x09e4 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:57:06.0030 0x09e4 wercplsupport - ok 18:57:06.0107 0x09e4 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll 18:57:06.0178 0x09e4 WerSvc - ok 18:57:06.0410 0x09e4 [ 72CC6A8CA7891031D6380DB5025C773C, 33D5021C3A2FE8E9F6E2C22F4777E1D82A6B3998EB857B618A3C8838D3C8B03E ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys 18:57:06.0512 0x09e4 winachsf - ok 18:57:06.0674 0x09e4 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 18:57:06.0703 0x09e4 WinDefend - ok 18:57:06.0719 0x09e4 WinHttpAutoProxySvc - ok 18:57:07.0290 0x09e4 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:57:07.0324 0x09e4 Winmgmt - ok 18:57:07.0718 0x09e4 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll 18:57:07.0948 0x09e4 WinRM - ok 18:57:08.0028 0x09e4 [ 676F4B665BDD8053EAA53AC1695B8074, 98521FCB6B6B33DD8BF38A703745053481681C7981DFE5A59116D6BDE187D6F6 ] winusb C:\Windows\system32\DRIVERS\winusb.sys 18:57:08.0067 0x09e4 winusb - ok 18:57:08.0246 0x09e4 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll 18:57:08.0398 0x09e4 Wlansvc - ok 18:57:08.0745 0x09e4 [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:57:08.0940 0x09e4 wlidsvc - ok 18:57:08.0954 0x09e4 wltrysvc - ok 18:57:09.0074 0x09e4 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 18:57:09.0125 0x09e4 WmiAcpi - ok 18:57:09.0250 0x09e4 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:57:09.0299 0x09e4 wmiApSrv - ok 18:57:09.0477 0x09e4 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 18:57:09.0604 0x09e4 WMPNetworkSvc - ok 18:57:09.0701 0x09e4 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:57:09.0764 0x09e4 WPCSvc - ok 18:57:09.0830 0x09e4 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:57:09.0889 0x09e4 WPDBusEnum - ok 18:57:09.0965 0x09e4 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 18:57:09.0987 0x09e4 WpdUsb - ok 18:57:10.0348 0x09e4 [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 18:57:10.0433 0x09e4 WPFFontCache_v0400 - ok 18:57:10.0487 0x09e4 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:57:10.0554 0x09e4 ws2ifsl - ok 18:57:10.0606 0x09e4 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll 18:57:10.0654 0x09e4 wscsvc - ok 18:57:10.0663 0x09e4 WSearch - ok 18:57:10.0829 0x09e4 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll 18:57:11.0016 0x09e4 wuauserv - ok 18:57:11.0077 0x09e4 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:57:11.0169 0x09e4 WudfPf - ok 18:57:11.0232 0x09e4 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:57:11.0274 0x09e4 WUDFRd - ok 18:57:11.0325 0x09e4 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:57:11.0369 0x09e4 wudfsvc - ok 18:57:11.0429 0x09e4 [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys 18:57:11.0444 0x09e4 XAudio - ok 18:57:11.0503 0x09e4 [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe 18:57:11.0541 0x09e4 XAudioService - ok 18:57:11.0594 0x09e4 ================ Scan global =============================== 18:57:11.0647 0x09e4 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll 18:57:11.0733 0x09e4 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll 18:57:11.0772 0x09e4 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll 18:57:11.0847 0x09e4 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe 18:57:11.0867 0x09e4 [ Global ] - ok 18:57:11.0868 0x09e4 ================ Scan MBR ================================== 18:57:11.0898 0x09e4 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 18:57:12.0907 0x09e4 \Device\Harddisk0\DR0 - ok 18:57:12.0908 0x09e4 ================ Scan VBR ================================== 18:57:12.0912 0x09e4 [ B93FF57925F03DDE5D621F946BF708B6 ] \Device\Harddisk0\DR0\Partition1 18:57:12.0980 0x09e4 \Device\Harddisk0\DR0\Partition1 - ok 18:57:12.0985 0x09e4 [ 046F7E00435CD1781A70A2C4385D70AD ] \Device\Harddisk0\DR0\Partition2 18:57:13.0017 0x09e4 \Device\Harddisk0\DR0\Partition2 - ok 18:57:13.0018 0x09e4 ================ Scan generic autorun ====================== 18:57:13.0764 0x09e4 [ 5E59B10BC65AD62482E26722332C3836, 07C42D9FBF23E136C3A5B68382A1E365BFF4F427AF43C312667D580181D45687 ] C:\Program Files\ESET\ESET Smart Security\egui.exe 18:57:14.0198 0x09e4 egui - ok 18:57:14.0297 0x09e4 [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe 18:57:14.0323 0x09e4 SunJavaUpdateSched - ok 18:57:14.0395 0x09e4 [ D331734EC12CC7A5F14D89735432800F, 14F9B86C2BC998A1B2592371F7C63195F6F63906E31CFEE9A65D0FE0B1FED501 ] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe 18:57:14.0472 0x09e4 ATICCC - detected UnsignedFile.Multi.Generic ( 1 ) 18:57:14.0696 0x09e4 Detect skipped due to KSN trusted 18:57:14.0696 0x09e4 ATICCC - ok 18:57:14.0890 0x09e4 [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files\iTunes\iTunesHelper.exe 18:57:14.0928 0x09e4 iTunesHelper - ok 18:57:15.0122 0x09e4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe 18:57:15.0165 0x09e4 Google Update - ok 18:57:15.0167 0x09e4 Waiting for KSN requests completion. In queue: 64 18:57:16.0276 0x09e4 AV detected via SS2: ESET Smart Security 6.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 6.0.314.0 ), 0x41000 ( enabled : updated ) 18:57:16.0281 0x09e4 FW detected via SS2: ESET Persoonlijke firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 6.0.314.0 ), 0x41010 ( enabled ) 18:57:16.0384 0x09e4 ============================================================ 18:57:16.0384 0x09e4 Scan finished 18:57:16.0384 0x09e4 ============================================================ 18:57:16.0399 0x0a94 Detected object count: 1 18:57:16.0400 0x0a94 Actual detected object count: 1 18:57:46.0484 0x0a94 MDM ( UnsignedFile.Multi.Generic ) - skipped by user 18:57:46.0484 0x0a94 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
  9. Haringvliet
    Nogmaals super bedankt voor de hulp. Met ander forum bedoelde ik een ander onderdeel van dit forum, omdat de conclusie is geen virus of adware. Bijna 5 minuten is toch te lang ? Er moet toch iets zijn waardoor het zo lang duurt ?
