E-Peek v 1.9.9.0 © Emphyrio/Onsia Patrick 2013-2015 [url=http://www.antimalwarehelp.be/EDev/Tools/E-Peek/EPeekDL.html]E Dev[/url] Run at vr 20 feb 2015 16:40 . Windows 8.1 Professional (64 bits) C:\Windows [NTFS - Fixed] Default Browser: Firefox 35.0.1 (x86 nl) Boot mode: Normal boot User logged in: Marijn . Java x86: 1.7.0_45 Java x64: 1.7.0_45 . AV : McAfee Antivirus en antispyware [Updated - Not Running] AV : Windows Defender [Updated - Not Running] AV : AVG AntiVirus 2015 [Updated - Not Running] AS : McAfee Antivirus en antispyware [Updated - Not Running] AS : Windows Defender [Updated - Not Running] AS : AVG AntiVirus 2015 [Updated - Not Running] FW : FW : McAfee Firewall [Updated - Running] . ==================== Files and Folders history ================================= Folders Created Last 7 days : 20-02-2015 ##### r-h-s-d+a- C:\Users\Marijn\AppData\Roaming\TuneUp Software 20-02-2015 ##### r-h-s-d+a- C:\Users\Marijn\AppData\Roaming\E Dev 20-02-2015 ##### r-h-s-d+a- C:\Users\Marijn\AppData\Roaming\AVG2015 20-02-2015 ##### r-h-s-d+a- C:\Users\Marijn\AppData\Local\Temp 20-02-2015 ##### r-h-s-d+a- C:\Users\Marijn\AppData\Local\MFAData 20-02-2015 ##### r-h-s-d+a- C:\Users\Marijn\AppData\Local\Avg2015 20-02-2015 ##### r-h-s-d+a- C:\ProgramData\MFAData 20-02-2015 ##### r-h-s-d+a- C:\ProgramData\AVG2015 20-02-2015 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev 20-02-2015 ##### r-h-s-d+a- C:\Program Files (x86)\AVG 20-02-2015 ##### r-h+s-d+a- C:\ProgramData\Common Files 20-02-2015 ##### r-h+s-d+a- C:\$AVG 20-02-2015 ##### r-h+s+d+a- C:\$RECYCLE.BIN 19-02-2015 ##### r-h-s-d+a- C:\zoek_backup 19-02-2015 ##### r-h-s-d+a- C:\Users\Marijn\Start Menu 19-02-2015 ##### r-h-s-d+a- C:\rsit 19-02-2015 ##### r-h-s-d+a- C:\Program Files\trend micro 19-02-2015 ##### r-h-s-d+a- C:\AdwCleaner 14-02-2015 ##### r-h-s-d+a- C:\Users\Marijn\AppData\Roaming\vlc 14-02-2015 ##### r-h-s-d+a- C:\ProgramData\Microsoft Toolkit 14-02-2015 ##### r-h-s-d+a- C:\Program Files (x86)\VideoLAN 14-02-2015 ##### r-h-s-d+a- C:\Program Files (x86)\Microsoft SQL Server 14-02-2015 ##### r-h-s-d+a- C:\Program Files (x86)\Microsoft Office 14-02-2015 ##### r-h-s-d+a- C:\Program Files (x86)\Microsoft Analysis Services 14-02-2015 ##### r+h+s-d+a- C:\MSOCache Files Modified Last 7 days : 20-02-2015 01823174 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI 20-02-2015 00806704 r-h-s-d-a+ C:\Windows\system32\perfh013.dat 20-02-2015 00722476 r-h-s-d-a+ C:\Windows\system32\perfh009.dat 20-02-2015 00162170 r-h-s-d-a+ C:\Windows\system32\perfc013.dat 20-02-2015 00135592 r-h-s-d-a+ C:\Windows\system32\perfc009.dat 19-02-2015 00591776 r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT Files Created Last 7 days : 19-02-2015 01018880 r-h-s-d-a+ C:\Windows\system32\termsrv.dll 14-02-2015 16874496 r-h-s-d-a+ C:\Windows\system32\Windows.UI.Xaml.dll 14-02-2015 12730880 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.UI.Xaml.dll 14-02-2015 06041600 r-h-s-d-a+ C:\Windows\system32\jscript9.dll 14-02-2015 04300800 r-h-s-d-a+ C:\Windows\SysWOW64\jscript9.dll 14-02-2015 03607040 r-h-s-d-a+ C:\Windows\SysWOW64\msi.dll 14-02-2015 03465216 r-h-s-d-a+ C:\Windows\system32\wuaueng.dll 14-02-2015 03320320 r-h-s-d-a+ C:\Windows\system32\msi.dll 14-02-2015 02773504 r-h-s-d-a+ C:\Windows\system32\authui.dll 14-02-2015 02574208 r-h-s-d-a+ C:\Windows\system32\WMVDECOD.DLL 14-02-2015 02459136 r-h-s-d-a+ C:\Windows\SysWOW64\authui.dll 14-02-2015 02410976 r-h-s-d-a+ C:\Windows\SysWOW64\WMVDECOD.DLL 14-02-2015 02397184 r-h-s-d-a+ C:\Windows\system32\storagewmi.dll 14-02-2015 02389504 r-h-s-d-a+ C:\Windows\system32\d3d10warp.dll 14-02-2015 02145472 r-h-s-d-a+ C:\Windows\SysWOW64\mfcore.dll 14-02-2015 02141920 r-h-s-d-a+ C:\Windows\system32\mfcore.dll 14-02-2015 02100736 r-h-s-d-a+ C:\Windows\system32\SystemSettingsAdminFlowUI.dll 14-02-2015 02071552 r-h-s-d-a+ C:\Windows\SysWOW64\d3d10warp.dll 14-02-2015 02050560 r-h-s-d-a+ C:\Windows\system32\SRH.dll 14-02-2015 01992192 r-h-s-d-a+ C:\Windows\system32\XpsPrint.dll 14-02-2015 01970432 r-h-s-d-a+ C:\Windows\system32\crypt32.dll 14-02-2015 01844224 r-h-s-d-a+ C:\Windows\system32\Display.dll 14-02-2015 01817088 r-h-s-d-a+ C:\Windows\SysWOW64\Display.dll 14-02-2015 01741824 r-h-s-d-a+ C:\Windows\SysWOW64\SRH.dll 14-02-2015 01705472 r-h-s-d-a+ C:\Windows\system32\wucltux.dll 14-02-2015 01660048 r-h-s-d-a+ C:\Windows\system32\winload.efi 14-02-2015 01656832 r-h-s-d-a+ C:\Windows\system32\GdiPlus.dll 14-02-2015 01612992 r-h-s-d-a+ C:\Windows\SysWOW64\crypt32.dll 14-02-2015 01600000 r-h-s-d-a+ C:\Windows\system32\workfolderssvc.dll 14-02-2015 01532416 r-h-s-d-a+ C:\Windows\system32\wlansvc.dll 14-02-2015 01519560 r-h-s-d-a+ C:\Windows\system32\winload.exe 14-02-2015 01519488 r-h-s-d-a+ C:\Windows\system32\user32.dll 14-02-2015 01488008 r-h-s-d-a+ C:\Windows\system32\winresume.efi 14-02-2015 01487976 r-h-s-d-a+ C:\Windows\system32\sppobjs.dll 14-02-2015 01463808 r-h-s-d-a+ C:\Windows\system32\wsecedit.dll 14-02-2015 01404416 r-h-s-d-a+ C:\Windows\SysWOW64\storagewmi.dll 14-02-2015 01356840 r-h-s-d-a+ C:\Windows\system32\winresume.exe 