sjonpol
-
Items
13 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door sjonpol
-
-
Beste,
mijn ouders krijgen sinds vandaag volgende melding:wlmail.exe - toegangspunt niet gevonden
Kan toegangspunt van procedure__crtCreateSymbolicLinkW niet vinden in DLL-bestand C:\Program Files(x86)\SubTap\MSVCP110.dll.
Kan je mij zo snel mogelijk helpen zodat mijn ouders terug via live ail hun berichten kunnen bekijken.
MVG,
Kristof
Je kan mij via mail e-mailadres verwijderd bereiken
-
Beste,
heel bedankt, m'n mappen zijn terug zichtbaar geworden.
Veel dank aan jou en Kape voor de snelle hulp.
Nu ik hier toch beig ben met alles op te schonen. Ik heb wel gezien dat m'n Microsoft security essentials nog steeds dagelijks dezelfde wormen verwijderd. Is het dan zo dat ze niet helemaal weg te krijgen zijn, of is er een beter methode om dit opgelost te krijgen?
Het gaat over Win32/Dorkbot!lnk en Win32/Dorkbot.A.
Nog een laatste vraag, is Microsoft sec. ess. wel een goede anti-virus en indien niet heb jij een goed (liefst gratis) alternatief, en heb je een voorstel voor anti-spyware?
In elk geval, nogmaals veel dank aan jou en Kape.
Jullie hebben me snel en goed geholpen. Jullie forum is een echte aanrader.
MVG,
Kristof
-
Beste,
ik heb je het logje per mail doorgestuurd, maar ik zie nu wel de snelkoppelingen op m'n hdd's terug. Wel met een icoontje alsof ze niet herkend worden door een programma op m'n PC. Dit is misschien wel reeds een stap in de goede richting, want tervoren kon ik enkel die mappen zien door het pad in te geven in de balk bovenaan.
Hopelijk komt het allemaal nog snor.
MVG,
Kristof
-
Beste,
ik zie geen verschil met de vorige toestand van de harde schijven, de mappen zijn nog steeds onzichtbaar en die recycler en autorin staat er nog steeds.
MVG,
Kristof
-
Beste,
ik probeer al 4x om de log door te sturen, maar of de log is te groot, of er scheelt iets anders.
Er verschijnt steeds iets dat het te lang duurt en meer dan 30 sec.
Is er een andere manier om de log door te sturen?
MVG,
Kristof
-
Beste,
ik heb gisteren 3 keer de eset online scan gestart in veilige modus, maar hij bleef telkens op 55% hangen.
Er kwam geen foutmelding en de verstreken scantijd bleef wel doorlopen, maar voor de rest gebeurde er niets meer.
Kan ik hier iets aan doen, of is er een alternatief voor deze scan, die ik misschien wel kan proberen?
MVG,
Kristof
-
Beste,
hier nog het mbam logje van een andere externe hdd:
Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Databaseversie: 8249
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
27/11/2011 14:40:37
mbam-log-2011-11-27 (14-40-37).txt
Scantype: Volledige scan (I:\|)
Objecten gescand: 217878
Verstreken tijd: 2 uur/uren, 46 minuut/minuten, 7 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 4
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
i:\copy oude hdd laptop\mijn documenten\bittorent\vmware6keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.
i:\copy oude hdd laptop\mijn documenten\prog setups\vmware\vmware workstation v5.0.0.13124 keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.
i:\Progs\acdsee.v9.0.108.photo.manager.incl.keymaker-core\KEY.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
i:\system volume information\_restore{78788bed-f6fe-4f6f-aafe-fdb5e070a426}\RP615\A0051449.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Verder moet ik zeggen dat bij mij de link van die ESET online scanner niet werkt. Moet ik die dan uitvoeren in veilige modus?
En als dat het geval is, hoe kan ik dan het best mijn logje bewaren om nadien naar jou toe te kunnen sturen?
MVG,
K
-
Beste,
de situatie op de externe hdd en usb-sticks is op 't eerste zicht dezelfde gebleven. Op elk apparaat staat zeker een recycler map en een autorun. Sommige hebben ook nog een system volume information bestand. Wat wel is, alle recycler bestanden zijn dezelfde dacht ik.
In die map zit steeds een 470a1245.exe en een desktop.ini bestand.
De mbam scan voor de andere hdd is nog steeds aan 't lopen.