  10. Haringvliet
    Deflaggler gedaan. Ging goed. Maar opstarttijd 282.543 seconden. Conclusie geen virus geen adware ? Ander forum proberen ?
  11. Haringvliet
    Boot Timer geeft een opstart tijd van 304.769 seconden. Ik weet niet of dit normaal is voor een 6 jaar oude laptop met deze specs. Ik ben in ieder geval al blij dat hij virus en adware vrij is.
  12. Haringvliet
    Nog steeds super bedankt voor de hulp. Ik gebruik soluto om opstart items uit te zetten of uit te stellen. Verder gebruik ik ook Ccleaner, al jaren. Geweldig programma , Hier is het log : Nee HKCU:Run ApplePhotoStreams Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe Nee HKCU:Run DAEMON Tools Lite DT Soft Ltd "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun Ja HKCU:Run Google Update Google Inc. "C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe" /c Nee HKCU:Run Google+ Auto Backup Google Inc. "C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart Nee HKCU:Run IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} Nero AG "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 Ja HKCU:Run ISUSPM Macrovision Corporation "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler Nee HKCU:Run ISUSPM Macrovision Corporation "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler Nee HKCU:Run msnmsgr Microsoft Corporation "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background Nee HKCU:Run TomTomHOME.exe TomTom "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" Nee HKCU:Run WMPNSCFG Microsoft Corporation C:\Program Files\Windows Media Player\WMPNSCFG.exe Nee HKLM:Run Adobe Reader Speed Launcher Adobe Systems Incorporated "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" Nee HKLM:Run APSDaemon Apple Inc. "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" Nee HKLM:Run BCSSync Microsoft Corporation "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices Nee HKLM:Run Broadcom Wireless Manager UI Dell Inc. C:\Windows\system32\WLTRAY.exe Ja HKLM:Run egui ESET "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice Nee HKLM:Run Google Desktop Search Google "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup Nee HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe" Nee HKLM:Run KeePass 2 PreLoad Dominik Reichl "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload Nee HKLM:Run Malwarebytes' Anti-Malware Malwarebytes Corporation "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray Nee HKLM:Run NBKeyScan Nero AG "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" Nee HKLM:Run NeroFilterCheck Nero AG C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe Nee HKLM:Run Nikon Message Center 2 Nikon Corporation C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s Nee HKLM:Run QuickTime Task Apple Inc. "C:\Program Files\QuickTime\QTTask.exe" -atboottime Nee HKLM:Run SigmatelSysTrayApp SigmaTel, Inc. sttray.exe Ja HKLM:Run Soluto Soluto c:\program files\soluto\soluto.exe /init Ja HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files\Common Files\Java\Java Update\jusched.exe" Nee HKLM:Run SynTPEnh Synaptics, Inc. C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Nee HKLM:Run Windows Defender Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCui.exe -hide Nee HKLM:Run Windows Mobile-based device management Microsoft Corporation %windir%\WindowsMobile\wmdSync.exe Nee Startup Common Digital Line Detect.lnk C:\PROGRA~1\DIGITA~1\DLG.exe Nee Startup Common VideoCam Suite 2.0.lnk Panasonic Corporation C:\PROGRA~1\PANASO~1\VIDEOC~1\VIDEOC~2.EXE Nee Startup User MagicDisc.lnk MagicISO, Inc. C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE Nee Startup User Sprookjesboom.lnk C:\PROGRA~1\Efteling\SPROOK~1\SPROOK~1\SPROOK~1.EXE
  13. Haringvliet
    Ik merk tijdens het surfen dat hij beter en sneller reageert, maar het opstarten zit nog steeds rond de 6 minuten. Heb je kunnen zien in de log dat er belangrijke dingen verwijderd zijn ? Kan ik nog iets anders doen ?
