Scweez
-
Items
69 -
Registratiedatum
-
Laatst bezocht
Scweez's prestaties
-
Ja ik heb 2 geheugenstickjes gekocht. Ik ga er mij komend weekend mee bezighouden. Bedankt voor de hulp
-
De gevolgde stappen in jouw link verwijzen mij naar de herstelpunten. Ik vind geen instelling die automatische back-ups uitschakelt. Ik heb nog geen kopie gemaakt naar een gegevensdrager, misschien een ideetje voor de toekomst. Maar mijn C-schijf heeft een capaciteit van +/- 51 GB. Daarvan zijn 18 GB foto's en documenten. Door wat wordt de rest gebruikt? Het besturingssysteem en de weinige programma's die ik heb zouden dan 30 GB in beslag nemen. Vind ik vreemd. Maar ik zal dan wel foto's overzetten naar een USB-stickje. Bedankt.
-
Ik heb jouw link gezien, zo heb ik de herstelpunten verwijderd behalve de meest recente. Op mijn C-schijf staan enkel foto's en documenten van in totaal 19 GB. Ik heb geen muziek of films.
-
Ik zie enkel in het back-upcentrum dat Windows automatisch herstelpunten aanmaakt en opslaat op de C-schijf. Neemt dit zoveel ruimte in beslag? En hoe kan ik dit verwijderen? Edit: Ik heb het inmiddels gevonden via Schijfopruiming. Nu heb ik 3 GB vrije ruimte wat nog altijd veel te weinig is.
-
Ik heb CCleaner meermaals laten analyseren en schoonmaken maar nog niet meer schijfruimte, integendeel...
-
Snelheid is in orde. Maar wat kan ik doen aan mijn schijfruimte? Nu heb ik ineens nog maar 1,5 GB over en er is helemaal niets geïnstalleerd. Ik heb een screenshot toegevoegd in bijlage.
-
In bijlage het logbestand van AdwCleaner. Wat ik raar vind is dat ik maar 2 GB schijfruimte over heb op mijn C-schijf terwijl ik maar 18 GB aan foto"s heb en voor de rest geen zware programma's heb geïnstalleerd. AdwCleanerS0.txt
-
Bedankt voor de reactie. In bijlage het log-bestandje. zoek-results.log
-
Hallo Kan iemand mij helpen met opschonen van deze laptop? Sinds kort laden de internetpagina's heel traag etc. Ik heb een HJT-logje gemaakt: Logfile of random's system information tool 1.10 (written by random/random) Run by Mark at 2014-12-26 12:14:03 Microsoft® Windows Vista™ Home Premium System drive C: has 623 MB (1%) free of 52 GB Total RAM: 1790 MB (31% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:14:07, on 26/12/2014 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16982) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Users\Mark\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Mark\Downloads\HijackThis.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Mark\Downloads\RSIT.exe C:\Program Files\trend micro\Mark.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/?a=19en4j0IgVN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: IncrediMail MediaBar Nederlands 2 Toolbar - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: IncrediMail MediaBar Nederlands 2 - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: IncrediMail MediaBar Nederlands 2 Toolbar - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9547 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95324e44-4b0a-47a9-8f77-9c6415e51c29}] IncrediMail MediaBar Nederlands 2 Toolbar - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll [2014-09-23 423744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-03 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-10 1001936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288] {95324e44-4b0a-47a9-8f77-9c6415e51c29} - IncrediMail MediaBar Nederlands 2 Toolbar - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll [2014-09-23 423744] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-03 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-07-27 1006264] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216] "eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-06-11 1286144] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048] "SetPanel"=C:\Acer\APanel\APanel.cmd [] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-08-15 772616] "PlayMovie"=C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2007-05-24 206952] "Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816] "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344] "PLFSetL"=C:\Windows\PLFSetL.exe [2007-07-05 94208] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-06-06 159744] "eRecoveryService"= [] "Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [] "MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-03 13556256] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-03 92704] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2012-06-29 1232896] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2012-07-04 366536] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-07-21 39408] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.mkdmp3enc"=C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2014-12-26 12:14:04 ----D---- C:\Program Files\trend micro 2014-12-26 12:14:03 ----D---- C:\rsit ======List of files/folders modified in the last 1 month====== 2014-12-26 12:14:06 ----D---- C:\Windows\Prefetch 2014-12-26 12:14:04 ----RD---- C:\Program Files 2014-12-26 12:13:56 ----D---- C:\Windows\Temp 2014-12-26 12:11:06 ----D---- C:\Windows\System32 2014-12-26 12:11:06 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-12-26 12:11:05 ----D---- C:\Windows\inf 2014-12-25 12:15:09 ----SHD---- C:\System Volume Information 2014-12-10 19:39:09 ----SHD---- C:\Windows\Installer 2014-12-10 19:39:04 ----D---- C:\ProgramData\Microsoft Help 2014-12-10 19:22:28 ----D---- C:\Windows\system32\MRT 2014-12-10 19:21:42 ----A---- C:\Windows\system32\mrt.exe 2014-12-10 19:19:23 ----D---- C:\Windows\system32\catroot2 2014-12-10 19:11:14 ----A---- C:\Windows\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800] R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 20776] R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16680] R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 60712] R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 13560] R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-05-17 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-05-17 8192] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-14 154624] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-06-18 737280] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-05-16 32256] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-05-17 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-05-17 207360] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-18 1841312] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-07-27 6144] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-07-16 1062304] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-03 7606688] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-05-17 12032] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-07-27 82432] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-08-02 1749376] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-05-17 659968] S1 MpKsl078a845b;MpKsl078a845b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{871E2A72-64E6-4878-9405-A533E77D5963}\MpKsl078a845b.sys [] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560] S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512] R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-04-23 24576] R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 135168] R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248] R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 24576] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-03 203296] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-23 266343] R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-14 167936] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-05-17 386560] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27 107912] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27 107912] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-01 194032] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- Alvast bedankt en prettige feesten!