MVG,
K
-
Beste,
de scan met mbam voor die andere hdd is bezig, maar mag ik controleren op de andere hdd of usb-sticks of er wat veranderd is?
't is immers zo dat ik dacht dat telkens wanneer ik een nieuw usb toestel voor massaopslag aansloot het virus dat usn-ammaraat infecteerde.
Indien ik toch die apparaten mag controleren zeg het me.
MVG,
K
-
't heeft wat geduurd eer ik kon verder doen. Hier volgen de 2 logjes. Ik wou wel nog vragen of het zin heeft om mbam nog eens opnieuw uit te voeren met een externe usb hdd erop aangesloten, omdat ik die bij vorige scan niet kon gebruiken?
Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Databaseversie: 8249
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
27/11/2011 9:24:07
mbam-log-2011-11-27 (09-24-07).txt
Scantype: Volledige scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Objecten gescand: 361861
Verstreken tijd: 8 uur/uren, 41 minuut/minuten, 21 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 4
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
c:\documents and settings\Kristof\mijn documenten\bittorent\vmware6keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.
c:\documents and settings\Kristof\mijn documenten\prog setups\vmware\vmware workstation v5.0.0.13124 keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings\Kristof\application data\469.tmp.vir (Trojan.Passwords.H) -> Quarantined and deleted successfully.
h:\mijn documenten\prog setups\vmware\vmware workstation v5.0.0.13124 keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:01:19, on 27/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [spotify] "C:\Documents and Settings\Kristof\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B2245DA-D3E3-46B4-A196-78FA4C899FC7}: NameServer = 83.217.75.130,217.22.50.3
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 11076 bytes
MVG,
K
-
Beste,
alvast bedankt voor de snelle reactie, hier volgt het logje
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:15:02, on 26/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll
O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [spotify] "C:\Documents and Settings\Kristof\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B2245DA-D3E3-46B4-A196-78FA4C899FC7}: NameServer = 83.217.75.130,217.22.50.3
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 11842 bytes
-
Beste,
ik ga al beginnen met met te excuseren voor als er iets op een verkeerde plaats gepost word, maar dit is hier de eerste keer.
Mijn probleem:
ik krijg meldingen van microsoft security essentials nl met dotkbot!lnk en dorkbot.A
de anti-virus beweert telkens dat de worm verwijderd is, maar toch komt die steeds terug. Om echt met m'n pc te werken of surfen vormt er zich niet direkt een probleem. Het grootste probleem is dat de externe hdd's die ik bezit en er op aansluit blijkbaar ook geïnfecteerd raken. Eerst werden al m'n mappen snelkoppelingen, maar toen kon ik op die manier nog aan al m'n bestanden. Nu is het nog wat erger geworden en vind ik enkel nog een recycler map en eventueel een andere map, maar ik kan daar niets meer in terugvinden.
Kan iemand mij helpen? Ik wou proberen om een lege usb-stick aan te sluiten op m'n pc, ook daar kwamen direct zo'n recycler map en een autorun.inf map.
Indien jullie meer info nodig hebben om me te helpen laat gerust weten.
MVG,
Kristof
windows live mail
in Archief E-mailprogramma's
Geplaatst:
Beste,
alvast bedankt voor je reactie. Ik moet wel zeggen dat ik de mail terug goed gekregen heb. Voor alle zekerheid volgt hier de log file zoals gevraagd.
