E-Peek v 1.9.9.0 © Emphyrio/Onsia Patrick 2013-2015 [url=http://www.antimalwarehelp.be/EDev/Tools/E-Peek/EPeekDL.html]E Dev[/url] Run at zo 1 mrt 2015 18:23 . Windows 8.1 Professional (64 bits) C:\Windows [NTFS - Fixed] Default Browser: Firefox 35.0.1 (x86 nl) Boot mode: Normal boot User logged in: Marijn . Java x86: 1.7.0_45 Java x64: 1.7.0_45 . AV : McAfee Antivirus en antispyware [Updated - Not Running] AV : Windows Defender [Updated - Not Running] AV : AVG AntiVirus 2015 [Updated - Not Running] AS : McAfee Antivirus en antispyware [Updated - Not Running] AS : Windows Defender [Updated - Not Running] AS : AVG AntiVirus 2015 [Updated - Not Running] FW : FW : McAfee Firewall [Updated - Running] . ==================== Files and Folders history ================================= Folders Created Last 7 days : 01-03-2015 ##### r-h-s-d+a- C:\ProgramData\Avg_Update_0215avt Files Modified Last 7 days : 01-03-2015 01823174 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI 01-03-2015 00806704 r-h-s-d-a+ C:\Windows\system32\perfh013.dat 01-03-2015 00722476 r-h-s-d-a+ C:\Windows\system32\perfh009.dat 01-03-2015 00162170 r-h-s-d-a+ C:\Windows\system32\perfc013.dat 01-03-2015 00135592 r-h-s-d-a+ C:\Windows\system32\perfc009.dat Files Created Last 7 days : ==================== RUNNING PROCESSES ========================================= [AppleMobileDeviceService] -SYSTEM- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - (Apple Inc.) [ApplePhotoStreams] -Marijn- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe - (Apple Inc.) [APSDaemon] -Marijn- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - (Apple Inc.) [armsvc] -SYSTEM- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated) [audiodg] -LOCAL SERVICE- C:\Windows\System32\audiodg.exe - (audiodg.exe) [avgui] -Marijn- C:\Program Files (x86)\AVG\AVG2015\avgui.exe - (AVG Technologies CZ, s.r.o.) [avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.) [BTHSAmpPalService] -SYSTEM- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe - (Intel Corporation) [BTHSSecurityMgr] -SYSTEM- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe - (Intel(R) Corporation) [conhost] -SYSTEM- C:\Windows\system32\conhost.exe - (Microsoft Corporation) [CSISYN~1] -Marijn- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE - (Microsoft Corporation) [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe) [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe) [ctfmon] -Marijn- C:\Windows\SysWOW64\ctfmon.exe - (Microsoft Corporation) [dasHost] -LOCAL SERVICE- C:\Windows\system32\dashost.exe - (Microsoft Corporation) [devmonsrv] -SYSTEM- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe - (Motorola Solutions, Inc.) [dllhost] -LOCAL SERVICE- C:\Windows\system32\DllHost.exe - (Microsoft Corporation) [dllhost] -LOCAL SERVICE- C:\Windows\SysWOW64\DllHost.exe - (Microsoft Corporation) [dllhost] -Marijn- C:\Windows\system32\DllHost.exe - (Microsoft Corporation) [dllhost] -SYSTEM- C:\Windows\system32\DllHost.exe - (Microsoft Corporation) [dwm] -DWM-3- C:\Windows\System32\dwm.exe - (Microsoft Corporation) [E-Peek 1.9.9.0] -Marijn- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.9.9.0.exe - (E Dev) [esrv_svc] -SYSTEM- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe - (Intel Corporation) [EvtEng] -SYSTEM- C:\Program Files\Intel\WiFi\bin\EvtEng.exe - (Intel(R) Corporation) [explorer] -Marijn- C:\Windows\Explorer.EXE - (Microsoft Corporation) [firefox] -Marijn- C:\Program Files (x86)\Mozilla Firefox\firefox.exe - (Mozilla Corporation) [GamesAppIntegrationService] -SYSTEM- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe - (WildTangent) [HeciServer] -SYSTEM- c:\Program Files\Intel\iCLS Client\HeciServer.exe - (Intel(R) Corporation) [hkcmd] -Marijn- C:\Windows\System32\hkcmd.exe - (Intel Corporation) [ibtrksrv] -SYSTEM- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe - (Intel Corporation) [iCloudDrive] -Marijn- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe - (Apple Inc.) [iCloudServices] -Marijn- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe - (Apple Inc.) [igfxpers] -Marijn- C:\Windows\System32\igfxpers.exe - (Intel Corporation) [igfxsrvc] -Marijn- C:\Windows\system32\igfxsrvc.exe - (Intel Corporation) [igfxtray] -Marijn- C:\Windows\System32\igfxtray.exe - (Intel