-
======List of files/folders created in the last 1 month====== 2013-10-16 13:08:33 ----A---- C:\Windows\system32\FNTCACHE.DAT 2013-10-14 18:26:33 ----D---- C:\rsit 2013-10-14 18:26:33 ----D---- C:\Program Files\trend micro 2013-10-13 11:15:27 ----SHD---- C:\Config.Msi 2013-10-13 11:11:27 ----A---- C:\Windows\system32\comctl32.dll 2013-10-13 11:11:26 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-13 11:11:20 ----A---- C:\Windows\system32\shell32.dll 2013-10-13 11:11:17 ----A---- C:\Windows\SYSWOW64\shell32.dll 2013-10-13 11:11:15 ----A---- C:\Windows\system32\twinui.dll 2013-10-13 11:11:14 ----A---- C:\Windows\SYSWOW64\twinui.dll 2013-10-13 11:11:14 ----A---- C:\Windows\SYSWOW64\msctf.dll 2013-10-13 11:11:14 ----A---- C:\Windows\system32\msctf.dll 2013-10-13 11:11:14 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-13 11:11:02 ----A---- C:\Windows\system32\SettingSync.dll 2013-10-13 11:11:02 ----A---- C:\Windows\system32\authui.dll 2013-10-13 11:11:01 ----A---- C:\Windows\SYSWOW64\SettingSync.dll 2013-10-13 11:11:01 ----A---- C:\Windows\SYSWOW64\mbsmsapi.dll 2013-10-13 11:11:01 ----A---- C:\Windows\SYSWOW64\authui.dll 2013-10-13 11:11:01 ----A---- C:\Windows\system32\shdocvw.dll 2013-10-13 11:11:01 ----A---- C:\Windows\system32\mbsmsapi.dll 2013-10-13 11:11:00 ----A---- C:\Windows\SYSWOW64\shdocvw.dll 2013-10-13 11:11:00 ----A---- C:\Windows\system32\SettingSyncInfo.dll 2013-10-13 11:10:52 ----A---- C:\Windows\SYSWOW64\wvc.dll 2013-10-13 11:10:52 ----A---- C:\Windows\SYSWOW64\wdc.dll 2013-10-13 11:10:52 ----A---- C:\Windows\system32\wvc.dll 2013-10-13 11:10:52 ----A---- C:\Windows\system32\wdc.dll 2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\uxtheme.dll 2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\UXInit.dll 2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-10-13 11:10:49 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-10-13 11:10:48 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-10-13 11:10:48 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-10-13 11:10:48 ----A---- C:\Windows\system32\UXInit.dll 2013-10-13 11:10:48 ----A---- C:\Windows\system32\urlmon.dll 2013-10-13 11:10:47 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-10-13 11:10:47 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-13 11:10:47 ----A---- C:\Windows\system32\iesetup.dll 2013-10-13 11:10:47 ----A---- C:\Windows\system32\iernonce.dll 2013-10-13 11:10:47 ----A---- C:\Windows\system32\ie4uinit.exe 2013-10-13 11:10:46 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-10-13 11:10:45 ----A---- C:\Windows\system32\uxtheme.dll 2013-10-13 11:10:45 ----A---- C:\Windows\system32\jscript.dll 2013-10-13 11:10:45 ----A---- C:\Windows\system32\ieframe.dll 2013-10-13 11:10:44 ----A---- C:\Windows\system32\iesysprep.dll 2013-10-13 11:10:43 ----A---- C:\Windows\system32\wininet.dll 2013-10-13 11:10:43 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-13 11:10:40 ----A---- C:\Windows\system32\mshtml.dll 2013-10-13 11:10:33 ----A---- C:\Windows\system32\jscript9.dll 2013-10-13 11:10:31 ----A---- C:\Windows\system32\iertutil.dll 2013-10-13 11:10:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-10-13 11:10:29 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-10-13 11:10:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-10-13 11:10:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-10-13 11:10:01 ----A---- C:\Windows\system32\drivers\WdfLdr.sys 2013-10-13 11:10:01 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-13 11:10:00 ----A---- C:\Windows\system32\drivers\usbprint.sys 2013-10-13 11:10:00 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-13 11:10:00 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-13 11:09:52 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2013-10-13 11:09:52 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-13 11:09:52 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys 2013-10-13 11:09:50 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-13 11:09:50 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-13 11:09:50 ----A---- C:\Windows\system32\atmlib.dll 2013-10-13 11:09:50 ----A---- C:\Windows\system32\atmfd.dll 2013-10-13 11:09:49 ----A---- C:\Windows\system32\win32k.sys 2013-10-13 11:09:45 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-10-13 11:09:45 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-10-13 11:09:40 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-13 11:09:40 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-13 11:09:35 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS 2013-10-13 11:09:35 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS 2013-10-13 11:09:35 ----A---- C:\Windows\system32\drivers\UCX01000.SYS 2013-10-10 21:49:14 ----A---- C:\Windows\system32\bootdelete.exe 2013-10-10 21:04:04 ----D---- C:\ProgramData\HitmanPro 2013-10-10 21:03:23 ----D---- C:\Users\Kenny\AppData\Roaming\Malwarebytes 2013-10-10 21:03:06 ----D---- C:\ProgramData\Malwarebytes 2013-10-10 21:03:04 ----A---- C:\Windows\system32\drivers\mbam.sys 2013-10-10 21:03:03 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-20 19:19:07 ----D---- C:\Program Files (x86)\GoldWave 2013-09-18 10:53:57 ----A---- C:\Windows\system32\tssdisai.dll ======List of files/folders modified in the last 1 month====== 2013-10-16 15:11:22 ----D---- C:\Windows\Temp 2013-10-16 15:00:35 ----D---- C:\ProgramData\MOCP 2013-10-16 15:00:00 ----D---- C:\Windows\system32\sru 2013-10-16 14:35:47 ----D---- C:\Windows\system32\config 2013-10-16 14:33:44 ----D---- C:\Windows\Microsoft.NET 2013-10-16 14:25:03 ----D---- C:\Windows\Prefetch 2013-10-16 13:55:51 ----D---- C:\Windows\AUInstallAgent 2013-10-16 13:55:40 ----HD---- C:\Program Files\WindowsApps 2013-10-16 13:14:05 ----D---- C:\Windows\System32 2013-10-16 13:14:05 ----D---- C:\Windows\Inf 2013-10-16 13:14:05 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-16 13:11:44 ----A---- C:\Windows\SYSWOW64\log.txt 2013-10-15 19:27:08 ----RD---- C:\Windows\assembly 2013-10-15 19:22:09 ----D---- C:\Windows\system32\MRT 2013-10-15 19:18:21 ----A---- C:\Windows\system32\MRT.exe 2013-10-15 19:18:15 ----D---- C:\Windows\CbsTemp 2013-10-15 19:18:07 ----D---- C:\Windows\apppatch 2013-10-15 19:18:00 ----D---- C:\Windows\WinSxS 2013-10-14 18:26:33 ----RD---- C:\Program Files 2013-10-14 18:25:36 ----D---- C:\Program Files (x86)\AutocompletePro 2013-10-14 18:25:36 ----D---- C:\Program Files (x86)\Ask.com 2013-10-14 18:08:19 ----D---- C:\Windows\SysWOW64 2013-10-14 18:06:19 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-14 18:06:10 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-13 15:29:08 ----D---- C:\Program Files (x86)\Internet Explorer 2013-10-13 15:29:05 ----D---- C:\Program Files\Internet Explorer 2013-10-13 15:29:02 ----D---- C:\Windows\system32\Drivers 2013-10-13 15:28:52 ----RD---- C:\Windows\ToastData 2013-10-13 15:28:46 ----D---- C:\Windows\system32\DriverStore 2013-10-13 15:26:50 ----D---- C:\Users\Kenny\AppData\Roaming\uTorrent 2013-10-13 14:20:38 ----D---- C:\Users\Kenny\AppData\Roaming\vlc 2013-10-13 12:37:17 ----SHD---- C:\System Volume Information 2013-10-13 12:03:29 ----D---- C:\Windows\system32\catroot2 2013-10-13 11:21:11 ----SHD---- C:\Windows\Installer 2013-10-13 11:21:10 ----D---- C:\ProgramData\Microsoft Help 2013-10-10 22:57:54 ----D---- C:\Windows 2013-10-10 22:57:53 ----D---- C:\Windows\Tasks 2013-10-10 22:57:48 ----D---- C:\Windows\system32\Tasks 2013-10-10 22:57:44 ----D---- C:\Windows\system32\CodeIntegrity 2013-10-10 22:51:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-10 22:51:27 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-10-10 22:43:21 ----D---- C:\Windows\system32\wbem 2013-10-10 22:43:21 ----D---- C:\Windows\registration 2013-10-10 22:43:02 ----D---- C:\Users\Kenny\AppData\Roaming\Adobe 2013-10-10 22:41:45 ----D---- C:\ProgramData\Adobe 2013-10-10 22:41:07 ----RHD---- C:\MSOCache 2013-10-10 22:41:07 ----D---- C:\Program Files (x86)\Common Files 2013-10-10 22:41:07 ----D---- C:\Program Files (x86)\Adobe 2013-10-10 21:04:04 ----HD---- C:\ProgramData 2013-10-10 21:03:03 ----RD---- C:\Program Files (x86) 2013-10-10 21:00:26 ----D---- C:\Windows\Logs 2013-10-09 15:10:57 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2013-10-02 03:38:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-09-26 16:24:35 ----D---- C:\Program Files (x86)\McAfee 2013-09-26 08:43:27 ----D---- C:\Program Files\Common Files\mcafee 2013-09-19 16:39:25 ----D---- C:\Update 2013-09-18 16:22:48 ----D---- C:\ProgramData\Sony Corporation ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\Windows\System32\drivers\ACPI.sys [2012-09-20 425192] R0 acpiex;Microsoft ACPIEx Driver; C:\Windows\System32\Drivers\acpiex.sys [2012-07-26 77040] R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\Windows\System32\drivers\CLFS.sys [2012-07-26 361200] R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2012-10-11 562392] R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\Windows\System32\drivers\disk.sys [2012-07-26 102640] R0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\Windows\System32\drivers\EhStorClass.sys [2012-07-26 81136] R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\Windows\System32\drivers\fileinfo.sys [2012-07-26 71920] R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\Windows\system32\drivers\fltmgr.sys [2012-07-26 374512] R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2012-09-20 465128] R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-23 645952] R0 KSecDD;KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [2012-09-20 100072] R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2012-10-11 172264] R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-08-08 776168] R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-08-08 343568] R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\Windows\System32\drivers\mountmgr.sys [2012-07-26 93936] R0 msisadrv;msisadrv; C:\Windows\System32\drivers\msisadrv.sys [2012-07-26 17136] R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\Windows\System32\Drivers\mup.sys [2012-07-26 83696] R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\Windows\system32\drivers\ndis.sys [2013-06-17 997632] R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\Windows\System32\drivers\partmgr.sys [2013-01-10 91880] R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\Windows\System32\drivers\pci.sys [2012-07-26 234224] R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2012-07-26 52464] R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\Windows\system32\drivers\pdc.sys [2013-03-02 69864] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-07-26 217328] R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\Windows\System32\drivers\spaceport.sys [2013-05-04 284416] R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\Windows\System32\drivers\tcpip.sys [2013-08-01 2233688] R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\Windows\System32\drivers\vdrvroot.sys [2012-07-26 36080] R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\Windows\System32\drivers\volmgr.sys [2012-07-26 83184] R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\Windows\System32\drivers\volmgrx.sys [2012-07-26 378608] R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\Windows\System32\drivers\volsnap.sys [2013-06-01 327936] R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\Windows\system32\drivers\afd.sys [2012-11-06 560640] R1 BasicDisplay;BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [2012-07-26 48640] R1 BasicRender;BasicRender; C:\Windows\System32\drivers\BasicRender.sys [2012-07-26 29696] R1 Beep;Beep; C:\Windows\system32\drivers\Beep.sys [2012-07-26 7680] R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\Windows\System32\drivers\cdrom.sys [2012-07-26 174080] R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536] R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\Windows\System32\Drivers\dfsc.sys [2012-07-26 118784] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2012-07-26 50688] R1 dtsoftbus01;@oem29.