Logfile of random's system information tool 1.10 (written by random/random)
Run by frqncine at 2014-11-17 21:35:23
Microsoft Windows 8.1
System drive C: has 251 GB (88%) free of 286 GB
Total RAM: 3982 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:30, on 17-11-2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\frqncine.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://myhome.vi-view.com/web/?type=ds&ts=1416251497&from=cor&uid=HGSTXHTS541075A9E680_JD12001W107HAA107HAAX&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://myhome.vi-view.com/web/?type=ds&ts=1416251497&from=cor&uid=HGSTXHTS541075A9E680_JD12001W107HAA107HAAX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MaintainerSvc4.00.5030318 - Unknown owner - C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7626 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
"C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
KBFiltr.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\SupTab\HpUI.exe" -run
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\SupTab\Loader64.exe"
"C:\Program Files (x86)\SupTab\Loader32.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Windows Live\Mail\wlmail.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3996.0.146188614\757692167" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/None/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/DevHQPExperimentsControlR2/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3:LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-ApplicationUDPSendSocketSize/Default/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="3996.2.968625214\650139856" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/None/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/DevHQPExperimentsControlR2/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3:LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-ApplicationUDPSendSocketSize/Default/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="3996.4.1134025934\525714653" /prefetch:673131151
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Windows\system32\FBAgent.exe"
dashost.exe {9db99f1d-bdf2-45b6-b67d3ebedafd7d87}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3996.5.1196779212\479618786" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/None/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/DevHQPExperimentsControlR2/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/cd=3:LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-ApplicationUDPSendSocketSize/Default/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="3996.8.717640852\1803233592" /prefetch:673131151
"C:\Program Files\WindowsApps\Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe\Map.exe" -ServerName:AppexMaps.AppXx8y9crt3hzfbmxxth4eth2nn11ahfpfx.mca
"C:\Users\frqncine\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c#
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04 40336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-04-26 3187360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]
c:\windows\temp\DisableS3S464\sethigh.cmd []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcpltui_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-12 13263072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-17 21:35:23 ----D---- C:\rsit
2014-11-17 21:35:23 ----D---- C:\Program Files\trend micro
2014-11-17 21:27:15 ----D---- C:\Program Files (x86)\deal2dealit
2014-11-17 21:24:39 ----D---- C:\ProgramData\374311380
2014-11-17 21:08:14 ----D---- C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009
2014-11-17 20:59:57 ----D---- C:\ProgramData\ChampionDeals
2014-11-17 20:58:55 ----D---- C:\ProgramData\deal2dealit
2014-11-17 20:58:37 ----D---- C:\ProgramData\f25cb3e6521ce1d6
2014-11-17 20:58:10 ----D---- C:\Users\frqncine\AppData\Roaming\ParetoLogic
2014-11-17 20:58:10 ----D---- C:\Users\frqncine\AppData\Roaming\DriverCure
2014-11-17 20:58:00 ----D---- C:\ProgramData\ParetoLogic
2014-11-17 20:26:25 ----D---- C:\Users\frqncine\AppData\Roaming\IsolatedStorage
2014-11-17 20:26:25 ----D---- C:\ProgramData\IsolatedStorage
2014-11-17 20:25:40 ----D---- C:\Users\frqncine\AppData\Roaming\Solvusoft
2014-11-17 20:24:54 ----D---- C:\Spacekace
2014-11-17 20:21:26 ----A---- C:\WINDOWS\system32\drivers\{55bbc577-fb0b-4e77-8a51-e033716a9ead}w64.sys
2014-11-17 20:12:57 ----D---- C:\ProgramData\IePluginServices
2014-11-17 20:12:43 ----D---- C:\Program Files (x86)\SupTab
2014-11-17 20:12:28 ----D---- C:\ProgramData\WindowsMangerProtect
2014-11-17 20:11:18 ----D---- C:\Program Files (x86)\Optimizer Pro
2014-11-12 08:19:28 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-11-12 08:19:28 ----A---- C:\WINDOWS\system32\schannel.dll
2014-11-12 08:19:28 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2014-11-12 08:19:27 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2014-11-12 08:19:27 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-11-12 08:19:03 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-11-12 08:19:03 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-11-12 08:19:03 ----A---- C:\WINDOWS\system32\certcli.dll
2014-11-12 08:19:02 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-11-12 08:19:02 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-11-12 08:19:02 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2014-11-12 08:19:02 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2014-11-12 08:19:02 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-11-12 08:19:02 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-11-12 08:19:02 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-11-12 08:19:01 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2014-11-12 08:19:01 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-11-12 08:19:01 ----A---- C:\WINDOWS\system32\msaudite.dll
2014-11-12 08:18:10 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-11-12 08:18:09 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2014-11-12 08:18:08 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-11-12 08:18:08 ----A---- C:\WINDOWS\system32\msi.dll
2014-11-12 08:18:07 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-11-12 08:18:07 ----A---- C:\WINDOWS\system32\authui.dll