  14. Haringvliet
    Ik ben benieuwd Dit is het log. Hij liep wel vast tijdens het verwijderen # AdwCleaner v3.022 - Report created 16/03/2014 at 11:10:17 # Updated 13/03/2014 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : Maarten - PC_VAN_MAARTEN # Running from : C:\Users\Maarten\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Browser Manager Folder Deleted : C:\ProgramData\Registry Helper Folder Deleted : C:\ProgramData\wincert Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\myfree codec Folder Deleted : C:\Program Files\Search Results Toolbar Folder Deleted : C:\Program Files\VideoDownloadConverter Folder Deleted : C:\Program Files\VideoDownloadConverter_4z Folder Deleted : C:\Windows\system32\AI_RecycleBin Folder Deleted : C:\Users\Maarten\AppData\Local\iac Folder Deleted : C:\Users\Maarten\AppData\Local\OpenCandy Folder Deleted : C:\Users\Maarten\AppData\Local\VideoDownloadConverter_4z Folder Deleted : C:\Users\Maarten\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Maarten\AppData\LocalLow\searchresultstb Folder Deleted : C:\Users\Maarten\AppData\LocalLow\VideoDownloadConverter_4z Folder Deleted : C:\Users\Maarten\AppData\Roaming\registry mechanic ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol Key Deleted : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter.ScriptHelper Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter.ScriptHelper.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1 Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3719959C-1CCD-4FA7-8EBB-7D9DED86FCCB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8A4E8BCB-5598-4CAF-9DEC-4D452760E28D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FF48DBA6-5DD8-4D10-9EB0-0FA968502E66} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{37923200-6887-4B44-95D4-CAE8F83ECFEE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{385F1935-3784-48D0-A61F-6385493DED3C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A4E8BCB-5598-4CAF-9DEC-4D452760E28D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}] Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\AutocompleteProBHO Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\Myfree Codec Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\VideoDownloadConverter_4z Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\iLividSRTB Key Deleted : HKLM\Software\Myfree Codec Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\VideoDownloadConverter Key Deleted : HKLM\Software\VideoDownloadConverter_4z Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Firefox Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AutocompletePro3_is1 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Orbit_is1 ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16540 -\\ Google Chrome v [ File : C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [13223 octets] - [16/03/2014 11:07:16] AdwCleaner[s0].txt - [13491 octets] - [16/03/2014 11:10:17] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [13552 octets] ##########
  15. Haringvliet
    Dit is de log van zoek.exe Ik hoop dat je iets kunt vinden, Alvast bedankt voor de hulp : Zoek.exe v5.0.0.0 Updated 20-September-2014 Tool run by Maarten on zo 21-09-2014 at 13:56:32,27. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Maarten\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 21-9-2014 14:00:15 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Atari deleted successfully C:\Program Files\AVS4YOU deleted successfully C:\Program Files\Dell Support Center deleted successfully C:\Program Files\GUM327D.tmp deleted successfully C:\Program Files\Konvertor deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\Xenocode deleted successfully C:\PROGRA~2\boost_interprocess deleted successfully C:\PROGRA~2\Pinnacle Studio Plus deleted successfully C:\PROGRA~2\Roxio deleted successfully C:\Users\Maarten\AppData\Roaming\GrabPro deleted successfully C:\Users\Maarten\AppData\Roaming\NeroDigital™ deleted successfully C:\Users\Maarten\AppData\Roaming\TorrentStream deleted successfully C:\Users\Maarten\AppData\Roaming\Vso deleted successfully C:\Users\Maarten\AppData\Local\CrashDumps deleted successfully C:\Users\Maarten\AppData\Local\Kriptomatik deleted successfully C:\Users\Maarten\AppData\Local\ms-drivers deleted successfully C:\Users\Maarten\AppData\Local\NFS Underground 2 deleted successfully C:\Users\Maarten\AppData\Local\Nikon deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2139887809-2387514099-1841595653-1000\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2139887809-2387514099-1841595653-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully HKEY_USERS\S-1-5-21-2139887809-2387514099-1841595653-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully ==== Installed Programs ====================== 7-Zip 9.20 Aan de slag met Dell Aangifte inkomstenbelasting 2009 Aangifte inkomstenbelasting 2010 Aangifte inkomstenbelasting 2011 Aangifte inkomstenbelasting 2012 Aangifte inkomstenbelasting 2013 ACE Stream Media 2.0.13.1 Adobe AIR Adobe Digital Editions Adobe Flash Player 13 Plugin Adobe Flash Player 14 ActiveX Adobe Reader 8.2.0 Adobe Shockwave Player 12.0 Advertising Center AmbraSoft TafelTrainer 0910 Apple Application Support Apple Mobile Device Support Apple Software Update ATI Catalyst Control Center Ex ATI PCI Express (3GIO) Filter Driver AXIS Media Control AXIS Media Control Embedded Bonjour Broadcom Management Programs Browser Address Error Redirector CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CloneDVD2 Compatibiliteitspakket voor het 2007 Microsoft Office system Compatibility Pack for the 2007 Office system Conexant HDA D330 MDC V.92 Modem ConvertXtoDVD 3.4.7.121 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Defraggler Dell draadloze WLAN-kaart Dell Touchpad Designer NeroSuite 11.0.11000 Dokan Library 0.5.3 DolbyFiles Dolphin Futures XPS Viewer version 1.1.0 DVD Shrink 3.2 EDocs ESET Smart Security ffdshow [rev 1723] [2007-12-24] FP1112 Google Chrome Google Desktop Google Drive Google Update Helper Google+ Auto Backup GrabIt 1.7.2 Beta 6 (build 1008) HandBrake 0.9.6 Hema Album Software Advanced HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HouseCall 6.6 Huur- en zorgtoeslag 2011 iCloud ImagXpress ImgBurn inSSIDer 3 Intel A/V Codecs V2.0 iPhone-configuratieprogramma iPhone Folders IsoBuster 2.4 iTunes Java 7 Update 55 Java Auto Updater Java 6 Update 39 Juniper Networks Host Checker Juniper Networks Setup Client Juniper Terminal Services Client Junk Mail filter update KeePass Password Safe 2.25 MagicDisc 2.7.106 Malwarebytes Anti-Malware versie 1.75.0.1300 MediaCoder 0.7.5.4780 MediaMonkey 4.0 Medieval CUE Splitter Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2833941) Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SkyDrive Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 Microsoft Works Microsoft XML Parser MobileMe Control Panel Modem Diagnostic Tool Mp3 Mixer MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NAVIGON Fresh 