E-Peek v 1.0.5.6 © Emphyrio/Onsia Patrick 2013-2014 Downloaded @ [url=http://www.antimalwarehelp.be/EDev/Tools/E-Peek/EPeekDL.html]E Dev[/url] Run at di 25 nov 2014 18:07 . Windows 7 Starter SP 1 (32 bits) C:\Windows [NTFS - Fixed] Default Browser: Firefox 33.1.1 (x86 nl) Boot mode: Normal boot User logged in: Marja . Java x86: n/a . AV : avast! Antivirus [Updated - Running] AS : Windows Defender [Updated - Running] AS : avast! Antivirus [Updated - Running] FW : Windows firewall . ==================== Files and Folders history ================================= Folders Created Last 7 days : 25-11-2014 ##### r-h-s-d+a- C:\Program Files\E Dev 21-11-2014 ##### r-h-s-d+a- C:\Users\Marja\AppData\Roaming\HpUpdate 21-11-2014 ##### r-h-s-d+a- C:\Users\Marja\AppData\Local\PopcornTimeDesktop 21-11-2014 ##### r-h-s-d+a- C:\Users\Marja\AppData\Local\HP 21-11-2014 ##### r-h-s-d+a- C:\Users\Marja\AppData\Local\Hewlett-Packard 21-11-2014 ##### r-h-s-d+a- C:\ProgramData\Visan 21-11-2014 ##### r-h-s-d+a- C:\ProgramData\HP Photo Creations 21-11-2014 ##### r-h-s-d+a- C:\ProgramData\HP 21-11-2014 ##### r-h-s-d+a- C:\Program Files\HP Photo Creations 21-11-2014 ##### r-h-s-d+a- C:\Program Files\Hp 21-11-2014 ##### r-h-s-d+a- C:\Program Files\Hewlett-Packard 21-11-2014 ##### r-h-s-d+a- C:\Program Files\Gadwin Systems 21-11-2014 ##### r-h+s+d+a- C:\Users\Marja\AppData\Local\EmieBrowserModeList 19-11-2014 ##### r-h-s-d+a- C:\Program Files\CCleaner 19-11-2014 ##### r-h-s-d+a- C:\AdwCleaner 18-11-2014 ##### r-h-s-d+a- C:\ProgramData\Microsoft OneDrive 18-11-2014 ##### r-h-s-d+a- C:\Program Files\Microsoft OneDrive 18-11-2014 ##### r-h+s-d+a- C:\OneDriveTemp 18-11-2014 ##### r+h-s-d+a- C:\Users\Marja\OneDrive Files Modified Last 7 days : 25-11-2014 00016160 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 25-11-2014 00016160 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 21-11-2014 00272304 r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT 21-11-2014 00000000 r-h-s-d-a+ C:\Windows\system32\look.txt 18-11-2014 01670108 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI 18-11-2014 00745702 r-h-s-d-a+ C:\Windows\system32\perfh013.dat 18-11-2014 00654168 r-h-s-d-a+ C:\Windows\system32\perfh009.dat 18-11-2014 00153364 r-h-s-d-a+ C:\Windows\system32\perfc013.dat 18-11-2014 00121782 r-h-s-d-a+ C:\Windows\system32\perfc009.dat Files Created Last 7 days : 21-11-2014 00597512 r-h-s-d-a- C:\Windows\system32\HPDiscoPMC211.dll 21-11-2014 00000057 r-h-s-d-a+ C:\ProgramData\Ament.ini 21-11-2014 00000000 r-h-s-d-a+ C:\Windows\system32\look.txt 19-11-2014 00550912 r-h-s-d-a+ C:\Windows\system32\kerberos.dll 19-11-2014 00186880 r-h-s-d-a+ C:\Windows\system32\pku2u.dll 18-11-2014 19781632 r-h-s-d-a+ C:\Windows\system32\mshtml.dll 18-11-2014 12819456 r-h-s-d-a+ C:\Windows\system32\ieframe.dll 18-11-2014 04298240 r-h-s-d-a+ C:\Windows\system32\jscript9.dll 18-11-2014 02724864 r-h-s-d-a+ C:\Windows\system32\mshtml.tlb 18-11-2014 02379264 r-h-s-d-a+ C:\Windows\system32\win32k.sys 18-11-2014 02277376 r-h-s-d-a+ C:\Windows\system32\iertutil.dll 18-11-2014 02051072 r-h-s-d-a+ C:\Windows\system32\inetcpl.cpl 18-11-2014 01892864 r-h-s-d-a+ C:\Windows\system32\wininet.dll 18-11-2014 01310208 r-h-s-d-a+ C:\Windows\system32\urlmon.dll 18-11-2014 01155072 r-h-s-d-a+ C:\Windows\system32\mshtmlmedia.dll 18-11-2014 00708096 r-h-s-d-a+ C:\Windows\system32\ieapfltr.dll 18-11-2014 00688640 r-h-s-d-a+ C:\Windows\system32\msfeeds.dll 18-11-2014 00683008 r-h-s-d-a+ C:\Windows\system32\ie4uinit.exe 18-11-2014 00667648 r-h-s-d-a+ C:\Windows\system32\MsSpellCheckingFacility.exe 18-11-2014 00620032 r-h-s-d-a+ C:\Windows\system32\jscript9diag.dll 18-11-2014 00571904 r-h-s-d-a+ C:\Windows\system32\oleaut32.dll 18-11-2014 00519680 r-h-s-d-a+ C:\Windows\system32\qdvd.dll 18-11-2014 00501248 r-h-s-d-a+ C:\Windows\system32\vbscript.dll 18-11-2014 00478208 r-h-s-d-a+ C:\Windows\system32\ieui.dll 18-11-2014 00418304 r-h-s-d-a+ C:\Windows\system32\dxtmsft.dll 18-11-2014 00341168 r-h-s-d-a+ C:\Windows\system32\iedkcs32.dll 18-11-2014 00285696 r-h-s-d-a+ C:\Windows\system32\dxtrans.dll 18-11-2014 00168960 r-h-s-d-a+ C:\Windows\system32\msrating.dll 18-11-2014 00115712 r-h-s-d-a+ C:\Windows\system32\ieUnatt.exe 18-11-2014 00102912 r-h-s-d-a+ C:\Windows\system32\ieetwcollector.exe 18-11-2014 00076288 r-h-s-d-a+ C:\Windows\system32\mshtmled.dll 18-11-2014 00064000 r-h-s-d-a+ C:\Windows\system32\MshtmlDac.dll 18-11-2014 00062464 r-h-s-d-a+ C:\Windows\system32\iesetup.dll 