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2013-07-01 283200] R1 Msfs;Msfs; C:\Windows\system32\drivers\Msfs.sys [2012-07-26 26112] R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\Windows\System32\drivers\mssmbios.sys [2012-07-26 37616] R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\Windows\system32\DRIVERS\netbios.sys [2012-07-26 46080] R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\Windows\System32\DRIVERS\netbt.sys [2012-07-26 331776] R1 Npfs;Npfs; C:\Windows\system32\drivers\Npfs.sys [2012-07-26 49152] R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\Windows\System32\drivers\npsvctrig.sys [2012-07-26 23552] R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2012-07-26 34304] R1 Null;Null; C:\Windows\system32\drivers\Null.sys [2012-07-26 5632] R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\Windows\system32\DRIVERS\pacer.sys [2012-07-26 145408] R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\Windows\system32\DRIVERS\rdbss.sys [2013-05-04 427520] R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2012-07-26 117248] R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\Windows\system32\DRIVERS\lltdio.sys [2012-07-26 60416] R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2012-07-26 134144] R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\Windows\system32\DRIVERS\nwifi.sys [2012-07-26 427520] R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\Windows\system32\drivers\Ndu.sys [2012-07-26 97792] R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2013-04-09 805376] R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\Windows\system32\DRIVERS\rspndr.sys [2012-07-26 78848] R2 secdrv;Security Driver; C:\Windows\system32\drivers\secdrv.sys [2012-07-26 23040] R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2012-07-26 45056] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-08-20 10280960] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-08-20 368640] R3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\Windows\system32\DRIVERS\asyncmac.sys [2012-07-26 26624] R3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-08-13 88728] R3 athr;@oem24.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-08-20 3618304] R3 AtiHDAudioService;@oem18.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW86.sys [2012-08-20 98472] R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2012-07-26 101888] R3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-08-13 344216] R3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-08-13 114840] R3 BTATH_BUS;@oem7.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2012-08-13 33944] R3 BTATH_HCRP;@oem13.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2012-08-13 178840] R3 BTATH_LWFLT;@oem14.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-08-13 76952] R3 BTATH_RCP;@oem16.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2012-08-13 135832] R3 BTATH_VDP;@oem17.inf,%BTATH_VDP.SvcDesc%;Bluetooth VDP Driver; C:\Windows\system32\drivers\btath_vdp.sys [2012-08-13 427416] R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-08-13 567808] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752] R3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\Windows\System32\drivers\CmBatt.sys [2012-07-26 25600] R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\Windows\System32\drivers\CompositeBus.sys [2012-07-26 36352] R3 condrv;Console Driver; C:\Windows\System32\drivers\condrv.sys [2012-07-26 33792] R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2013-04-16 1455368] R3 fastfat;FAT12/16/32 File System Driver; C:\Windows\system32\drivers\fastfat.sys [2012-07-26 210672] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\System32\drivers\HDAudBus.sys [2012-09-20 71168] R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\Windows\System32\drivers\hidusb.sys [2013-05-04 27648] R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\Windows\system32\drivers\HTTP.sys [2013-03-15 861184] R3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver; C:\Windows\System32\drivers\i8042prt.sys [2012-07-26 112640] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-08-20 4102928] R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\Windows\System32\drivers\intelppm.sys [2012-11-06 89088] R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\Windows\System32\drivers\kbdclass.sys [2012-07-26 48368] R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\Windows\system32\DRIVERS\kdnic.sys [2012-07-26 18432] R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [2012-07-26 21376] R3 MEIx64;@oem19.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784] R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-08-08 179664] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-08-08 310224] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-08-08 519064] R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver-service; C:\Windows\System32\drivers\monitor.sys [2013-03-01 30720] R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\Windows\System32\drivers\mouclass.sys [2012-07-26 45808] R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\Windows\System32\drivers\mouhid.sys [2013-03-02 26112] R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2012-10-11 74752] R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\Windows\system32\DRIVERS\mrxsmb.sys [2013-02-06 370688] R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 279552] R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2013-02-06 215552] R3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2012-07-26 8704] R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\Windows\system32\DRIVERS\ndistapi.sys [2012-09-20 25088] R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\Windows\system32\DRIVERS\ndisuio.sys [2012-07-26 58880] R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080] R3 NDProxy;NDIS Proxy; C:\Windows\system32\drivers\NDProxy.sys [2013-04-09 60416] R3 Ntfs;Ntfs; C:\Windows\system32\drivers\Ntfs.sys [2013-02-02 1933544] R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\Windows\system32\DRIVERS\raspptp.sys [2012-07-26 114176] R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 68608] R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\Windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 124928] R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\Windows\system32\DRIVERS\raspppoe.sys [2012-07-26 81920] R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2012-07-26 92672] R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\Windows\System32\drivers\rdpbus.sys [2012-07-26 22528] R3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\Windows\System32\drivers\rdpdr.sys [2012-07-26 179712] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-12 27880] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672] R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-07-30 683664] R3 SensorsSimulatorDriver;@oem35.