3.5.1 Nero 11 Nero 8 Nero 8 Micro 8.3.2.1 Nero 9 Essentials Nero BurnRights Nero BurnRights Help Nero ControlCenter Nero CoverDesigner Nero CoverDesigner Help Nero Disc Copy Gadget Nero Disc Copy Gadget Help Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero PhotoSnap Nero PhotoSnap Help Nero Recode Nero Recode Help Nero ShowTime Nero StartSmart Nero StartSmart Help Nero StartSmart OEM Nero Vision Nero Vision Help NeroExpress neroxml Nikon File Uploader 2 Nikon Message Center 2 Offline Rekening Overzicht OGA Notifier 2.0.0048.0 PCStreams Picasa 3 Pinnacle Studio 14 PoiEdit QuickPar 0.9 QuickSet QuickTime Safari Samsung Kies Samsung Master Samsung PC Studio 3 USB Driver Installer SAMSUNG USB Driver for Mobile Phones SDFormatter Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Segoe UI Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shockwave Director 10.4 Should I Remove It SigmaTel Audio Soluto Sonic CinePlayer Decoder Pack SopCast 3.5.0 Spotnet swMSM SyncBack SyncBackFree Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL TomTom HOME TomTom HOME Visual Studio Merge Modules Top-Fotoalbum NL TreeSize Free V3.1 TVersity Codec Pack 1.2 TVersity Media Server 1.7.4.1 Beta TVUPlayer 2.5.3.1 Unity Web Player Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition VCRedistSetup Veetle TV VideoCam Suite 2.0 Virtual DJ - Atomix Productions VirtualDJ Home FREE Vistumbler VLC media player 2.1.1 Windows Driver Package - Telechips Inc (vtcdrv) USB (05/07/2010 5.0.0.1) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR 5.00 (32-bit) Xvid 1.1.3 final uninstall yDGpatch v1.2 YouTube Downloader App 2.03 ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\SLsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Windows\system32\taskeng.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Users\Maarten\Downloads\zoek.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k WindowsMobile ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\Java deleted C:\Program Files\VDownloader deleted C:\Program Files\SopCast deleted C:\found.000 deleted C:\PROGRA~2\__wdump.txt deleted C:\Users\Maarten\Downloads\SopCast.apk deleted C:\Windows\system32\RegistryHelperLM.ocx deleted C:\Users\Maarten\AppData\Roaming\cuaudt.exe deleted "C:\Users\Maarten\AppData\Roaming\chrtmp" deleted "C:\Users\Maarten\AppData\Roaming\InkjetPrinter" deleted "C:\Users\Maarten\AppData\Roaming\Instrument Library" deleted "C:\Users\Maarten\AppData\Roaming\Temp" deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 1918 MB CPU Info: AMD Athlon 64 X2 Dual-Core Processor TK-57 CPU Speed: 1896,9 MHz Sound Card: Luidsprekers / Koptelefoon (Sig | Display Adapters: ATI Radeon Xpress 1150 | ATI Radeon Xpress 1150 | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: Sitecom 300N USB adapter X2 WL-344 | Broadcom 440x 10/100 Integrated Controller CD / DVD Drives: 7x (E: | F: | G: | H: | I: | J: | K: | ) E: TSSTcorpDVD+-RW TS-L632H | F: NATW FCP6BKD6FODE | G: MagicISOVirtual DVD-ROM | H: NATW FCP6BKD6FODE | I: MagicISOVirtual DVD-ROM | J: MagicISOVirtual DVD-ROM | K: MagicISOVirtual DVD-ROM Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 101,7GB | D: 10,0GB Hard Disks - Free: C: 13,9GB | D: 5,7GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 12/07/07 | DELL - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: Dell Inc. 0WY383 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: ESET Smart Security 6.0 On-access scanning disabled (Outdated) Anti-Spyware: ESET Smart Security 6.0 disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: ESET Persoonlijke firewall disabled Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 37.0.2062.120 Adobe Reader version: 8.2.0.81 Flash Player version: 13.0.0.206 Shockwave Player version: 12.0r112 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Maarten\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-09-15 21:33:46 FE691B361D07AC3300B7A51BFC4BEC1B 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2014-09-15 21:33:46 D4745B46902CD8AC0CD974E4D5E38267 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2014-09-15 21:33:46 405C1EC7BE397F21E4EDE16667E496E8 421376 ----a-w- C:\Windows\System32\vbscript.dll 2014-09-15 21:33:45 E07CE887E2246371EF64441502B05793 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2014-09-15 21:33:45 DD97EC2C89A3D8FEE768F1F37EE7533F 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2014-09-15 21:33:45 D62F5AA039D2D02638DB10F6CD6C47B8 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-09-15 21:33:45 2C085F2B206B04C562A9A88AC9C455EF 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2014-09-15 21:33:44 F7E8557B6836468E7D868A13160E94B6 1802240 ----a-w- C:\Windows\System32\iertutil.dll 2014-09-15 21:33:44 6B891B114A16439BD6BB5156C2EC9E60 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2014-09-15 21:33:43 EF24DD30640D744DD9DA7B1AE5EC2D89 176640 ----a-w- C:\Windows\System32\ieui.dll 2014-09-15 21:33:43 CC448276E32A022550AEE3D50185DBFE 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-09-15 21:33:43 BAE2B45ED648DEA784A2048BDB22F3F8 1129472 ----a-w- C:\Windows\System32\wininet.dll 2014-09-15 21:33:43 7CD07B377F95BBB273C8CD6450BFB834 717824 ----a-w- C:\Windows\System32\jscript.dll 2014-09-15 21:33:42 F7B9C93616A82F5C9A7FFBA6E192A0C5 1810432 ----a-w- C:\Windows\System32\jscript9.dll 2014-09-15 21:33:42 E69FCA5328E3D6E132EB6A52E53FF342 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-09-15 21:33:41 711D1A2873264F181B4C6F0D2343DCDE 231936 ----a-w- C:\Windows\System32\url.dll 2014-09-15 21:33:41 1EE0EC7375527883E1CF3F17ACE62685 11776 ----a-w- C:\Windows\System32\mshta.exe 2014-09-15 21:33:40 F62B5A3A9F9DB1E87375CE290FB34102 1137664 ----a-w- C:\Windows\System32\urlmon.dll 2014-09-15 21:33:40 79C09B9CA4469BAAAEC38542ED6EFAC4 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-09-15 21:33:40 2FAECD5A4FAB516EB1CB321F75B31CCC 9739776 ----a-w- C:\Windows\System32\ieframe.dll 2014-09-15 21:33:38 B7E3AF84D1CF6CAA39EA69EF2734B517 12363264 ----a-w- C:\Windows\System32\mshtml.dll ====== C:\Windows\system32\drivers ===== 2014-09-07 09:46:51 4C6D311E0B13C4F469F717DB4AB4D0E7 263072 ----a-w- C:\Windows\System32\drivers\tmcomm.