Corporation) [IntelMeFWService] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe - (Intel Corporation) [iPodService] -SYSTEM- C:\Program Files\iPod\bin\iPodService.exe - (Apple Inc.) [iSCTAgent] -SYSTEM- c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe - () [iSCTsysTray8] -Marijn- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe - (Intel Corporation) [iTunesHelper] -Marijn- C:\Program Files\iTunes\iTunesHelper.exe - (Apple Inc.) [jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe - (Intel Corporation) [listener] -Marijn- C:\Program Files\Sony\VAIO Care\listener.exe - () [livecomm] -Marijn- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe - (Microsoft Corporation) [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation) [lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation) [mbamscheduler] -SYSTEM- C:\Users\Marijn\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe - () [mbamservice] -SYSTEM- C:\Users\Marijn\Desktop\Malwarebytes Anti-Malware\mbamservice.exe - () [McAPExe] -SYSTEM- C:\Program Files\McAfee\MSC\McAPExe.exe - (McAfee, Inc.) [mcsacore] -SYSTEM- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe - (McAfee, Inc.) [mcshield] -SYSTEM- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe - (McAfee, Inc.) [McSvHost] -SYSTEM- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe - (McAfee, Inc.) [McUICnt] -Marijn- C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe - (McAfee, Inc.) [mDNSResponder] -SYSTEM- C:\Program Files\Bonjour\mDNSResponder.exe - (Apple Inc.) [mfefire] -SYSTEM- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe - (McAfee, Inc.) [mfevtps] -SYSTEM- C:\Windows\system32\mfevtps.exe - (McAfee, Inc.) [MSOSYNC] -Marijn- C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe - (Microsoft Corporation) [NetworkClient] -Marijn- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE - (Sony Corporation) [obexsrv] -SYSTEM- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe - (Motorola Solutions, Inc.) [PhotoshopElementsFileAgent] -SYSTEM- c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe - (Adobe Systems Incorporated) [PMBDeviceInfoProvider] -SYSTEM- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe - (Sony Corporation) [PMBVolumeWatcher] -Marijn- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe - (Sony Corporation) [RAVBg64] -Marijn- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - (Realtek Semiconductor) [RegSrvc] -SYSTEM- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - (Intel(R) Corporation) [rundll32] -Marijn- C:\Windows\System32\rundll32.exe - (Microsoft Corporation) [rundll32] -SYSTEM- C:\Windows\system32\rundll32.exe - (Microsoft Corporation) [rundll32] -SYSTEM- C:\Windows\SysWOW64\rundll32.exe - (Microsoft Corporation) [RuntimeBroker] -Marijn- C:\Windows\System32\RuntimeBroker.exe - (Microsoft Corporation) [SearchFilterHost] -SYSTEM- C:\Windows\system32\SearchFilterHost.exe - (Microsoft Corporation) [SearchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation) [SearchProtocolHost] -SYSTEM- C:\Windows\system32\SearchProtocolHost.exe - (Microsoft Corporation) [services] -SYSTEM- C:\Windows\System32\services.exe - (services.exe) [SettingSyncHost] -Marijn- C:\Windows\System32\SettingSyncHost.exe - (Microsoft Corporation) [SkyDrive] -Marijn- C:\Windows\System32\skydrive.exe - (Microsoft Corporation) [smss] -SYSTEM- C:\Windows\System32\smss.exe - (smss.exe) [spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation) [spotify] -Marijn- C:\Users\Marijn\AppData\Roaming\Spotify\spotify.exe - (Spotify Ltd) [SpotifyHelper] -Marijn- C:\Users\Marijn\AppData\Roaming\Spotify\Data\SpotifyHelper.exe - () [SpotifyHelper] -Marijn- C:\Users\Marijn\AppData\Roaming\Spotify\Data\SpotifyHelper.exe - () [SpotifyHelper] -Marijn- C:\Users\Marijn\AppData\Roaming\Spotify\Data\SpotifyHelper.exe - () [SpotifyHelper] -Marijn- C:\Users\Marijn\AppData\Roaming\Spotify\Data\SpotifyHelper.exe - () [SpotifyWebHelper] -Marijn- C:\Users\Marijn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe - (Spotify Ltd) [SUSSoundProxy] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe - (Sony Corporation) [SynTPEnh] -Marijn- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - (Synaptics Incorporated) [SynTPHelper] -Marijn- C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE - (Synaptics Incorporated) [System] -N/A- - (System) [taskhostex] -Marijn- C:\Windows\system32\taskhostex.exe - (Microsoft Corporation) [unsecapp] -SYSTEM- C:\Windows\system32\wbem\unsecapp.exe - (Microsoft Corporation) [VAIO Clip] -Marijn- C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe - (Sony Corporation) [VAIOUpdt] -Marijn- C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe - (Sony Corporation) [VCAgent] -SYSTEM- C:\Program Files\Sony\VAIO Care\VCAgent.exe - (Sony Corporation) [VCPerfService] -SYSTEM- C:\Program Files\Sony\VAIO Care\VCPerfService.exe - (Intel Corporation) [VCService] -SYSTEM- C:\Program Files\Sony\VAIO Care\VCService.exe - (Sony Corporation) [VESMgr] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe - (Sony Corporation) [VESMgrSub] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe - (Sony Corporation) [VESMgrSub] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe - (Sony Corporation) [vim] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe - (Sony Corporation) [VUAgent] -SYSTEM- C:\Program Files\Sony\VAIO Update\VUAgent.exe - (Sony Corporation) [wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation) [winlogon] -SYSTEM- C:\Windows\System32\WinLogon.exe - (Microsoft Corporation) [wlanext] -SYSTEM- C:\Windows\system32\WLANExt.exe - (Microsoft Corporation) [WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [WmiPrvSE] -SYSTEM- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation) [WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation) [ZeroConfigService] -SYSTEM- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe - (Intel® Corporation) ==================== IE PAGES ================================================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main Start Page = about:blank Local Page = C:\Windows\SysWOW64\blank.htm Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} DisplayName = @ieframe.dll,-12512 URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==================== IE PAGES x64 ============================================== HKLM\Software\Microsoft\Internet Explorer\Main Start Page = about:blank Local Page = C:\Windows\System32\blank.htm Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\SearchScopes DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} DisplayName = @ieframe.dll,-12512 URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==================== Auto Load ================================================= HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = userinit.exe, Shell = explorer.exe ==================== Auto Load x64 ============================================= HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = C:\Windows\system32\userinit.exe, Shell = explorer.exe ==================== Firefox =================================================== FF - ProfilePath - C:\Users\Marijn\AppData\Roaming\Mozilla\firefox\Profiles\ooo1wrh2.default-1424354465315 FF - Ext: [Default 35.0.1 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} visible: True active: True FF - Ext: [McAfee SiteAdvisor 3.7.2 ] - extension - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} visible: True active: False FF - Ext: [iCloud Bookmarks 1.4.14 ] - extension - firefoxdav@icloud.com visible: True active: True FF - PlugIn: [Adobe® Flash® Player 16.0.0.305 Plugin] - C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll FF - PlugIn: [Java™ Deployment Toolkit] - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll FF - PlugIn: [Oracle® Java™ Plug-In] - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll FF - PlugIn: [McAfee Total Protection] - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ==================== Windows Host File ========================================= ==================== BHO ======================================================= HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Default = Lync Browser Helper => HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\InProcServer32 Default = C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Default = Java(tm) Plug-In SSV Helper => HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32 Default = C:\Program Files (x86)\Java\jre7\bin\ssv.dll {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Default = Microsoft SkyDrive Pro Browser Helper => HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\InProcServer32 Default = C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Default = Java(tm) Plug-In 2 SSV Helper => HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32 Default = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll ==================== BHO x64 =================================================== HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Default = Lync Browser Helper => HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\InProcServer32 Default = C:\Program Files\Microsoft Office\Office15\OCHelper.