18-11-2014 00060416 r-h-s-d-a+ C:\Windows\system32\JavaScriptCollectionAgent.dll 18-11-2014 00047616 r-h-s-d-a+ C:\Windows\system32\ieetwproxystub.dll 18-11-2014 00047104 r-h-s-d-a+ C:\Windows\system32\jsproxy.dll 18-11-2014 00030720 r-h-s-d-a+ C:\Windows\system32\iernonce.dll 18-11-2014 00004096 r-h-s-d-a+ C:\Windows\system32\ieetwcollectorres.dll ==================== RUNNING PROCESSES ========================================= [AdobeARM] -Marja- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - (Adobe Systems Incorporated) [armsvc] -SYSTEM- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated) [AvastSvc] -SYSTEM- C:\Program Files\AVAST Software\Avast\AvastSvc.exe - (AVAST Software) [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation) [EgisUpdate] -Marja- C:\Program Files\EgisTec IPS\EgisUpdate.exe - (Egis Technology Inc.) [ePowerEvent] -SYSTEM- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe - (Acer Incorporated) [ePowerSvc] -SYSTEM- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe - (Acer Incorporated) [hkcmd] -Marja- C:\Windows\System32\hkcmd.exe - (Intel Corporation) [igfxpers] -Marja- C:\Windows\System32\igfxpers.exe - (Intel Corporation) [iSync] -Marja- C:\Program Files\Acer\Android Manager\iSync.exe - (Insyde Software Corp.) [smss] -SYSTEM- C:\Windows\system32\smss.exe - (Microsoft Corporation) [spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation) [SynTPHelper] -Marja- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - (Synaptics Incorporated) [taskhost] -Marja- C:\Windows\system32\taskhost.exe - (Microsoft Corporation) [wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation) [WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [WmiPrvSE] -SYSTEM- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation) ==================== IE PAGES ================================================== IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://acer.msn.com IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://acer.msn.com IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE12 - HKLM\..\Toolbar{8dcb7100-df86-4384-8842-8fa844297b3f} @ Default = "C:\Program Files\Microsoft\BingBar\BingExt.dll" ==================== Auto Load ================================================= AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe, AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe ==================== Firefox =================================================== FF - ProfilePath - C:\Users\Marja\AppData\Roaming\Mozilla\firefox\Profiles\gfqwtlmw.default FF - Ext: [McAfee SiteAdvisor 3.5.0 ] - extension - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} visible: True active: False FF - Ext: [Avast Online Security 10.0.2502.149 ] - extension - wrc@avast.com visible: True active: False FF - Ext: [Default 33.1.1 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} visible: True active: True FF - PlugIn: [Adobe® Flash® Player 15.0.0.223 Plugin] - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll FF - PlugIn: [McAfee Total Protection] - c:\progra~1\mcafee\msc\npmcsn~1.dll FF - PlugIn: [SiteAdvisor Plugin] - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll FF - PlugIn: [Ag Player] - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll FF - PlugIn: [Microsoft SharePoint Plug-in for Firefox] - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL FF - PlugIn: [Windows Live Photo Gallery] - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll FF - PlugIn: [Windows Live Photo Gallery] - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll FF - PlugIn: [Google Update] - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll FF - PlugIn: [Google Update] - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll FF - PlugIn: [WildTangent Games App] - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - PlugIn: [Adobe Reader Plugin for Firefox] - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - prefs.js: user_pref("browser.startup.homepage", "about:home"); ==================== Google Chrome ============================================= GC - Prefpath: C:\Users\Marja\AppData\Local\Google\Chrome\User Data\Default\Preferences GC - Profile Name: Eerste gebruiker GC - Homepage: GC - Default Search Provider: n/a = Known Disabled Extensions = ==================== Windows Host File ========================================= ==================== BHO ======================================================= BHO - [avast! Online Security] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} @ Default = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO - [Windows Live ID Sign-in Helper] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO - [Bing Bar Helper] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} @ Default = "C:\Program Files\Microsoft\BingBar\BingExt.dll" ==================== Auto Start Programs ======================================= ASP01 - HKLM\..