2014-11-12 08:18:06 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-11-12 08:18:06 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-11-12 08:18:06 ----A---- C:\WINDOWS\system32\consent.exe
2014-11-12 08:18:06 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-11-12 08:18:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-11-12 08:18:00 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-11-12 08:18:00 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-12 08:18:00 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-11-12 08:18:00 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-11-12 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-11-12 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-11-12 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-11-12 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wups2.dll
2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wups.dll
2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-11-12 08:17:59 ----A---- C:\WINDOWS\system32\wuaext.dll
2014-11-12 08:17:16 ----A---- C:\WINDOWS\system32\user32.dll
2014-11-12 08:17:15 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2014-11-12 08:17:14 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-11-12 08:17:14 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-11-12 08:17:13 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-11-12 08:17:12 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2014-11-12 08:17:12 ----A---- C:\WINDOWS\system32\winshfhc.dll
2014-11-12 08:16:36 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-11-12 08:16:26 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-11-12 08:15:19 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-11-12 08:15:08 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-11-12 08:14:55 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-11-12 08:14:50 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-11-12 08:14:47 ----A---- C:\WINDOWS\system32\wininet.dll
2014-11-12 08:14:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-11-12 08:14:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-11-12 08:14:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-11-12 08:14:45 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-11-12 08:14:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2014-11-12 08:14:44 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-11-12 08:14:43 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2014-11-12 08:14:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-11-12 08:14:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-11-12 08:14:42 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-11-12 08:14:42 ----A---- C:\WINDOWS\system32\jscript.dll
2014-11-12 08:14:41 ----A---- C:\WINDOWS\system32\ieui.dll
2014-11-12 08:14:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-11-12 08:14:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-11-12 08:14:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-11-12 08:14:38 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-11-12 08:14:38 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2014-11-12 08:14:38 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-11-12 08:14:37 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-11-12 08:14:37 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-11-12 08:14:37 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-11-12 08:14:37 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-11-12 08:14:37 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-11-12 08:14:36 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2014-11-12 08:14:36 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-11-12 08:14:36 ----A---- C:\WINDOWS\system32\webcheck.dll
2014-11-12 08:14:36 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-12 08:14:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-11-12 08:14:35 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-11-12 08:14:35 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2014-11-12 08:14:35 ----A---- C:\WINDOWS\system32\msrating.dll
2014-11-12 08:14:35 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-11-12 08:14:35 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-11-12 08:14:35 ----A---- C:\WINDOWS\system32\hlink.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\inseng.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-11-12 08:14:34 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\pngfilt.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\occache.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\imgutil.dll
2014-11-12 08:14:33 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-11-12 08:14:32 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2014-11-12 08:14:32 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2014-11-12 08:14:32 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2014-11-12 08:14:32 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\wextract.exe
2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\url.dll
2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\mshta.exe
2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\iexpress.exe
2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-11-12 08:14:32 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2014-11-12 08:14:14 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-11-12 08:14:14 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-11-12 08:14:12 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-11-12 08:14:12 ----A---- C:\WINDOWS\system32\packager.dll
2014-11-12 08:14:11 ----A---- C:\WINDOWS\system32\win32k.sys
2014-11-12 08:14:09 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-11-12 08:14:09 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-12 08:14:09 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-11-12 08:14:08 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-11-12 08:14:08 ----A---- C:\WINDOWS\system32\EncDump.dll
2014-11-12 08:14:02 ----A---- C:\WINDOWS\system32\shell32.dll
2014-11-12 08:14:01 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-11-12 08:14:00 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-11-12 08:13:58 ----A---- C:\WINDOWS\system32\twinui.dll