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656] R3 SFEP;@oem4.inf,%SvcDesc%;Sony Firmware Extension Parser; C:\Windows\System32\drivers\SFEP.sys [2012-07-11 14336] R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-21 43832] R3 SOWS;@oem5.inf,%SOWS%;Sony Wireless State Device; C:\Windows\System32\drivers\sows.sys [2012-06-11 24280] R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\Windows\System32\DRIVERS\srv.sys [2012-07-26 416768] R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2013-04-09 623104] R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2013-04-09 247808] R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\Windows\System32\drivers\swenum.sys [2012-07-26 13680] R3 SynTP;@oem22.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-08-21 447800] R3 TPM;@tpm.inf,%TPM%;TPM; C:\Windows\system32\drivers\tpm.sys [2013-03-02 148712] R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Stuurprogramma voor Microsoft IPv6 Tunnel-minipoortadapter; C:\Windows\system32\DRIVERS\tunnel.sys [2012-07-26 149504] R3 UCX01000;USB Controller Extension; C:\Windows\System32\drivers\ucx01000.sys [2013-07-02 213336] R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\Windows\System32\drivers\umbus.sys [2012-07-26 48128] R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-06 121984] R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\Windows\System32\drivers\usbccgp.sys [2013-06-29 120832] R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\System32\drivers\usbehci.sys [2013-07-01 79192] R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Stuurprogramma voor Microsoft USB Standaard-hub; C:\Windows\System32\drivers\usbhub.sys [2013-07-01 623448] R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\Windows\System32\drivers\UsbHub3.sys [2013-07-02 447320] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-06 210560] R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\Windows\System32\drivers\USBXHCI.SYS [2013-07-02 337752] R4 cdfs;CD/DVD File System Reader; C:\Windows\system32\DRIVERS\cdfs.sys [2012-07-26 108544] S0 3ware;3ware; C:\Windows\System32\drivers\3ware.sys [2012-07-26 106736] S0 adp94xx;adp94xx; C:\Windows\System32\drivers\adp94xx.sys [2012-07-26 492272] S0 adpahci;adpahci; C:\Windows\System32\drivers\adpahci.sys [2012-07-26 340720] S0 adpu320;adpu320; C:\Windows\System32\drivers\adpu320.sys [2012-07-26 184048] S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\Windows\System32\drivers\agp440.sys [2012-07-26 63216] S0 amdsata;amdsata; C:\Windows\System32\drivers\amdsata.sys [2012-07-26 76016] S0 amdsbs;amdsbs; C:\Windows\System32\drivers\amdsbs.sys [2012-07-26 258288] S0 amdxata;amdxata; C:\Windows\System32\drivers\amdxata.sys [2012-07-26 26352] S0 arc;arc; C:\Windows\System32\drivers\arc.sys [2012-07-26 104688] S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\Windows\System32\drivers\arcsas.sys [2012-07-26 108272] S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\Windows\System32\drivers\atapi.sys [2012-07-26 25840] S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\Windows\System32\drivers\bxvbda.sys [2012-09-20 533224] S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\System32\drivers\evbda.sys [2012-09-20 3265256] S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\Windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 113904] S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\System32\drivers\gagp30kx.sys [2012-07-26 66800] S0 HpSAMD;HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [2012-07-26 64752] S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2012-07-26 24816] S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\Windows\System32\drivers\iaStorV.sys [2012-07-26 411888] S0 iirsp;iirsp; C:\Windows\System32\drivers\iirsp.sys [2012-07-26 45296] S0 intelide;intelide; C:\Windows\System32\drivers\intelide.sys [2012-07-26 18672] S0 isapnp;isapnp; C:\Windows\System32\drivers\isapnp.sys [2012-07-26 22256] S0 LSI_SAS;LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [2012-07-26 108784] S0 LSI_SAS2;LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [2012-07-26 92400] S0 LSI_SCSI;LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [2012-07-26 116976] S0 LSI_SSS;LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [2012-07-26 81136] S0 megasas;megasas; C:\Windows\System32\drivers\megasas.sys [2012-07-26 51952] S0 MegaSR;MegaSR; C:\Windows\System32\drivers\MegaSR.sys [2012-07-26 353008] S0 mvumis;mvumis; C:\Windows\System32\drivers\mvumis.sys [2012-07-26 64240] S0 nfrd960;nfrd960; C:\Windows\System32\drivers\nfrd960.sys [2012-07-26 52464] S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\Windows\System32\drivers\nv_agp.sys [2012-07-26 125168] S0 nvraid;nvraid; C:\Windows\System32\drivers\nvraid.sys [2012-07-26 150256] S0 nvstor;nvstor; C:\Windows\System32\drivers\nvstor.sys [2012-07-26 168176] S0 pciide;pciide; C:\Windows\System32\drivers\pciide.sys [2012-07-26 14064] S0 pcmcia;pcmcia; C:\Windows\System32\drivers\pcmcia.sys [2012-07-26 237808] S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\Windows\System32\drivers\sbp2port.sys [2012-07-26 107760] S0 SiSRaid2;SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [2012-07-26 44784] S0 SiSRaid4;SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [2012-07-26 81648] S0 