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-21 11:39:48 -------- d-----w- C:\Program Files\iPod 2014-09-21 09:33:26 -------- d-----w- C:\Program Files\Trend Micro 2014-09-07 09:39:52 -------- d-----w- C:\Program Files\JAM Software ======= C: ===== ====== C:\Users\Maarten\AppData\Roaming ====== 2014-09-07 09:56:33 EC25CB7CF7EFBEE84F33B3C69F54E5BC 10 ----a-w- C:\Users\Maarten\AppData\Local\sponge.last.runtime.cache ====== C:\Users\Maarten ====== 2014-09-21 11:41:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-21 11:39:22 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-09-21 11:19:55 955B519235602DD43D20B0312E9A3AC2 4901352 ----a-w- C:\Users\Maarten\Downloads\ccsetup417.exe 2014-09-21 10:15:36 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Maarten\Downloads\RSIT.exe 2014-09-07 09:39:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free ====== C: exe-files == 2014-09-21 11:25:14 7F0EA97D34043B6BC47FAB8BF472B3E5 77136 ----a-w- C:\Users\Maarten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJKIGUWM\SetupAdmin[1].exe 2014-09-21 11:25:14 7F0EA97D34043B6BC47FAB8BF472B3E5 77136 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.4.0.18\SetupAdmin.exe 2014-09-21 11:19:55 955B519235602DD43D20B0312E9A3AC2 4901352 ----a-w- C:\Users\Maarten\Downloads\ccsetup417.exe 2014-09-21 10:16:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Maarten.exe 2014-09-21 10:15:36 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Maarten\Downloads\RSIT.exe 2014-09-21 08:56:20 E8A50A9E177661FA99EE0871C3B16FDB 39982160 ----a-w- C:\Users\Maarten\AppData\Local\Google\Update\Install\{C1EC579B-5750-4F17-B784-58CC7B382F86}\37.0.2062.120_chrome_installer.exe 2014-09-21 08:56:19 E8A50A9E177661FA99EE0871C3B16FDB 39982160 ----a-w- C:\Users\Maarten\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.120\37.0.2062.120_chrome_installer.exe 2014-09-17 19:54:43 C9B76EA3AD6FDA6E7AD72F8AEB1A0C57 49216 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControl_f5bd0da6-d96b-4df3-85bf-84e7f5c7a68a\PCGAppControlPluginLoader.exe 2014-09-17 19:54:40 C9B76EA3AD6FDA6E7AD72F8AEB1A0C57 49216 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControl_84922b47-2b1f-48fa-bfc5-b9c4a3c5df79\PCGAppControlPluginLoader.exe 2014-09-17 19:51:57 198DC8EE284854EBDCB0977FCEA50B18 2391632 ----a-w- C:\Users\Maarten\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.120\37.0.2062.120_37.0.2062.103_chrome_updater.exe 2014-09-15 21:33:43 CC448276E32A022550AEE3D50185DBFE 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-09-15 21:33:43 B6F5F00B251EFFBD32109EF57E17AC3D 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-09-15 21:33:43 3D1A083C11E92E92B50AF8B6AEDF0305 469504 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-09-15 21:33:42 E69FCA5328E3D6E132EB6A52E53FF342 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-09-15 21:33:42 93CBEF3296471FA886BF070F9E8E8D2D 22528 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe 2014-09-15 21:33:41 6864C18818EB22D03A2D37C8C5586925 757968 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-09-15 21:33:41 1EE0EC7375527883E1CF3F17ACE62685 11776 ----a-w- C:\Windows\System32\mshta.exe 2014-09-15 20:14:29 C9B76EA3AD6FDA6E7AD72F8AEB1A0C57 49216 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControl_d2b9b5f5-a462-4e23-a8e1-b7a8d911f310\PCGAppControlPluginLoader.exe 2014-09-15 20:14:17 C9B76EA3AD6FDA6E7AD72F8AEB1A0C57 49216 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControl_bd590541-1a07-497f-bc35-11428dcf029d\PCGAppControlPluginLoader.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Google+ Auto Backup"="C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" [HKEY_USERS\S-1-5-21-2139887809-2387514099-1841595653-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Google+ Auto Backup"="C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "Soluto"="c:\program files\soluto\soluto.exe /init" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~2\\GoogleDesktopNetwork3.dll" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ApplePhotoStreams" "hkey"="HKCU" "command"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Broadcom Wireless Manager UI] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Broadcom Wireless Manager UI" "hkey"="HKLM" "command"="C:\\Windows\\system32\\WLTRAY.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files\\DAEMON Tools Lite\\daemon.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Desktop Search" "hkey"="HKLM" "command"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Maarten\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google+ Auto Backup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google+ Auto Backup" "hkey"="HKCU" "command"="\"C:\\Program Files\\Google\\Google+ Auto Backup\\Google+ Auto Backup.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IE New Window Maximizer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IE New Window Maximizer" "hkey"="HKCU" "command"="C:\\Program Files\\IE New Window Maximizer\\iemaximizer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Nero\\Lib\\NMIndexStoreSvr.exe\" ASO-616B5711-6DAE-4795-A05F-39A1E5104020" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ISUSPM" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\ISUSPM.exe\" -scheduler" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KeePass 2 PreLoad] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KeePass 2 PreLoad" "hkey"="HKLM" "command"="\"C:\\Program Files\\KeePass Password Safe 2\\KeePass.exe\" --preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes' Anti-Malware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Malwarebytes' Anti-Malware" "hkey"="HKLM" "command"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBKeyScan" "hkey"="HKLM" "command"="\"C:\\Program Files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroFilterCheck" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Nero\\Lib\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nikon Message Center 2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Nikon Message Center 2" "hkey"="HKLM" "command"="C:\\Program Files\\Nikon\\Nikon Message Center 2\\NkMC2.exe -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SigmatelSysTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SigmatelSysTrayApp" "hkey"="HKLM" "command"="sttray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Soluto] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Soluto" "hkey"="HKLM" "command"="c:\\program files\\soluto\\soluto.exe /init" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SynTPEnh" "hkey"="HKLM" "command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USBToolTip] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="USBToolTip" "hkey"="HKLM" "command"="C:\\PROGRA~1\\Pinnacle\\SHARED~1\\Programs\\USBTip\\USBTip.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows Defender" "hkey"="HKLM" "command"="%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile-based device management] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows Mobile-based device management" "hkey"="HKLM" "command"="%windir%\\WindowsMobile\\wmdSync.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WMPNSCFG] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WMPNSCFG" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk] "item"="Digital Line Detect" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Digital Line Detect.lnk" "backup"="C:\\Windows\\pss\\Digital Line Detect.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\DIGITA~1\\DLG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoCam Suite 2.0.lnk] "item"="VideoCam Suite 2.0" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\VideoCam Suite 2.0.lnk" "backup"="C:\\Windows\\pss\\VideoCam Suite 2.0.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\PANASO~1\\VIDEOC~1\\VIDEOC~2.