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Default = Java(tm) Plug-In SSV Helper => HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32 Default = C:\Program Files\Java\jre7\bin\ssv.dll {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Default = Microsoft SkyDrive Pro Browser Helper => HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\InProcServer32 Default = C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Default = Java(tm) Plug-In 2 SSV Helper => HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32 Default = C:\Program Files\Java\jre7\bin\jp2ssv.dll ==================== Auto Start Programs ======================================= HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run Adobe ARM = "c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY mcpltui_exe = "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey PMBVolumeWatcher = "C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run ApplePhotoStreams = C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe iCloudDrive = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe iCloudServices = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe Spotify = "C:\Users\Marijn\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart Spotify Web Helper = "C:\Users\Marijn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==================== Auto Start Programs x64 =================================== HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx AdobeAAMUpdater-1.0 = "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" BTMTrayAgent = rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HotKeysCmds = "C:\Windows\system32\hkcmd.exe" IgfxTray = "C:\Windows\system32\igfxtray.exe" iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" Persistence = "C:\Windows\system32\igfxpers.exe" RtHDVBg = "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved [2 = enabled 3= disabled] AdobeAAMUpdater-1.0 = 2 BTMTrayAgent = 2 HotKeysCmds = 2 IgfxTray = 2 Persistence = 2 RtHDVBg = 2 Adobe ARM = 2 mcpltui_exe = 2 PMBVolumeWatcher = 2 ISCTSystray.lnk = 2 HKCU\Software\Microsoft\Windows\CurrentVersion\Run ApplePhotoStreams = C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe iCloudDrive = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe iCloudServices = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe Spotify = "C:\Users\Marijn\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart Spotify Web Helper = "C:\Users\Marijn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk ==================== Extra Items IE ============================================ HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia HKCU\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\InProcServer32 => HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\InProcServer32 {B164E929-A1B6-4A06-B104-2CD0E90A88FF} = c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ==================== Extra Items IE x64 ======================================== HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia ==================== Internet Default Prefix =================================== HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix Default = http:// HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes WWW = http:// ==================== Internet Default Prefix x64 =============================== HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix Default = http:// HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes WWW = http:// ==================== Protocol Hijackers ======================================== HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\dssrequest CLSID = {5513F07E-936B-4E52-9B00-067394E91CC5} => SOFTWARE\Classes\\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\InProcServer32 @ Default = Unknown # c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll # MD5 [8b0c03962c3f938221ab850ddc9415e1] HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\osf CLSID = {D924BDC6-C83A-4BD5-90D0-095128A113D1} => SOFTWARE\Classes\\CLSID\{D924BDC6-C83A-4BD5-90D0-095128A113D1}\InProcServer32 @ Default = Unknown # C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL # MD5 [405251ed82d69e5893f1e7e923b7f38b] HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\sacore CLSID = {5513F07E-936B-4E52-9B00-067394E91CC5} => SOFTWARE\Classes\\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\InProcServer32 @ Default = Unknown # c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll # MD5 [8b0c03962c3f938221ab850ddc9415e1] HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\application/x-mfe-ipt CLSID = {3EF5086B-5478-4598-A054-786C45D75692} => SOFTWARE\Classes\\CLSID\{3EF5086B-5478-4598-A054-786C45D75692}\InProcServer32 @ Default = c:\PROGRA~2\mcafee\msc\mcsniepl.dll <= Unknown HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\text/xml CLSID = {807583E5-5146-11D5-A672-00B0D022E945} => SOFTWARE\Classes\\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL <= Unknown ==================== Protocol Hijackers x64 ==================================== HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest CLSID = {5513F07E-936B-4E52-9B00-067394E91CC5} => SOFTWARE\Classes\\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\InProcServer32 @ Default = Unknown # c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll # MD5 [b08b1cbe7e9d8d80d8d58cac36e4d19d] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\sacore CLSID = {5513F07E-936B-4E52-9B00-067394E91CC5} => SOFTWARE\Classes\\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\InProcServer32 @ Default = Unknown # c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll # MD5 [b08b1cbe7e9d8d80d8d58cac36e4d19d] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-mfe-ipt CLSID = {3EF5086B-5478-4598-A054-786C45D75692} => SOFTWARE\Classes\\CLSID\{3EF5086B-5478-4598-A054-786C45D75692}\InProcServer32 @ Default = c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL <= Unknown HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml CLSID = {807583E5-5146-11D5-A672-00B0D022E945} => SOFTWARE\Classes\\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL <= Unknown ==================== ShellServiceObjectDelayLoad =============================== HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present] ==================== ShellServiceObjectDelayLoad x64 ========================= HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present] ==================== Extra (Torpig/ConduitSearch) ============================== HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ Default = {217FC9C0-3AEA-1069-A2DB-08002B30309D} => HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32 @ Default = C:\Windows\system32\shell32.dll HKCR\Directory\shellex\CopyHookHandlers\Sharing @ Default = {40dd6e20-7c17-11ce-a804-00aa003ca9f6} => HKCR\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32 @ Default = C:\Windows\system32\ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [AdobeActiveFileMonitor12.0] - Adobe Active File Monitor V12 - c:\program files (x86)\adobe\elements 12 organizer\photoshopelementsfileagent.exe SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe SERV - R2 - [AMPPALR3] - Intel® Centrino® Wireless Bluetooth® + High Speed Service - c:\program files\intel\bluetoothhs\bthsamppalservice.exe SERV - R2 - [Apple Mobile Device Service] - Apple Mobile Device Service - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe SERV - R2 - [Bluetooth Device Monitor] - Bluetooth Device Monitor - c:\program files (x86)\intel\bluetooth\devmonsrv.exe SERV - R2 - [Bluetooth OBEX Service] - Bluetooth OBEX Service - c:\program files (x86)\intel\bluetooth\obexsrv.exe SERV - R2 - [Bonjour Service] - Bonjour-service - c:\program files\bonjour\mdnsresponder.exe SERV - R2 - [BTHSSecurityMgr] - Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service - c:\program files\intel\bluetoothhs\bthssecuritymgr.exe SERV - R2 - [EvtEng] - Intel(R) PROSet/Wireless Event Log - c:\program files\intel\wifi\bin\evteng.exe