stexstor;stexstor; C:\Windows\System32\drivers\stexstor.sys [2012-07-26 30960] S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\Windows\System32\drivers\storahci.sys [2013-03-02 77544] S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 45160] S0 storvsc;storvsc; C:\Windows\System32\drivers\storvsc.sys [2012-07-26 37992] S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\Windows\System32\drivers\uagp35.sys [2012-07-26 65776] S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\Windows\System32\drivers\uliagpkx.sys [2012-07-26 66800] S0 viaide;viaide; C:\Windows\System32\drivers\viaide.sys [2012-07-26 19184] S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\System32\drivers\vmbus.sys [2012-07-26 137832] S0 vsmraid;vsmraid; C:\Windows\System32\drivers\vsmraid.sys [2012-07-26 164080] S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\Windows\System32\drivers\vstxraid.sys [2012-07-26 322800] S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\Windows\system32\drivers\dam.sys [2013-08-16 58200] S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\Windows\System32\drivers\1394ohci.sys [2012-07-26 226304] S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\Windows\System32\drivers\acpipagr.sys [2012-07-26 10240] S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\Windows\System32\drivers\acpipmi.sys [2012-07-26 12288] S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\Windows\System32\drivers\acpitime.sys [2012-07-26 10752] S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\Windows\System32\drivers\amdk8.sys [2012-11-06 90624] S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\Windows\System32\drivers\amdppm.sys [2012-11-06 88064] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2012-07-26 79360] S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632] S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [2012-07-26 51200] S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [2012-11-27 29952] S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\Windows\System32\drivers\bthmodem.sys [2012-07-26 65536] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040] S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\Windows\System32\drivers\circlass.sys [2012-07-26 45056] S3 dg_ssudbus;@oem32.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448] S3 dmvsc;dmvsc; C:\Windows\System32\drivers\dmvsc.sys [2012-07-26 33280] S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2012-10-11 5632] S3 e1yexpress;@net1yx64.inf,%E1YExpress.Service.DispName%;Intel® Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2012-06-02 283136] S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\Windows\System32\drivers\errdev.sys [2012-07-26 10240] S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2012-07-26 194560] S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\Windows\System32\drivers\fdc.sys [2012-07-26 30720] S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2012-07-26 34816] S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\Windows\System32\drivers\flpydisk.sys [2012-07-26 24576] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2012-07-26 57584] S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\Windows\System32\drivers\fxppm.sys [2012-11-06 22528] S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\Windows\System32\drivers\vmgencounter.sys [2012-07-26 12288] S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\Windows\System32\Drivers\msgpioclx.sys [2013-07-09 120144] S3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2013-06-26 341504] S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\Windows\System32\drivers\HidBatt.sys [2012-07-26 27136] S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\Windows\System32\drivers\hidbth.sys [2013-04-09 95744] S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\Windows\System32\drivers\hidi2c.sys [2012-11-20 39936] S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\Windows\System32\drivers\hidir.sys [2012-07-26 46080] S3 hyperkbd;hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [2012-07-26 11776] S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 24576] S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\Windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 89088] S3 IPMIDRV;IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [2012-07-26 78336] S3 IPNAT;IP Network Address Translator; C:\Windows\System32\drivers\ipnat.sys [2012-07-26 145920] S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\Windows\system32\drivers\irenum.sys [2012-07-26 17920] S3 iscFlash;iscFlash; \??\C:\ProgramData\Sony Corporation\Sony Packaging Manager\PackagingTemp\{39035736-5CDA-4D8E-B4CD-B41423B2C0A4}\iscflashx64.sys [] S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\Windows\System32\drivers\msiscsi.sys [2012-11-06 277736] S3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\Windows\System32\drivers\kbdhid.sys [2012-07-26 29184] S3 Modem;Modem; C:\Windows\system32\drivers\modem.sys [2012-07-26 40448] S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\Windows\system32\drivers\mrxdav.sys [2012-07-26 141312] S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2012-07-26 129536] S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\Windows\System32\drivers\msgpiowin32.sys [2013-01-10 28904] S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\Windows\System32\drivers\mshidumdf.sys [2012-07-26 10752] S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2012-07-26 11008] S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\Windows\system32\DRIVERS\mslldp.sys [2012-07-26 68608] S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2012-07-26 7168] S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2012-07-26 6912] S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2012-07-26 390896] S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2012-07-26 8192] S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\Windows\System32\drivers\MTConfig.sys [2012-07-26 14848] S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\Windows\system32\DRIVERS\ndiscap.sys [2012-07-26 46592] S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 126464] S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080] S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-06-28 13546344] S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\Windows\System32\drivers\parport.sys [2012-07-26 105984] S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\Windows\System32\drivers\processr.sys [2012-11-06 87552] S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2012-07-26 46592] S3 RasAcd;Remote Access Auto Connection Driver; C:\Windows\System32\DRIVERS\rasacd.sys [2012-07-26 16384] S3 RDPWD;RDP Winstation Driver; C:\Windows\system32\drivers\RDPWD.sys [2012-07-26 208384] S3 RSPCIESTOR;@oem20.