14-02-2015 01351168 r-h-s-d-a+ C:\Windows\SysWOW64\GdiPlus.dll 14-02-2015 01346048 r-h-s-d-a+ C:\Windows\SysWOW64\user32.dll 14-02-2015 01319936 r-h-s-d-a+ C:\Windows\SysWOW64\wsecedit.dll 14-02-2015 01290752 r-h-s-d-a+ C:\Windows\SysWOW64\XpsPrint.dll 14-02-2015 01287680 r-h-s-d-a+ C:\Windows\system32\mispace.dll 14-02-2015 01261056 r-h-s-d-a+ C:\Windows\system32\gpsvc.dll 14-02-2015 01231872 r-h-s-d-a+ C:\Windows\system32\Windows.Media.dll 14-02-2015 01182208 r-h-s-d-a+ C:\Windows\system32\printui.dll 14-02-2015 01144320 r-h-s-d-a+ C:\Windows\system32\wwanmm.dll 14-02-2015 01091072 r-h-s-d-a+ C:\Windows\system32\MrmCoreR.dll 14-02-2015 01089024 r-h-s-d-a+ C:\Windows\system32\gpedit.dll 14-02-2015 01057792 r-h-s-d-a+ C:\Windows\SysWOW64\printui.dll 14-02-2015 01048064 r-h-s-d-a+ C:\Windows\SysWOW64\gpedit.dll 14-02-2015 01029632 r-h-s-d-a+ C:\Windows\SysWOW64\mispace.dll 14-02-2015 01018368 r-h-s-d-a+ C:\Windows\system32\aclui.dll 14-02-2015 00889856 r-h-s-d-a+ C:\Windows\SysWOW64\aclui.dll 14-02-2015 00889344 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Media.dll 14-02-2015 00882136 r-h-s-d-a+ C:\Windows\system32\mfplat.dll 14-02-2015 00878592 r-h-s-d-a+ C:\Windows\system32\ActionCenter.dll 14-02-2015 00834560 r-h-s-d-a+ C:\Windows\system32\osk.exe 14-02-2015 00832512 r-h-s-d-a+ C:\Windows\SysWOW64\ActionCenter.dll 14-02-2015 00828416 r-h-s-d-a+ C:\Windows\system32\wuapi.dll 14-02-2015 00795136 r-h-s-d-a+ C:\Windows\system32\spoolsv.exe 14-02-2015 00790528 r-h-s-d-a+ C:\Windows\SysWOW64\MrmCoreR.dll 14-02-2015 00788680 r-h-s-d-a+ C:\Windows\system32\oleaut32.dll 14-02-2015 00779264 r-h-s-d-a+ C:\Windows\SysWOW64\osk.exe 14-02-2015 00770048 r-h-s-d-a+ C:\Windows\system32\WorkfoldersControl.dll 14-02-2015 00721408 r-h-s-d-a+ C:\Windows\system32\twinapi.dll 14-02-2015 00707536 r-h-s-d-a+ C:\Windows\SysWOW64\mfplat.dll 14-02-2015 00667136 r-h-s-d-a+ C:\Windows\SysWOW64\wuapi.dll 14-02-2015 00659968 r-h-s-d-a+ C:\Windows\system32\Windows.Devices.Bluetooth.dll 14-02-2015 00645592 r-h-s-d-a+ C:\Windows\system32\SHCore.dll 14-02-2015 00621056 r-h-s-d-a+ C:\Windows\system32\comdlg32.dll 14-02-2015 00602776 r-h-s-d-a+ C:\Windows\SysWOW64\oleaut32.dll 14-02-2015 00595456 r-h-s-d-a+ C:\Windows\system32\Windows.Networking.dll 14-02-2015 00576512 r-h-s-d-a+ C:\Windows\system32\SettingSync.dll 14-02-2015 00557056 r-h-s-d-a+ C:\Windows\system32\PrintDialogs.dll 14-02-2015 00544768 r-h-s-d-a+ C:\Windows\system32\AppxPackaging.dll 14-02-2015 00540672 r-h-s-d-a+ C:\Windows\SysWOW64\comdlg32.dll 14-02-2015 00513544 r-h-s-d-a+ C:\Windows\SysWOW64\locale.nls 14-02-2015 00513544 r-h-s-d-a+ C:\Windows\system32\locale.nls 14-02-2015 00505344 r-h-s-d-a+ C:\Windows\system32\VAN.dll 14-02-2015 00492032 r-h-s-d-a+ C:\Windows\SysWOW64\PrintDialogs.dll 14-02-2015 00487936 r-h-s-d-a+ C:\Windows\system32\winspool.drv 14-02-2015 00486744 r-h-s-d-a+ C:\Windows\system32\netcfgx.dll 14-02-2015 00477200 r-h-s-d-a+ C:\Windows\SysWOW64\SHCore.dll 14-02-2015 00474112 r-h-s-d-a+ C:\Windows\SysWOW64\AppxPackaging.dll 14-02-2015 00459264 r-h-s-d-a+ C:\Windows\SysWOW64\SettingSync.dll 14-02-2015 00449536 r-h-s-d-a+ C:\Windows\system32\defragsvc.dll 14-02-2015 00448000 r-h-s-d-a+ C:\Windows\SysWOW64\VAN.dll 14-02-2015 00443904 r-h-s-d-a+ C:\Windows\system32\wlansec.dll 14-02-2015 00439296 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll 14-02-2015 00432640 r-h-s-d-a+ C:\Windows\system32\wwanconn.dll 14-02-2015 00432128 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Networking.dll 14-02-2015 00428032 r-h-s-d-a+ C:\Windows\system32\msihnd.dll 14-02-2015 00427008 r-h-s-d-a+ C:\Windows\system32\clusapi.dll 14-02-2015 00391526 r-h-s-d-a+ C:\Windows\system32\ApnDatabase.xml 14-02-2015 00391000 r-h-s-d-a+ C:\Windows\SysWOW64\netcfgx.dll 14-02-2015 00388608 r-h-s-d-a+ C:\Windows\system32\WUSettingsProvider.dll 14-02-2015 00387896 r-h-s-d-a+ C:\Windows\system32\bcryptprimitives.dll 14-02-2015 00371712 r-h-s-d-a+ C:\Windows\SysWOW64\winspool.drv 14-02-2015 00371200 r-h-s-d-a+ C:\Windows\system32\wlanmsm.dll 14-02-2015 00360480 r-h-s-d-a+ C:\Windows\system32\mfreadwrite.dll 14-02-2015 00356864 r-h-s-d-a+ C:\Windows\system32\conhost.exe 14-02-2015 00355800 r-h-s-d-a+ C:\Windows\SysWOW64\mfreadwrite.dll 14-02-2015 00335680 r-h-s-d-a+ C:\Windows\SysWOW64\bcryptprimitives.dll 14-02-2015 00325120 r-h-s-d-a+ C:\Windows\SysWOW64\msihnd.dll 14-02-2015 00324096 r-h-s-d-a+ C:\Windows\system32\srvsvc.dll 14-02-2015 00321536 r-h-s-d-a+ C:\Windows\system32\stobject.dll 14-02-2015 00313856 r-h-s-d-a+ C:\Windows\SysWOW64\clusapi.dll 14-02-2015 00308224 r-h-s-d-a+ C:\Windows\system32\wusa.exe 14-02-2015 00305152 r-h-s-d-a+ C:\Windows\SysWOW64\wusa.exe 14-02-2015 00302080 r-h-s-d-a+ C:\Windows\SysWOW64\wlanmsm.dll 14-02-2015 00296960 r-h-s-d-a+ C:\Windows\system32\wlanapi.dll 14-02-2015 00288768 r-h-s-d-a+ C:\Windows\SysWOW64\stobject.dll 14-02-2015 00287232 r-h-s-d-a+ C:\Windows\system32\usbmon.dll 14-02-2015 00268288 r-h-s-d-a+ C:\Windows\system32\wisp.dll 14-02-2015 00263400 r-h-s-d-a+ C:\Windows\system32\SystemSettingsAdminFlows.exe 