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Maarten^AppData^Roaming^Microsoft^Windows^Network Shortcuts^Programs^Startup^MagicDisc.lnk] "path"="C:\\Users\\Maarten\\AppData\\Roaming\\Microsoft\\Windows\\Network Shortcuts\\Programs\\Startup\\MagicDisc.lnk" "backup"="C:\\Windows\\pss\\MagicDisc.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\MAGICD~1\\MAGICD~1.EXE " "item"="MagicDisc" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Maarten^AppData^Roaming^Microsoft^Windows^Network Shortcuts^Programs^Startup^Sprookjesboom.lnk] "item"="Sprookjesboom" "path"="C:\\Users\\Maarten\\AppData\\Roaming\\Microsoft\\Windows\\Network Shortcuts\\Programs\\Startup\\Sprookjesboom.lnk" "backup"="C:\\Windows\\pss\\Sprookjesboom.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\Efteling\\SPROOK~1\\SPROOK~1\\SPROOK~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Ati External Event Utility] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\bgsvcgen] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DokanMounter] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FsUsbExService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GoogleDesktopManager-051210-111108] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IDriverT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMScheduler] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Nero BackItUp Scheduler 3] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Nero BackItUp Scheduler 4.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NMIndexingService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SolutoLauncherService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SolutoRemoteService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SolutoService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\STacSV] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TVersityMediaServer] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wltrysvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\XAudioService] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [16-06-2014 19:26] C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce8215787de382.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-06-2011 12:15] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-06-2011 12:15] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18Core.job --a------ C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [08-02-2014 09:33] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18UA.job --a------ C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [08-02-2014 09:33] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2139887809-2387514099-1841595653-1000Core.job --a------ C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe [10-07-2010 09:27] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2139887809-2387514099-1841595653-1000UA.job --a------ C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe [10-07-2010 09:27] C:\Windows\tasks\SyncBack Backup mijn documenten.job --a------ C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe [08-11-2010 16:42] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1ce8215787de382" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-18Core" [C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-18UA" [C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2139887809-2387514099-1841595653-1000Core" [C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2139887809-2387514099-1841595653-1000UA" [C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [02-09-2009 00:02] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "magicplayer@torrentstream.org"="C:\Users\Maarten\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org" [22-12-2013 11:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Maarten\AppData\Roaming\TomTom\HOME\Profiles\x0xyfefb.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ochbjojkpcmlfeagbaahkofepalngihg - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\Maarten\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[12-10-2013 16:44] Google Drive - Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Wallet - Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Drive - Maarten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Wallet - Maarten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Drive - Maarten\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Wallet - Maarten\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Docs - Maarten\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Maarten\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Maarten\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Maarten\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Maarten\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Maarten\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Maarten\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Maarten\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Maarten\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Maarten\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Maarten\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Maarten\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Maarten\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Maarten\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Maarten\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Maarten\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Maarten\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Maarten\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Profile 4\Preferences "homepage": "http://intranet/", "urls_to_restore_on_startup": [ "https://mail.google.com/mail/#inbox", "https://www.google.com/calendar/render?tab=mc", "http://intranet/", "http://10.0.10.13/prd/content/afdelingsinformatie/index.prijslijsten.php" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {45D86458-6F40-4CA4-BFA0-36546BB437E1} Google Url="https://www.google.com/search?q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2139887809-2387514099-1841595653-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-2139887809-2387514099-1841595653-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-2139887809-2387514099-1841595653-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-2139887809-2387514099-1841595653-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ochbjojkpcmlfeagbaahkofepalngihg deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IE New Window Maximizer deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [soluto] c:\program files\soluto\soluto.exe /init O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [Google+ Auto Backup] "C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Google+ Auto Backup] "C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://portal.mijndmg.nl/dana-cached/sc/JuniperSetupClient.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Maarten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Profile 3\Cache emptied successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Profile 4\Cache emptied successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Profile 5\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1407 folders=98 249378897 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Maarten\AppData\Local\temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Maarten\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Maarten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on zo 21-09-2014 at 21:18:08,30 ======================