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2012-08-07 339600] S3 s3cap;s3cap; C:\Windows\System32\drivers\vms3cap.sys [2012-07-26 7168] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2012-07-26 36864] S3 sdbus;sdbus; C:\Windows\System32\drivers\sdbus.sys [2013-06-29 195416] S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\Windows\System32\drivers\sdstor.sys [2012-10-11 56552] S3 SerCx;Serial UART Support Library; C:\Windows\system32\drivers\SerCx.sys [2012-07-26 62976] S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\Windows\System32\drivers\serenum.sys [2012-07-26 23040] S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\Windows\System32\drivers\serial.sys [2012-07-26 76800] S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\Windows\System32\drivers\sermouse.sys [2012-07-26 27136] S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\Windows\System32\drivers\sfloppy.sys [2012-07-26 16896] S3 SpbCx;Simple Peripheral Bus Support Library; C:\Windows\system32\drivers\SpbCx.sys [2012-07-26 59392] S3 ssudmdm;@oem34.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672] S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2013-08-01 2233688] S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\Windows\System32\drivers\terminpt.sys [2012-07-26 36592] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-07-26 57344] S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\Windows\System32\drivers\TsUsbGD.sys [2012-07-26 30208] S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2013-01-15 21200] S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\Windows\System32\drivers\uaspstor.sys [2012-07-26 97008] S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass-stuurprogramma; C:\Windows\System32\drivers\umpass.sys [2012-07-26 11776] S3 USBAAPL64;@oem27.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\Windows\System32\drivers\usbcir.sys [2013-07-06 99328] S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\System32\drivers\usbohci.sys [2012-11-20 27136] S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\Windows\System32\drivers\usbprint.sys [2013-07-02 25600] S3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;Stuurprogramma voor USB-massaopslag; C:\Windows\System32\drivers\USBSTOR.SYS [2013-06-06 119040] S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\System32\drivers\usbuhci.sys [2013-06-29 32256] S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\Windows\system32\drivers\VerifierExt.sys [2012-07-26 106224] S3 vhdmp;vhdmp; C:\Windows\System32\drivers\vhdmp.sys [2013-03-02 495336] S3 VMBusHID;VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [2012-07-26 22144] S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\Windows\System32\drivers\vpci.sys [2012-07-26 67824] S3 VSPerfDrv110;Performance Tools Driver 11.0; \??\C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [2012-07-13 70264] S4 udfs;udfs; C:\Windows\system32\DRIVERS\udfs.sys [2013-06-26 321536] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-08-20 239616] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-13 211584] R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 DcomLaunch;@combase.dll,-5012; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-08-07 2445968] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456] R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104] R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856] R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720] R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-07-17 277824] R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 McSchedulerSvc;McAfee PC Task Scheduler Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-08 219272] R2 mfeicfcoreocp;McAfee Content Filter; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2013-08-08 2776256] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-08-08 182752] R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280] R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-07-27 474208] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 RpcSs;@combase.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-08-06 156672] R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe [2012-09-20 35840] R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe [2012-07-26 769024] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624] R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-07-17 365376] R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-08-18 68776] R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-15 641352] R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\Windows\System32\svchost.exe [2012-09-20 29696] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2012-09-20 29696] R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2012-09-20 29696] R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696] R3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2012-09-20 35840] R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2012-10-12 54760] R3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2013-06-01 680960] R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [2013-08-01 1368624] S2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2012-09-20 29696] S2 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] S2 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2013-08-16 