14-02-2015 00233888 r-h-s-d-a+ C:\Windows\system32\mfps.dll 14-02-2015 00230400 r-h-s-d-a+ C:\Windows\SysWOW64\wlanapi.dll 14-02-2015 00226816 r-h-s-d-a+ C:\Windows\system32\WebClnt.dll 14-02-2015 00226304 r-h-s-d-a+ C:\Windows\system32\SndVolSSO.dll 14-02-2015 00220160 r-h-s-d-a+ C:\Windows\system32\iasnap.dll 14-02-2015 00216368 r-h-s-d-a+ C:\Windows\system32\rsaenh.dll 14-02-2015 00211216 r-h-s-d-a+ C:\Windows\system32\SndVol.exe 14-02-2015 00210944 r-h-s-d-a+ C:\Windows\SysWOW64\wisp.dll 14-02-2015 00207360 r-h-s-d-a+ C:\Windows\system32\powercfg.cpl 14-02-2015 00206336 r-h-s-d-a+ C:\Windows\SysWOW64\powercfg.cpl 14-02-2015 00205512 r-h-s-d-a+ C:\Windows\system32\mftranscode.dll 14-02-2015 00198656 r-h-s-d-a+ C:\Windows\SysWOW64\WebClnt.dll 14-02-2015 00189016 r-h-s-d-a+ C:\Windows\SysWOW64\rsaenh.dll 14-02-2015 00187392 r-h-s-d-a+ C:\Windows\system32\WorkFoldersShell.dll 14-02-2015 00183808 r-h-s-d-a+ C:\Windows\system32\Defrag.exe 14-02-2015 00180720 r-h-s-d-a+ C:\Windows\SysWOW64\mftranscode.dll 14-02-2015 00180208 r-h-s-d-a+ C:\Windows\SysWOW64\SndVol.exe 14-02-2015 00168960 r-h-s-d-a+ C:\Windows\SysWOW64\iasnap.dll 14-02-2015 00160600 r-h-s-d-a+ C:\Windows\system32\winmmbase.dll 14-02-2015 00134144 r-h-s-d-a+ C:\Windows\system32\browser.dll 14-02-2015 00128568 r-h-s-d-a+ C:\Windows\SysWOW64\winmm.dll 14-02-2015 00127544 r-h-s-d-a+ C:\Windows\SysWOW64\winmmbase.dll 14-02-2015 00127488 r-h-s-d-a+ C:\Windows\system32\WiFiDisplay.dll 14-02-2015 00125472 r-h-s-d-a+ C:\Windows\system32\dwmapi.dll 14-02-2015 00123920 r-h-s-d-a+ C:\Windows\system32\winmm.dll 14-02-2015 00117248 r-h-s-d-a+ C:\Windows\system32\AppxSip.dll 14-02-2015 00116032 r-h-s-d-a+ C:\Windows\system32\consent.exe 14-02-2015 00110080 r-h-s-d-a+ C:\Windows\system32\appinfo.dll 14-02-2015 00105472 r-h-s-d-a+ C:\Windows\system32\BluetoothApis.dll 14-02-2015 00102912 r-h-s-d-a+ C:\Windows\system32\wcmcsp.dll 14-02-2015 00098048 r-h-s-d-a+ C:\Windows\SysWOW64\dwmapi.dll 14-02-2015 00095232 r-h-s-d-a+ C:\Windows\SysWOW64\AppxSip.dll 14-02-2015 00093696 r-h-s-d-a+ C:\Windows\system32\wudriver.dll 14-02-2015 00092160 r-h-s-d-a+ C:\Windows\system32\dab.dll 14-02-2015 00086688 r-h-s-d-a+ C:\Windows\system32\mrt_map.dll 14-02-2015 00084480 r-h-s-d-a+ C:\Windows\system32\wpdbusenum.dll 14-02-2015 00080896 r-h-s-d-a+ C:\Windows\SysWOW64\wudriver.dll 14-02-2015 00080032 r-h-s-d-a+ C:\Windows\SysWOW64\mrt_map.dll 14-02-2015 00079872 r-h-s-d-a+ C:\Windows\SysWOW64\BluetoothApis.dll 14-02-2015 00065536 r-h-s-d-a+ C:\Windows\system32\WorkFoldersGPExt.dll 14-02-2015 00063488 r-h-s-d-a+ C:\Windows\system32\wshbth.dll 14-02-2015 00059392 r-h-s-d-a+ C:\Windows\system32\wups.dll 14-02-2015 00054752 r-h-s-d-a+ C:\Windows\system32\wuauclt.exe 14-02-2015 00053248 r-h-s-d-a+ C:\Windows\system32\AppxSysprep.dll 14-02-2015 00051200 r-h-s-d-a+ C:\Windows\SysWOW64\wshbth.dll 14-02-2015 00050688 r-h-s-d-a+ C:\Windows\system32\wups2.dll 14-02-2015 00034304 r-h-s-d-a+ C:\Windows\system32\DeviceSetupStatusProvider.dll 14-02-2015 00028672 r-h-s-d-a+ C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll 14-02-2015 00028320 r-h-s-d-a+ C:\Windows\system32\mrt100.dll 14-02-2015 00026784 r-h-s-d-a+ C:\Windows\SysWOW64\mrt100.dll 14-02-2015 00026112 r-h-s-d-a+ C:\Windows\SysWOW64\wups.dll 14-02-2015 00018432 r-h-s-d-a+ C:\Windows\system32\wlansvcpal.dll 14-02-2015 00014336 r-h-s-d-a+ C:\Windows\system32\winshfhc.dll 14-02-2015 00012800 r-h-s-d-a+ C:\Windows\SysWOW64\winshfhc.dll 14-02-2015 00008192 r-h-s-d-a+ C:\Windows\SysWOW64\KBDRUM.DLL 14-02-2015 00008192 r-h-s-d-a+ C:\Windows\system32\KBDRUM.DLL 14-02-2015 00007168 r-h-s-d-a+ C:\Windows\SysWOW64\KBDYAK.DLL 14-02-2015 00007168 r-h-s-d-a+ C:\Windows\SysWOW64\KBDTT102.DLL 14-02-2015 00007168 r-h-s-d-a+ C:\Windows\SysWOW64\KBDTAT.DLL 14-02-2015 00007168 r-h-s-d-a+ C:\Windows\SysWOW64\KBDRU1.DLL 14-02-2015 00007168 r-h-s-d-a+ C:\Windows\SysWOW64\KBDBASH.DLL 14-02-2015 00007168 r-h-s-d-a+ C:\Windows\system32\KBDYAK.DLL 14-02-2015 00007168 r-h-s-d-a+ C:\Windows\system32\KBDTT102.DLL 14-02-2015 00007168 r-h-s-d-a+ C:\Windows\system32\KBDTAT.DLL 14-02-2015 00007168 r-h-s-d-a+ C:\Windows\system32\KBDRU1.DLL 14-02-2015 00007168 r-h-s-d-a+ C:\Windows\system32\KBDBASH.DLL 14-02-2015 00006656 r-h-s-d-a+ C:\Windows\SysWOW64\KBDRU.DLL 14-02-2015 00006656 r-h-s-d-a+ C:\Windows\system32\KBDRU.DLL ==================== RUNNING PROCESSES ========================================= [AdobeARM] -Marijn- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - (Adobe Systems Incorporated) [armsvc] -SYSTEM- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated) [audiodg] -LOCAL SERVICE- C:\Windows\System32\audiodg.exe - (audiodg.exe) [avgui] -Marijn- C:\Program Files (x86)\AVG\AVG2015\avgui.exe - (AVG Technologies CZ, s.r.o.) [avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.) [BTHSAmpPalService] -SYSTEM- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe - (Intel Corporation) [BTHSSecurityMgr] -SYSTEM- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe - (Intel(R) Corporation) [conhost] -SYSTEM- C:\Windows\system32\conhost.exe - (Microsoft