2014-11-12 08:13:58 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-12 08:13:57 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-12 08:13:57 ----A---- C:\WINDOWS\system32\localspl.dll
2014-11-12 08:13:57 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-11-12 08:13:56 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-11-12 08:13:56 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-12 08:13:55 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-11-12 08:13:54 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-11-12 08:13:54 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-11-12 08:13:53 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-11-12 08:13:53 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-11-12 08:13:52 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-11-12 08:13:52 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-11-12 08:13:52 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-11-12 08:13:52 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-11-12 08:13:52 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-11-12 08:13:51 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-11-12 08:13:51 ----A---- C:\WINDOWS\system32\untfs.dll
2014-11-12 08:13:51 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-12 08:13:50 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-11-12 08:13:50 ----A---- C:\WINDOWS\system32\FXSAPI.dll
======List of files/folders modified in the last 1 month======
2014-11-17 21:35:23 ----RD---- C:\Program Files
2014-11-17 21:30:40 ----D---- C:\WINDOWS\Prefetch
2014-11-17 21:29:35 ----D---- C:\WINDOWS\Temp
2014-11-17 21:27:33 ----SHD---- C:\WINDOWS\Installer
2014-11-17 21:27:24 ----D---- C:\WINDOWS\system32\config
2014-11-17 21:27:15 ----RD---- C:\Program Files (x86)
2014-11-17 21:27:08 ----HD---- C:\ProgramData
2014-11-17 21:26:43 ----D---- C:\WINDOWS\system32\Tasks
2014-11-17 21:26:42 ----D---- C:\WINDOWS\Tasks
2014-11-17 21:26:40 ----D---- C:\Program Files (x86)\Common Files
2014-11-17 21:24:06 ----SHD---- C:\System Volume Information
2014-11-17 21:01:39 ----D---- C:\WINDOWS\system32\sru
2014-11-17 20:39:35 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-11-17 20:38:13 ----A---- C:\WINDOWS\win.ini
2014-11-17 20:37:25 ----D---- C:\Windows
2014-11-17 20:31:20 ----D---- C:\WINDOWS\Inf
2014-11-17 20:31:20 ----D---- C:\WINDOWS\debug
2014-11-17 20:21:26 ----D---- C:\WINDOWS\system32\drivers
2014-11-17 20:03:24 ----D---- C:\WINDOWS\WinSxS
2014-11-17 20:02:12 ----D---- C:\WINDOWS\Resources
2014-11-17 08:55:58 ----D---- C:\WINDOWS\Microsoft.NET
2014-11-13 15:06:48 ----HD---- C:\Program Files\WindowsApps
2014-11-13 15:06:48 ----D---- C:\WINDOWS\AppReadiness
2014-11-13 09:22:47 ----D---- C:\WINDOWS\rescache
2014-11-13 09:03:57 ----RSD---- C:\WINDOWS\assembly
2014-11-13 09:03:52 ----D---- C:\WINDOWS\system32\DriverStore
2014-11-13 08:26:40 ----D---- C:\WINDOWS\SysWOW64
2014-11-12 20:43:10 ----RD---- C:\WINDOWS\System32
2014-11-12 20:43:09 ----RD---- C:\WINDOWS\ToastData
2014-11-12 20:43:08 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-11-12 20:43:08 ----D---- C:\WINDOWS\apppatch
2014-11-12 20:43:06 ----D---- C:\Program Files\Windows Defender
2014-11-12 20:43:06 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-12 20:43:04 ----D---- C:\WINDOWS\system32\wbem
2014-11-12 20:43:02 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2014-11-12 20:43:02 ----D---- C:\WINDOWS\system32\nl-NL
2014-11-12 20:43:00 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-11-12 20:43:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-12 20:42:59 ----D---- C:\WINDOWS\system32\migration
2014-11-12 20:42:58 ----D---- C:\Program Files\Internet Explorer
2014-11-12 12:51:13 ----D---- C:\WINDOWS\CbsTemp
2014-11-12 12:45:53 ----D---- C:\WINDOWS\system32\MRT
2014-11-12 12:42:36 ----A---- C:\WINDOWS\system32\MRT.exe
2014-11-12 08:11:47 ----D---- C:\WINDOWS\system32\catroot2
2014-11-11 11:34:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-30 12:25:26 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2014-10-30 01:55:02 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-05-10 157016]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 ATP;@oem5.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-11-08 70928]
R3 HIDSwitch;@oem7.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-12-18 3262816]
R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-10-26 342528]
R3 iwdbus;@oem18.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 kbfiltr;@oem6.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS-minipoortstuurprogramma voor Qualcomm Atheros AR81xx PCI-E Ethernet-controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem14.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 netr28x;@oem4.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-11-02 2606768]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S1 MpKsl26590425;MpKsl26590425; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3E5C60F-4DBC-445A-9566-8DAE0F001D7A}\MpKsl26590425.sys []
S3 intaud_WaveExtensible;@oem17.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-22 39320]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;UMDF-reflectorservice voor LocationProvider; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-09-02 1282152]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-11-17 714208]
R2 MaintainerSvc4.00.5030318;MaintainerSvc4.00.5030318; C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe [2014-11-17 123632]
R3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-04-29 277120]
R3 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R3 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R3 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R3 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R3 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R3 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21 116648]
S3 cphs;Intel® Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21 116648]
-----------------EOF-----------------
Verder wou ik nog een vraag stellen: Nu blijkt op diezelfde pc steeds reclame te verschijnen telkens er in google iets wordt gezocht. Meestal is dit iets zoals aff.couploss.com...
MVG,
K