SERV - R2 - [GamesAppIntegrationService] - GamesAppIntegrationService - c:\program files (x86)\wildtangent games\app\gamesappintegrationservice.exe SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe SERV - R2 - [Intel(R) ME Service] - Intel(R) ME Service - c:\program files (x86)\intel\intel(r) management engine components\fwservice\intelmefwservice.exe SERV - R2 - [Intel(R) Wireless Bluetooth(R) 4.0 Radio Management] - Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - c:\program files (x86)\intel\bluetooth\ibtrksrv.exe SERV - R2 - [ISCTAgent] - Intel(R) Smart Connect Technology Agent - c:\program files\intel\intel(r) smart connect technology agent\isctagent.exe SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe SERV - R2 - [MBAMScheduler] - MBAMScheduler - c:\users\marijn\desktop\malwarebytes anti-malware\mbamscheduler.exe [x] SERV - R2 - [MBAMService] - MBAMService - c:\users\marijn\desktop\malwarebytes anti-malware\mbamservice.exe [x] SERV - R2 - [McAfee SiteAdvisor Service] - McAfee SiteAdvisor Service - c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe SERV - R2 - [McAPExe] - McAfee AP Service - c:\program files\mcafee\msc\mcapexe.exe SERV - R2 - [mfecore] - McAfee Anti-Malware Core - c:\program files\common files\mcafee\amcore\mcshield.exe SERV - R2 - [mfefire] - McAfee Firewall Core Service - c:\program files\common files\mcafee\systemcore\\mfefire.exe SERV - R2 - [mfevtp] - McAfee Validation Trust Protection Service - c:\windows\system32\mfevtps.exe SERV - R2 - [PMBDeviceInfoProvider] - PMBDeviceInfoProvider - c:\program files (x86)\sony\playmemories home\pmbdeviceinfoprovider.exe SERV - R2 - [RegSrvc] - Intel(R) PROSet/Wireless Registry Service - c:\program files\common files\intel\wirelesscommon\regsrvc.exe SERV - R2 - [SampleCollector] - Intel(R) System Behavior Tracker Collector Service - c:\program files\sony\vaio care\vcperfservice.exe SERV - R2 - [VAIO Event Service] - VAIO Event Service - c:\program files (x86)\sony\vaio control center\vesmgr.exe SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R2 - [ZeroConfigService] - Intel(R) PROSet/Wireless Zero Configuration Service - c:\program files\intel\wifi\bin\zeroconfigservice.exe SERV - R3 - [iPod Service] - iPod-service - c:\program files\ipod\bin\ipodservice.exe SERV - R3 - [VCService] - VCService - c:\program files\sony\vaio care\vcservice.exe SERV - R3 - [VUAgent] - VUAgent - c:\program files\sony\vaio update\vuagent.exe SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe SERV - S3 - [GamesAppService] - GamesAppService - c:\program files (x86)\wildtangent games\app\gamesappservice.exe SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe SERV - S3 - [McAWFwk] - McAfee Activation Service - c:\progra~1\common~1\mcafee\actwiz\mcawfwk.exe SERV - S3 - [McComponentHostServiceSony] - McAfee Security Scan Component Host Service for Sony - c:\program files (x86)\sony\mss\3.0.318\mcchsvc.exe SERV - S3 - [McODS] - McAfee Scanner - c:\program files\mcafee\virusscan\mcods.exe SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - S3 - [MyWiFiDHCPDNS] - Wireless PAN DHCP Server - c:\program files\intel\wifi\bin\pandhcpdns.exe SERV - S3 - [NetworkSupport] - NetworkSupport - c:\program files (x86)\sony\vaio control center\networksetting\networksupport.exe SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [SOHCImp] - VAIO Content Importer - c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe SERV - S3 - [SOHDms] - Sony Digital Media Server - c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe SERV - S3 - [SOHDs] - Sony Device Searcher - c:\program files (x86)\common files\sony shared\sohlib\sohds.exe SERV - S3 - [SpfService] - VAIO Entertainment Common Service - c:\program files\common files\sony shared\vaio entertainment platform\spf\spfservice64.exe SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [USER_ESRV_SVC] - User Energy Server Service - c:\program files\sony\vaio care\esrv\esrv_svc.exe SERV - S3 - [VCFw] - VAIO Content Folder Watcher - c:\program files (x86)\common files\sony shared\vaio content folder watcher\vcfw.