Corporation) [CSISYN~1] -Marijn- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE - (Microsoft Corporation) [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe) [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe) [ctfmon] -Marijn- C:\Windows\SysWOW64\ctfmon.exe - (Microsoft Corporation) [dasHost] -LOCAL SERVICE- C:\Windows\system32\dashost.exe - (Microsoft Corporation) [devmonsrv] -SYSTEM- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe - (Motorola Solutions, Inc.) [dllhost] -LOCAL SERVICE- C:\Windows\system32\DllHost.exe - (Microsoft Corporation) [dllhost] -LOCAL SERVICE- C:\Windows\SysWOW64\DllHost.exe - (Microsoft Corporation) [dllhost] -SYSTEM- C:\Windows\system32\DllHost.exe - (Microsoft Corporation) [dwm] -DWM-1- C:\Windows\system32\dwm.exe - (Microsoft Corporation) [E-Peek 1.9.9.0] -Marijn- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.9.9.0.exe - (E Dev) [esrv_svc] -SYSTEM- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe - (Intel Corporation) [EvtEng] -SYSTEM- C:\Program Files\Intel\WiFi\bin\EvtEng.exe - (Intel(R) Corporation) [explorer] -Marijn- C:\Windows\Explorer.EXE - (Microsoft Corporation) [firefox] -Marijn- C:\Program Files (x86)\Mozilla Firefox\firefox.exe - (Mozilla Corporation) [GamesAppIntegrationService] -SYSTEM- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe - (WildTangent) [HeciServer] -SYSTEM- c:\Program Files\Intel\iCLS Client\HeciServer.exe - (Intel(R) Corporation) [hkcmd] -Marijn- C:\Windows\System32\hkcmd.exe - (Intel Corporation) [ibtrksrv] -SYSTEM- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe - (Intel Corporation) [igfxpers] -Marijn- C:\Windows\System32\igfxpers.exe - (Intel Corporation) [igfxsrvc] -Marijn- C:\Windows\system32\igfxsrvc.exe - (Intel Corporation) [igfxtray] -Marijn- C:\Windows\System32\igfxtray.exe - (Intel Corporation) [IntelMeFWService] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe - (Intel Corporation) [iSCTAgent] -SYSTEM- c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe - () [iSCTsysTray8] -Marijn- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe - (Intel Corporation) [jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe - (Intel Corporation) [listener] -Marijn- C:\Program Files\Sony\VAIO Care\listener.exe - () [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation) [lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation) [McAPExe] -SYSTEM- C:\Program Files\McAfee\MSC\McAPExe.exe - (McAfee, Inc.) [mcsacore] -SYSTEM- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe - (McAfee, Inc.) [mcshield] -SYSTEM- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe - (McAfee, Inc.) [McSvHost] -SYSTEM- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe - (McAfee, Inc.) [McUICnt] -Marijn- C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe - (McAfee, Inc.) [mfefire] -SYSTEM- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe - (McAfee, Inc.) [mfevtps] -SYSTEM- C:\Windows\system32\mfevtps.exe - (McAfee, Inc.) [msiexec] -SYSTEM- C:\Windows\system32\msiexec.exe - (Microsoft Corporation) [MSOSYNC] -Marijn- C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe - (Microsoft Corporation) [NetworkClient] -Marijn- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE - (Sony Corporation) [obexsrv] -SYSTEM- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe - (Motorola Solutions, Inc.) [PhotoshopElementsFileAgent] -SYSTEM- c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe - (Adobe Systems Incorporated) [PMBDeviceInfoProvider] -SYSTEM- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe - (Sony Corporation) [PMBVolumeWatcher] -Marijn- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe - (Sony Corporation) [RAVBg64] -Marijn- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - (Realtek Semiconductor) [RegSrvc] -SYSTEM- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - (Intel(R) Corporation) [rundll32] -Marijn- C:\Windows\System32\rundll32.exe - (Microsoft Corporation) [rundll32] -SYSTEM- C:\Windows\system32\rundll32.exe - (Microsoft Corporation) [rundll32] -SYSTEM- C:\Windows\SysWOW64\rundll32.exe - (Microsoft Corporation) [SearchFilterHost] -SYSTEM- C:\Windows\system32\SearchFilterHost.exe - (Microsoft Corporation) [SearchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation) [SearchProtocolHost] -SYSTEM- C:\Windows\system32\SearchProtocolHost.exe - (Microsoft Corporation) [services] -SYSTEM- C:\Windows\System32\services.exe - (services.exe) [SettingSyncHost] -Marijn- C:\Windows\System32\SettingSyncHost.exe - (Microsoft Corporation) [SkyDrive] -Marijn- C:\Windows\System32\skydrive.exe - (Microsoft Corporation) [smss] -SYSTEM- C:\Windows\System32\smss.exe - (smss.exe) [spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation) [SUSSoundProxy] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe - (Sony Corporation) [SynTPEnh] -Marijn- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - (Synaptics Incorporated) [SynTPHelper] -Marijn- C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE - (Synaptics Incorporated) [System] -N/A- - (System) [taskhostex] -Marijn- C:\Windows\system32\taskhostex.exe - (Microsoft Corporation) [TiWorker] -SYSTEM- C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe - (Microsoft Corporation) [TrustedInstaller] -SYSTEM- C:\Windows\servicing\TrustedInstaller.exe - (Microsoft Corporation) [unsecapp] -SYSTEM- C:\Windows\system32\wbem\unsecapp.exe - (Microsoft Corporation) [VAIO Clip] -Marijn- C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe - (Sony Corporation) [VAIOUpdt] -Marijn- C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe - (Sony Corporation) [VCAgent] -SYSTEM- C:\Program Files\Sony\VAIO Care\VCAgent.exe - (Sony Corporation) [VCPerfService] -SYSTEM- C:\Program Files\Sony\VAIO Care\VCPerfService.exe - (Intel Corporation) [VCService] -SYSTEM- C:\Program Files\Sony\VAIO Care\VCService.exe - (Sony Corporation) [VCSystemTray] -Marijn- C:\Program Files\Sony\VAIO Care\VCSystemTray.exe - (Sony Corporation) [VESMgr] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe - (Sony Corporation) [VESMgrSub] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe - (Sony Corporation) [VESMgrSub] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe - (Sony Corporation) [vim] -Marijn- C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe - (Sony Corporation) [vim] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe - (Sony Corporation) [VUAgent] -SYSTEM- C:\Program Files\Sony\VAIO Update\VUAgent.exe - (Sony Corporation) [wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation) [winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation) [wlanext] -SYSTEM- C:\Windows\system32\WLANExt.exe - (Microsoft Corporation) [WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [WmiPrvSE] -SYSTEM- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation) [WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation) [ZeroConfigService] -SYSTEM- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe - (Intel® Corporation) ==================== IE PAGES ================================================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main Start Page = about:blank Local Page = C:\Windows\SysWOW64\blank.htm Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} DisplayName = @ieframe.dll,-12512 URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==================== IE PAGES x64 ============================================== HKLM\Software\Microsoft\Internet Explorer\Main Start Page = about:blank Local Page = C:\Windows\System32\blank.htm Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\SearchScopes DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} DisplayName = @ieframe.dll,-12512 URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==================== Auto Load ================================================= HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = userinit.exe Shell = explorer.exe ==================== Auto Load x64 ============================================= HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = C:\Windows\system32\userinit.exe, Shell = explorer.exe ==================== Firefox =================================================== FF - ProfilePath - C:\Users\Marijn\AppData\Roaming\Mozilla\firefox\Profiles\ooo1wrh2.default-1424354465315 FF - Ext: [Default 35.0.1 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} visible: True active: True FF - Ext: [McAfee SiteAdvisor 3.7.2 ] - extension - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} visible: True active: False FF - PlugIn: [Adobe® Flash® Player 16.0.0.305 Plugin] - C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll FF - PlugIn: [Java™ Deployment Toolkit] - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll FF - PlugIn: [Oracle® Java™ Plug-In] - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll FF - PlugIn: [McAfee Total Protection] - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ==================== Windows Host File ========================================= ==================== BHO ======================================================= HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Default = Lync Browser Helper => HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\InProcServer32 Default = C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Default = Java(tm) Plug-In SSV Helper => HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32 Default = C:\Program Files (x86)\Java\jre7\bin\ssv.dll {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Default = Microsoft SkyDrive Pro Browser Helper => HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\InProcServer32 Default = C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Default = Java(tm) Plug-In 2 SSV Helper => HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32 Default = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll ==================== BHO x64 =================================================== HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Default = Lync Browser Helper => HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\InProcServer32 Default = C:\Program Files\Microsoft Office\Office15\OCHelper.