  16. Haringvliet
    Allereerst super bedankt, dat je wil mee kijken Dit is de log van RIST, ik hoop dat je iets kunt vinden: Logfile of random's system information tool 1.10 (written by random/random) Run by Maarten at 2014-09-21 12:16:43 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 13 GB (12%) free of 104 GB Total RAM: 1917 MB (44% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:16:52, on 21-9-2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16575) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Windows\system32\conime.exe C:\Users\Maarten\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Maarten\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Maarten\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Maarten\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Maarten\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Maarten\Downloads\RSIT.exe C:\Program Files\trend micro\Maarten.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file) O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [soluto] c:\program files\soluto\soluto.exe /init O4 - HKCU\..\Run: [Google Update] "C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [Google+ Auto Backup] "C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Google+ Auto Backup] "C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://portal.mijndmg.nl/dana-cached/sc/JuniperSetupClient.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 5670 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce8215787de382.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18Core.job - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18UA.job - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2139887809-2387514099-1841595653-1000Core.job - C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2139887809-2387514099-1841595653-1000UA.job - C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\SyncBack Backup mijn documenten.job - C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe -m "Backup mijn documenten" ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {C55BBCD6-41AD-48AD-9953-3609C48EACC7} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-04 5078504] "Soluto"=c:\program files\soluto\soluto.exe [2013-06-04 1230400] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-10 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-10-31 59720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe [2007-12-09 3444736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-08-08 490952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-17 30192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-10 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup] C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad] C:\Program Files\KeePass Password Safe 2\KeePass.exe [2014-02-03 2092032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2012-03-08 4280184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2010-05-25 619008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp] C:\Windows\sttray.exe [2007-04-24 303104] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Soluto] c:\program files\soluto\soluto.exe [2013-06-04 1230400] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1029416] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk] C:\PROGRA~1\DIGITA~1\DLG.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoCam Suite 2.0.lnk] C:\PROGRA~1\PANASO~1\VIDEOC~1\VIDEOC~2.EXE [2009-02-17 185688] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Maarten^AppData^Roaming^Microsoft^Windows^Network Shortcuts^Programs^Startup^MagicDisc.lnk] C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Maarten^AppData^Roaming^Microsoft^Windows^Network Shortcuts^Programs^Startup^Sprookjesboom.lnk] C:\PROGRA~1\Efteling\SPROOK~1\SPROOK~1\SPROOK~1.EXE [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=i263_32.drv "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "VIDC.MPG4"=mpg4c32.dll "VIDC.MP42"=mpg4c32.dll "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "vidc.XVID"=xvidvfw.dll "msacm.iac2"=C:\Windows\system32\iac25_32.ax "msacm.g723"=g723.acm "vidc.I263"=I263_32.drv "VIDC.IV41"=ir41_32.ax "vidc.iv50"=ir50_32.dll "msacm.siren"=sirenacm.dll "VIDC.FFDS"=ff_vfw.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "vidc.mjpg"=pvmjpg30.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-09-21 12:16:43 ----D---- C:\rsit 2014-09-21 11:33:26 ----D---- C:\Program Files\Trend Micro 2014-09-15 23:33:46 ----A---- C:\Windows\system32\vbscript.dll 2014-09-15 23:33:46 ----A---- C:\Windows\system32\mshtmled.dll 2014-09-15 23:33:45 ----A---- C:\Windows\system32\msfeedsbs.dll 2014-09-15 23:33:45 ----A---- C:\Windows\system32\msfeeds.dll 2014-09-15 23:33:45 ----A---- C:\Windows\system32\jsproxy.dll 2014-09-15 23:33:45 ----A---- C:\Windows\system32\dxtmsft.dll 2014-09-15 23:33:44 ----A---- C:\Windows\system32\iertutil.dll 2014-09-15 23:33:44 ----A---- C:\Windows\system32\dxtrans.dll 2014-09-15 23:33:43 ----A---- C:\Windows\system32\wininet.dll 2014-09-15 23:33:43 ----A---- C:\Windows\system32\msfeedssync.exe 2014-09-15 23:33:43 ----A---- C:\Windows\system32\jscript.dll 2014-09-15 23:33:43 ----A---- C:\Windows\system32\ieui.dll 2014-09-15 23:33:42 ----A---- C:\Windows\system32\jscript9.dll 2014-09-15 23:33:42 ----A---- C:\Windows\system32\ieUnatt.exe 2014-09-15 23:33:41 ----A---- C:\Windows\system32\url.dll 2014-09-15 23:33:41 ----A---- C:\Windows\system32\mshta.exe 2014-09-15 23:33:40 ----A---- C:\Windows\system32\urlmon.dll 2014-09-15 23:33:40 ----A---- C:\Windows\system32\ieframe.dll 2014-09-15 23:33:38 ----A---- C:\Windows\system32\mshtml.dll 2014-09-07 11:46:51 ----A---- C:\Windows\system32\drivers\tmcomm.sys 2014-09-07 11:39:52 ----D---- C:\Program Files\JAM Software 2014-08-30 17:27:50 ----A---- C:\Windows\system32\win32k.sys 2014-08-30 17:27:50 ----A---- C:\Windows\system32\gdi32.dll ======List of files/folders modified in the last 1 month====== 2014-09-21 12:16:52 ----D---- C:\Windows\Prefetch 2014-09-21 12:15:43 ----D---- C:\Windows\temp 2014-09-21 11:40:43 ----SHD---- C:\System Volume Information 2014-09-21 11:33:28 ----SHD---- C:\Windows\Installer 2014-09-21 11:33:26 ----RD---- C:\Program Files 2014-09-17 22:24:33 ----RSD---- C:\Windows\assembly 2014-09-17 22:24:33 ----D---- C:\Windows\Microsoft.NET 2014-09-17 21:36:59 ----D---- C:\Windows\system32\migration 2014-09-17 21:36:59 ----D---- C:\Windows\System32 2014-09-17 21:36:58 ----D---- C:\Program Files\Internet Explorer 2014-09-15 23:35:07 ----D---- C:\Windows\winsxs 