\Run @ Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" ASP01 - HKLM\..\Run @ AndroidManager = C:\Program Files\Acer\Android Manager\AML.exe ASP01 - HKLM\..\Run @ AvastUI.exe = "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui ASP01 - HKLM\..\Run @ EgisTecPMMUpdate = "C:\Program Files\EgisTec IPS\PmmUpdate.exe" ASP01 - HKLM\..\Run @ EgisUpdate = "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d ASP01 - HKLM\..\Run @ HotKeysCmds = C:\Windows\system32\hkcmd.exe ASP01 - HKLM\..\Run @ HP Software Update = C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe ASP01 - HKLM\..\Run @ IgfxTray = C:\Windows\system32\igfxtray.exe ASP01 - HKLM\..\Run @ iPatchData = C:\Program Files\Acer\Updater\iUpdate.exe ASP01 - HKLM\..\Run @ iSyncData = C:\Program Files\Acer\Android Manager\iSync.exe ASP01 - HKLM\..\Run @ LManager = C:\Program Files\Launch Manager\LManager.exe ASP01 - HKLM\..\Run @ Persistence = C:\Windows\system32\igfxpers.exe ASP01 - HKLM\..\Run @ Power Management = C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe ASP01 - HKLM\..\Run @ RtHDVCpl = C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s ASP01 - HKLM\..\Run @ SuiteTray = "C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" ASP01 - HKLM\..\Run @ SunJavaUpdateSched = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" ASP01 - HKLM\..\Run @ SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ASP04 - HKCU\..\Run @ CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR ASP04 - HKCU\..\Run @ Gadwin PrintScreen = C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash ASP04 - HKCU\..\Run @ SkyDrive = "C:\Users\Marja\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background ASP - Startup - C:\Users\Marja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ==================== Extra Items IE ============================================ EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia EI04 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll EI04 - App Ext - HKCU\..\Approved Extensions @ {8DCB7100-DF86-4384-8842-8FA844297B3F} = "C:\Program Files\Microsoft\BingBar\BingExt.dll" EI04 - App Ext - HKCU\..\Approved Extensions @ {8E5E2654-AD2D-48BF-AC2D-D17F00898D06} = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll EI04 - App Ext - HKCU\..\Approved Extensions @ {D2CE3E00-F94A-4740-988E-03DC2F38C34F} = "C:\Program Files\Microsoft\BingBar\BingExt.dll" ==================== Internet Default Prefix =================================== IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// ==================== Default Settings IE - DSIE ================================ DSIE - ieuinit.inf: START_PAGE= "http://go.microsoft.com/fwlink/p/?LinkId DSIE - ieuinit.inf: SEARCH_PAGE_URL= "http://go.microsoft.com/fwlink/?LinkId ==================== Protocol Hijackers - PH =================================== PH00 - Handler:wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} @ = Unknown # C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [df07358fda177f70de329d627d838f95] ==================== ShellServiceObjectDelayLoad - SSODL ======================= SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = ==================== Extra items - EXT (Torpig/ConduitSearch) ================== EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files\common files\adobe\arm\1.0\armsvc.exe SERV - R2 - [BBUpdate] - BBUpdate - c:\program files\microsoft\bingbar\seaport.exe SERV - R2 - [cvhsvc] - Client Virtualization Handler - c:\program files\common files\microsoft shared\virtualization handler\cvhsvc.exe SERV - R2 - [DsiWMIService] - Dritek WMI Service - c:\program files\launch manager\dsiwmis.exe SERV - R2 - [ePowerSvc] - Acer ePower Service - c:\program files\acer\acer epower management\epowersvc.exe SERV - R2 - [GREGService] - GREGService - c:\program files\acer\registration\gregsvc.exe SERV - R2 - [HPSupportSolutionsFrameworkService] - HP Support Solutions Framework Service - c:\program files\hp\common\hpsupportsolutionsframeworkservice.exe SERV - R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe SERV - R2 - [IconMan_R] - IconMan_R - c:\program files\realtek\realtek pcie card reader\riconman.exe SERV - R2 - [Live Updater Service] - Live Updater Service - c:\program files\acer\acer updater\updaterservice.exe SERV - R2 - [RS_Service] - Raw Socket Service - c:\program files\acer\acer vcm\rs_service.exe SERV - R2 - [sftlist] - Application Virtualization Client - c:\program files\microsoft application virtualization client\sftlist.exe SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R3 - [sftvsa] - Application Virtualization Service Agent - c:\program files\microsoft application virtualization client\sftvsa.exe SERV - R3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files\google\update\googleupdate.exe SERV - S2 - [SkypeUpdate] - Skype Updater - c:\program files\skype\updater\updater.exe SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe SERV - S3 - [BBSvc] - Bing Bar Update Service - c:\program files\microsoft\bingbar\bbsvc.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [EgisTec Ticket Service] - EgisTec Ticket Service - c:\program files\common files\egistec\services\egisticketservice.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe SERV - S3 - [GamesAppService] - GamesAppService - c:\program files\wildtangent games\app\gamesappservice.exe SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files\google\update\googleupdate.exe SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [McAWFwk] - McAfee Activation Service - c:\progra~1\mcafee\msc\mcawfwk.exe [x] SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files\mozilla maintenance service\maintenanceservice.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - S3 - [ose] - Office Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe SERV - S3 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe SERV - S4 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework\v4.0.30319\aspnet_state.exe SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe SERV - S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe *** Win32ShareProcess *** SERV - R2 - [avast! Antivirus] - avast! Antivirus - c:\program files\avast software\avast\avastsvc.exe SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe SERV - S3 - [idsvc] - Windows CardSpace - c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S3 - [ProtectedStorage] - Protected Storage - c:\windows\system32\lsass.exe SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter - c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter - c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter - c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys DRV - R3 - [srv] - Stuurprogramma Server SMB 1.xxx - C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - Stuurprogramma Server SMB 2.xxx - C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys DRV - R0 - [aswRvrt] - avast! Revert - C:\Windows\system32\Drivers\aswRvrt.sys DRV - R0 - [aswVmm] - avast! VM Monitor - C:\Windows\system32\Drivers\aswVmm.sys DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x] DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys DRV - R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys DRV - R0 - [Disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\Disk.sys DRV - R0 - [fvevol] - Filterstuurprogramma Bitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys DRV - R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys DRV - R0 - [iaStor] - Intel AHCI Controller - C:\Windows\system32\Drivers\iaStor.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys DRV - R0 - [mountmgr] - Koppelpuntbeheer - C:\Windows\system32\Drivers\mountmgr.sys DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS-systeemstuurprogramma - C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [partmgr] - Partitiebeheer - C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys DRV - R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys DRV - R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamisch Volumebeheer - C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wd] - Microsoft Watchdog Timer Driver - C:\Windows\system32\Drivers\Wd.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys ==================== SvcHost - White Listed ==================================== All Ok ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== Job tasks ================================================= There are no .job files found. ==================== End scanning at di 25 nov 2014 18:09 (2 Min 0 Sec ) =======