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Default = Java(tm) Plug-In SSV Helper => HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32 Default = C:\Program Files\Java\jre7\bin\ssv.dll {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Default = Microsoft SkyDrive Pro Browser Helper => HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\InProcServer32 Default = C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Default = Java(tm) Plug-In 2 SSV Helper => HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32 Default = C:\Program Files\Java\jre7\bin\jp2ssv.dll ==================== Auto Start Programs ======================================= HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run Adobe ARM = "c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY mcpltui_exe = "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey PMBVolumeWatcher = "C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" ==================== Auto Start Programs x64 =================================== HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx AdobeAAMUpdater-1.0 = "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" BTMTrayAgent = rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HotKeysCmds = "C:\Windows\system32\hkcmd.exe" IgfxTray = "C:\Windows\system32\igfxtray.exe" Persistence = "C:\Windows\system32\igfxpers.exe" RtHDVBg = "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved [2 = enabled 3= disabled] AdobeAAMUpdater-1.0 = 2 BTMTrayAgent = 2 HotKeysCmds = 2 IgfxTray = 2 Persistence = 2 RtHDVBg = 2 Adobe ARM = 2 mcpltui_exe = 2 PMBVolumeWatcher = 2 ISCTSystray.lnk = 2 CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk ==================== Extra Items IE ============================================ HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia HKCU\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\InProcServer32 => HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\InProcServer32 {B164E929-A1B6-4A06-B104-2CD0E90A88FF} = c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ==================== Extra Items IE x64 ======================================== HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia ==================== Internet Default Prefix =================================== HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix Default = http:// HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes WWW = http:// ==================== Internet Default Prefix x64 =============================== HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix Default = http:// HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes WWW = http:// ==================== Protocol Hijackers ======================================== HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\dssrequest CLSID = {5513F07E-936B-4E52-9B00-067394E91CC5} => SOFTWARE\Classes\\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\InProcServer32 @ Default = Unknown # c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll # MD5 [8b0c03962c3f938221ab850ddc9415e1] HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\osf CLSID = {D924BDC6-C83A-4BD5-90D0-095128A113D1} => SOFTWARE\Classes\\CLSID\{D924BDC6-C83A-4BD5-90D0-095128A113D1}\InProcServer32 @ Default = Unknown # C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL # MD5 [405251ed82d69e5893f1e7e923b7f38b] HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\sacore CLSID = {5513F07E-936B-4E52-9B00-067394E91CC5} => SOFTWARE\Classes\\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\InProcServer32 @ Default = Unknown # c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll # MD5 [8b0c03962c3f938221ab850ddc9415e1] HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\application/x-mfe-ipt CLSID = {3EF5086B-5478-4598-A054-786C45D75692} => SOFTWARE\Classes\\CLSID\{3EF5086B-5478-4598-A054-786C45D75692}\InProcServer32 @ Default = c:\PROGRA~2\mcafee\msc\mcsniepl.dll <= Unknown HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\text/xml CLSID = {807583E5-5146-11D5-A672-00B0D022E945} => SOFTWARE\Classes\\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL <= Unknown ==================== Protocol Hijackers x64 ==================================== HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest CLSID = {5513F07E-936B-4E52-9B00-067394E91CC5} => SOFTWARE\Classes\\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\InProcServer32 @ Default = Unknown # c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll # MD5 [b08b1cbe7e9d8d80d8d58cac36e4d19d] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\sacore CLSID = {5513F07E-936B-4E52-9B00-067394E91CC5} => SOFTWARE\Classes\\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\InProcServer32 @ Default = Unknown # c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll # MD5 [b08b1cbe7e9d8d80d8d58cac36e4d19d] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-mfe-ipt CLSID = {3EF5086B-5478-4598-A054-786C45D75692} => SOFTWARE\Classes\\CLSID\{3EF5086B-5478-4598-A054-786C45D75692}\InProcServer32 @ Default = c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL <= Unknown HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml CLSID = {807583E5-5146-11D5-A672-00B0D022E945} => SOFTWARE\Classes\\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL <= Unknown ==================== ShellServiceObjectDelayLoad =============================== HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present] ==================== ShellServiceObjectDelayLoad x64 ========================= HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present] ==================== Extra (Torpig/ConduitSearch) ============================== HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ Default = {217FC9C0-3AEA-1069-A2DB-08002B30309D} => HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32 @ Default = C:\Windows\system32\shell32.dll HKCR\Directory\shellex\CopyHookHandlers\Sharing @ Default = {40dd6e20-7c17-11ce-a804-00aa003ca9f6} => HKCR\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32 @ Default = C:\Windows\system32\ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [AdobeActiveFileMonitor12.0] - Adobe Active File Monitor V12 - c:\program files (x86)\adobe\elements 12 organizer\photoshopelementsfileagent.exe SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe SERV - R2 - [AMPPALR3] - Intel® Centrino® Wireless Bluetooth® + High Speed Service - c:\program files\intel\bluetoothhs\bthsamppalservice.exe SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe SERV - R2 - [Bluetooth Device Monitor] - Bluetooth Device Monitor - c:\program files (x86)\intel\bluetooth\devmonsrv.exe SERV - R2 - [Bluetooth OBEX Service] - Bluetooth OBEX Service - c:\program files (x86)\intel\bluetooth\obexsrv.exe SERV - R2 - [BTHSSecurityMgr] - Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service - c:\program files\intel\bluetoothhs\bthssecuritymgr.exe SERV - R2 - [EvtEng] - Intel(R) PROSet/Wireless Event Log - c:\program files\intel\wifi\bin\evteng.exe SERV - R2 - [GamesAppIntegrationService] - GamesAppIntegrationService - c:\program files (x86)\wildtangent games\app\gamesappintegrationservice.exe SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe SERV - R2 - [Intel(R) ME Service] - Intel(R) ME Service - c:\program files (x86)\intel\intel(r) management engine components\fwservice\intelmefwservice.exe SERV - R2 - [Intel(R) Wireless Bluetooth(R) 4.0 Radio Management] - Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - c:\program files (x86)\intel\bluetooth\ibtrksrv.exe SERV - R2 - [ISCTAgent] - Intel(R) Smart Connect Technology Agent - c:\program files\intel\intel(r) smart connect technology agent\isctagent.exe SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe SERV - R2 - [McAfee SiteAdvisor Service] - McAfee SiteAdvisor Service - c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe SERV - R2 - [McAPExe] - McAfee AP Service - c:\program files\mcafee\msc\mcapexe.exe SERV - R2 - [mfecore] - McAfee Anti-Malware Core - c:\program files\common files\mcafee\amcore\mcshield.exe SERV - R2 - [mfefire] - McAfee Firewall Core Service - c:\program files\common files\mcafee\systemcore\\mfefire.exe SERV - R2 - [mfevtp] - McAfee Validation Trust Protection Service - c:\windows\system32\mfevtps.exe SERV - R2 - [PMBDeviceInfoProvider] - PMBDeviceInfoProvider - c:\program files (x86)\sony\playmemories home\pmbdeviceinfoprovider.exe SERV - R2 - [RegSrvc] - Intel(R) PROSet/Wireless Registry Service - c:\program files\common files\intel\wirelesscommon\regsrvc.exe SERV - R2 - [SampleCollector] - Intel(R) System Behavior Tracker Collector Service - c:\program files\sony\vaio care\vcperfservice.exe SERV - R2 - [VAIO Event Service] - VAIO Event Service - c:\program files (x86)\sony\vaio control center\vesmgr.exe SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R2 - [ZeroConfigService] - Intel(R) PROSet/Wireless Zero Configuration Service - c:\program files\intel\wifi\bin\zeroconfigservice.exe SERV - R3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - R3 - [VCService] - VCService - c:\program files\sony\vaio care\vcservice.exe SERV - R3 - [VUAgent] - VUAgent - c:\program files\sony\vaio update\vuagent.exe SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe SERV - S3 - [GamesAppService] - GamesAppService - c:\program files (x86)\wildtangent games\app\gamesappservice.exe SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe SERV - S3 - [McAWFwk] - McAfee Activation Service - c:\progra~1\common~1\mcafee\actwiz\mcawfwk.exe SERV - S3 - [McComponentHostServiceSony] - McAfee Security Scan Component Host Service for Sony - c:\program files (x86)\sony\mss\3.0.318\mcchsvc.exe SERV - S3 - [McODS] - McAfee Scanner - c:\program files\mcafee\virusscan\mcods.exe SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [MyWiFiDHCPDNS] - Wireless PAN DHCP Server - c:\program files\intel\wifi\bin\pandhcpdns.exe SERV - S3 - [NetworkSupport] - NetworkSupport - c:\program files (x86)\sony\vaio control center\networksetting\networksupport.exe SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [SOHCImp] - VAIO Content Importer - c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe SERV - S3 - [SOHDms] - Sony Digital Media Server - c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe SERV - S3 - [SOHDs] - Sony Device Searcher - c:\program files (x86)\common files\sony shared\sohlib\sohds.exe SERV - S3 - [SpfService] - VAIO Entertainment Common Service - c:\program files\common files\sony shared\vaio entertainment platform\spf\spfservice64.exe SERV - S3 - [USER_ESRV_SVC] - User Energy Server Service - c:\program files\sony\vaio care\esrv\esrv_svc.exe SERV - S3 - [VCFw] - VAIO Content Folder Watcher - c:\program files (x86)\common files\sony shared\vaio content folder watcher\vcfw.