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe *** Win32ShareProcess *** SERV - R2 - [HomeNetSvc] - McAfee Home Network - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [McMPFSvc] - McAfee Personal Firewall Service - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [McNaiAnn] - McAfee VirusScan Announcer - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [McOobeSv2] - McAfee OOBE Service2 - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [mcpltsvc] - McAfee Platform Services - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [McProxy] - McAfee Proxy Service - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [MSK80Service] - McAfee Anti-Spam Service - c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - R3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\Windows\system32\Drivers\AVGIDSHA.sys DRV - R0 - [Avgloga] - AVG Logging Driver - C:\Windows\system32\Drivers\Avgloga.sys DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx64.sys DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx64.sys DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\Windows\system32\Drivers\Wof.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\disk.sys DRV - R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys DRV - R0 - [iaStorA] - iaStorA - C:\Windows\system32\Drivers\iaStorA.sys DRV - R0 - [IntelHSWPcc] - IntelHSWPcc - C:\Windows\system32\Drivers\IntelHSWPcc.sys [x] DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\Windows\system32\Drivers\intelpep.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys DRV - R0 - [mfehidk] - McAfee Inc. mfehidk - C:\Windows\system32\Drivers\mfehidk.sys DRV - R0 - [mfewfpk] - McAfee Inc. mfewfpk - C:\Windows\system32\Drivers\mfewfpk.sys DRV - R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys DRV - R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys DRV - R0 - [PxHlpa64] - PxHlpa64 - C:\Windows\system32\Drivers\PxHlpa64.sys DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\Windows\system32\Drivers\spaceport.sys DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\Windows\system32\Drivers\vdrvroot.sys DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\Windows\system32\Drivers\WFPLWFS.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys DRV - S0 - [Avgboota] - AVG Early Launch Anti-Malware Driver - C:\Windows\system32\Drivers\Avgboota.sys DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys DRV - S0 - [mfeelamk] - McAfee Inc. mfeelamk - C:\Windows\system32\Drivers\mfeelamk.sys DRV - S3 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys ==================== SvcHost - White Listed ==================================== WOW x64 - All Ok ==================== SvcHost x64 - White Listed ================================ All Ok ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== SigCheck x64 Fast ========================================= Fast Scan All ok ==================== Job tasks at C:\Windows\Tasks ============================= C:\Windows\Tasks\0215avtUpdateInfo.job 348 bytes [ 1-3-2015 11:40:00 ] C:\Windows\Tasks\Adobe Flash Player Updater.job 940 bytes [ 10-2-2015 09:46:50 ] C:\Windows\Tasks\SA.DAT 6 bytes [ 20-2-2015 17:52:14 ] ==================== Job tasks at C:\Windows\system32\Tasks ==================== C:\Windows\system32\Tasks\Adobe Flash Player Updater 3828 bytes [ 10-2-2015 09:46:50 ] => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\system32\Tasks\Apple Diagnostics 3418 bytes [ 20-2-2015 21:54:45 ] => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for MARIJN-Marijn Marijn 5042 bytes [ 14-2-2015 13:48:11 ] => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe C:\Windows\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1055516172-3465606866-4218568685-1001 3094 bytes [ 12-2-2015 09:27:57 ] => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1055516172-3465606866-4218568685-1001 3598 bytes [ 9-2-2015 22:26:04 ] C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements 2990 bytes [ 8-3-2014 04:50:29 ] => "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" C:\Windows\system32\Tasks\USER_ESRV_SVC 3160 bytes [ 8-3-2014 05:38:20 ] => "C:\Windows\System32\Wscript.exe" C:\Windows\system32\Tasks\User_Feed_Synchronization-{C53C57B3-911D-407B-822F-4FE059699A5F} 3954 bytes [ 10-2-2015 09:09:50 ] => C:\Windows\system32\msfeedssync.exe ==================== Job tasks at C:\Windows\SysWOW64\Tasks ==================== There are no .job files found. ==================== End scanning at zo 1 mrt 2015 18:23 (0 Min 28 Sec ) =======