2014-09-15 23:34:27 ----D---- C:\Windows\system32\catroot2 2014-09-15 23:34:17 ----D---- C:\Windows\system32\catroot 2014-09-15 23:32:25 ----D---- C:\ProgramData\Microsoft Help 2014-09-15 23:02:13 ----D---- C:\Windows\system32\MRT 2014-09-15 23:02:01 ----A---- C:\Windows\system32\mrt.exe 2014-09-15 22:55:42 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-09-15 22:55:38 ----D---- C:\Windows\inf 2014-09-07 11:47:46 ----D---- C:\Windows\system32\drivers 2014-08-30 16:34:21 ----D---- C:\Program Files\Offline Rekening Overzicht ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 7680] R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-02-20 47568] R0 Soluto;Soluto; C:\Windows\system32\Drivers\Soluto.sys [2013-06-04 51144] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-11-19 717296] R1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\USERS\MAARTEN\DOWNLOADS\EMSISOFTEMERGENCYKIT\RUN\a2ddax86.sys [2014-03-16 22056] R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-20 171680] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 122240] R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-01-10 46056] R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-11-04 214664] R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys [2010-07-05 84992] R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-01-10 150080] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-06-24 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-04-24 32256] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-06-24 8704] R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2007-04-24 45568] R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-06-24 980992] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-06-24 208384] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856] R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736] R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28u.sys [2009-04-03 718336] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-01-03 47360] R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-10-17 2085888] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-04-24 323584] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-27 193456] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-06-24 661504] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-07-20 25288] S3 a3xdb27z;a3xdb27z; C:\Windows\system32\drivers\a3xdb27z.sys [] S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [] S3 BCM43XX;Stuurprogramma voor de Dell draadloze WLAN-kaart; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-12-07 1044984] S3 catchme;catchme; \??\C:\Users\Maarten\AppData\Local\Temp\catchme.sys [] S3 cleanhlp;cleanhlp; \??\C:\Users\Maarten\Downloads\EmsisoftEmergencyKit\Run\cleanhlp32.sys [2014-03-16 50200] S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [] S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [2007-09-25 15152] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-04-03 83864] S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2011-06-07 20032] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 e1express;Stuurprogramma voor Intel® PRO/1000 PCI Express-netwerkverbinding; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2013-04-18 37344] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2014-08-16 40776] S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-11-04 79816] S3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-11-04 35272] S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-09-16 34248] S3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-11-04 40552] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-04-03 181912] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344] S3 vtcdrv;VTC Driver v5.0.0.1; C:\Windows\system32\DRIVERS\vtcdrv.sys [2010-05-07 18688] S3 winusb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S4 rimsptsk;rimsptsk; C:\Windows\system32\drivers\rimsptsk.sys [2007-04-24 43520] S4 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\drivers\rixdptsk.sys [2007-04-24 37376] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-03-04 1341664] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-19 136176] S2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2013-06-04 746048] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-19 136176] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 553288] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168] S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-16 262320] S4 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-10-17 557056] S4 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2007-06-15 145504] S4 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504] S4 DokanMounter;DokanMounter; C:\Program Files\Dokan\DokanLibrary\mounter.exe [2010-07-05 11776] S4 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2013-04-18 233472] S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-17 30192] S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032] S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S4 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672] S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-10-13 935208] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784] S4 SolutoLauncherService;Soluto Launcher Service; C:\Program Files\Soluto\SolutoLauncherService.exe [2013-06-04 166976] S4 SolutoRemoteService;Soluto Remote Service; C:\Program Files\Soluto\SolutoRemoteService.exe [2013-06-04 1395712] S4 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-04-24 90112] S4 TVersityMediaServer;TVersityMediaServer; C:\Users\Maarten\AppData\Local\TVersity\Media Server\MediaServer.exe [2010-01-19 856064] S4 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-12-09 24064] S4 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-06-24 386560] -----------------EOF-----------------
  17. Haringvliet
    Wie wil mij helpen met het volgende : Al veel virus scan's gedaan , zonder resultaat. Laptop start heeeeel langzaam op. Als hulp heb ik een hijackthis log erbij gedaan. Alvast bedankt , Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:36:50, on 21-9-2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16575) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Windows\system32\conime.exe C:\Users\Maarten\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Maarten\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Maarten\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file) O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [soluto] c:\program files\soluto\soluto.exe /init O4 - HKCU\..\Run: [Google Update] "C:\Users\Maarten\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [Google+ Auto Backup] "C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Google+ Auto Backup] "C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://portal.mijndmg.nl/dana-cached/sc/JuniperSetupClient.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 5467 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.