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe *** Win32ShareProcess *** SERV - R2 - [HomeNetSvc] - McAfee Home Network - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [McMPFSvc] - McAfee Personal Firewall Service - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [McNaiAnn] - McAfee VirusScan Announcer - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [McOobeSv2] - McAfee OOBE Service2 - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [mcpltsvc] - McAfee Platform Services - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [McProxy] - McAfee Proxy Service - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [MSK80Service] - McAfee Anti-Spam Service - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\Windows\system32\Drivers\AVGIDSHA.sys DRV - R0 - [Avgloga] - AVG Logging Driver - C:\Windows\system32\Drivers\Avgloga.sys DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx64.sys DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx64.sys DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\Windows\system32\Drivers\Wof.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\disk.sys DRV - R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys DRV - R0 - [iaStorA] - iaStorA - C:\Windows\system32\Drivers\iaStorA.sys DRV - R0 - [IntelHSWPcc] - IntelHSWPcc - C:\Windows\system32\Drivers\IntelHSWPcc.sys [x] DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\Windows\system32\Drivers\intelpep.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys DRV - R0 - [mfehidk] - McAfee Inc. mfehidk - C:\Windows\system32\Drivers\mfehidk.sys DRV - R0 - [mfewfpk] - McAfee Inc. mfewfpk - C:\Windows\system32\Drivers\mfewfpk.sys DRV - R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys DRV - R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys DRV - R0 - [PxHlpa64] - PxHlpa64 - C:\Windows\system32\Drivers\PxHlpa64.sys DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\Windows\system32\Drivers\spaceport.sys DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\Windows\system32\Drivers\vdrvroot.sys DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\Windows\system32\Drivers\WFPLWFS.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys DRV - S0 - [Avgboota] - AVG Early Launch Anti-Malware Driver - C:\Windows\system32\Drivers\Avgboota.sys DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys DRV - S0 - [mfeelamk] - McAfee Inc. mfeelamk - C:\Windows\system32\Drivers\mfeelamk.sys DRV - S3 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys ==================== SvcHost - White Listed ==================================== WOW x64 - All Ok ==================== SvcHost x64 - White Listed ================================ All Ok ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== SigCheck x64 Fast ========================================= Fast Scan All ok ==================== Job tasks at C:\Windows\Tasks ============================= C:\Windows\Tasks\Adobe Flash Player Updater.job 940 bytes [ 10-2-2015 09:46:50 ] C:\Windows\Tasks\SA.DAT 6 bytes [ 22-8-2013 16:45:54 ] ==================== Job tasks at C:\Windows\system32\Tasks ==================== C:\Windows\system32\Tasks\Adobe Flash Player Updater 3828 bytes [ 10-2-2015 09:46:50 ] => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\system32\Tasks\avayvxvaxc 3464 bytes [ 19-2-2015 10:03:24 ] => C:\Users\Marijn\AppData\Local\avayvxvaxc\avayvxvaxc.exe C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for MARIJN-Marijn Marijn 5042 bytes [ 14-2-2015 13:48:11 ] => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe C:\Windows\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1055516172-3465606866-4218568685-1001 3094 bytes [ 12-2-2015 09:27:57 ] => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1055516172-3465606866-4218568685-1001 3598 bytes [ 9-2-2015 22:26:04 ] C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements 2990 bytes [ 8-3-2014 04:50:29 ] => "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" C:\Windows\system32\Tasks\USER_ESRV_SVC 3160 bytes [ 8-3-2014 05:38:20 ] => "C:\Windows\System32\Wscript.exe" C:\Windows\system32\Tasks\User_Feed_Synchronization-{C53C57B3-911D-407B-822F-4FE059699A5F} 3954 bytes [ 10-2-2015 09:09:50 ] => C:\Windows\system32\msfeedssync.exe ==================== Job tasks at C:\Windows\SysWOW64\Tasks ==================== There are no .job files found. ==================== End scanning at vr 20 feb 2015 16:41 (0 Min 19 Sec ) ======