4917760] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416] S3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe [2012-07-26 94208] S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2012-07-26 10752] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2012-09-20 35840] S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2012-07-26 669696] S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-08-03 43616] S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2012-09-20 35840] S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656] S3 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe [2012-07-26 144384] S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec.exe [2012-07-26 124416] S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe [2012-09-20 35840] S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 NetworkSupport;NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2012-08-18 623784] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2012-07-26 20992] S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe [2012-07-26 9728] S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2012-07-26 14848] S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-08-08 123616] S3 SOHDms;VAIO Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-08-08 460512] S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-08-08 78048] S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952] S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976] S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2013-05-16 98304] S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2012-07-26 40960] S3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-07-19 476328] S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-08-08 972000] S3 Visual Studio Analyzer RPC bridge;Visual Studio Analyzer RPC bridge; C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [1998-06-06 34036] S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\Windows\system32\vssvc.exe [2013-05-04 1483776] S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696] S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696] S4 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] -----------------EOF-----------------
-
Reageren lukt niet meer... de pagina blijft laden als ik een groot stuk tekst plak. - - - Updated - - - Logfile of random's system information tool 1.09 (written by random/random) Run by Kenny at 2013-10-16 15:02:26 Microsoft Windows 8 System drive C: has 326 GB (48%) free of 677 GB Total RAM: 6091 MB (69% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:02:27, on 16/10/2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Kenny.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\Portable\DAEMON Tools Pro Advanced v5.2.0.0348\DTAgent.exe" -autorun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - Global Startup: McAfee Parental Controls.lnk = C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Content Filter (mfeicfcoreocp) - McAfee, Inc. - C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Unknown owner - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 13907 bytes - - - Updated - - - ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe "dwm.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService atieclxx C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-35c1aaba-ad33-489e-9b7e-dfbc7cbe8d37 -SystemEventPortName:HostProcess-c4626861-25dd-4136-a4f7-00852f45c7fe -IoCancelEventPortName:HostProcess-90a68f19-67e9-42e3-849f-f675d12cf9e3 -NonStateChangingEventPortName:HostProcess-bf635065-7057-40cc-80a0-1a25f610c110 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:81df414f-ecd8-4178-b6db-5fc00657d53c -DeviceGroupId:WudfDefaultDevicePool C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\Bluetooth Suite\adminservice.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE" dashost.exe {412a9321-4426-4bec-a8ca20dc827e044f} "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc "C:\Windows\system32\mfevtps.exe" "C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe" "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe" "C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" "\Program Files\Synaptics\SynTP\SynTPEnh.exe" taskhostex.exe "C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe" C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe "C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe" C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83} C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\Explorer.EXE "C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE" "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe" "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 "C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe" /platui "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart "C:\Program Files\iPod\bin\iPodService.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow "C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary "C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=10000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1" "/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "&" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\%C3 & Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata" "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files\Sony\VAIO Update\VUAgent.exe" C:\Windows\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529} C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0 "C:\Program Files\Windows Defender\MsMpEng.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files\Sony\VAIO Improvement\vim.exe" -System "C:\Program Files\Sony\VAIO Improvement\vim.exe" -User "C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate "C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding "C:\Program Files\Sony\VAIO Care\VCService.exe" "C:\Program Files\Sony\VAIO Care\VCAgent.exe" "C:\Windows\system32\wwahost.exe" -ServerName:SonyCorporation.VAIOMessageCenter.wwa C:\Windows\System32\vds.exe "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:267521 /prefetch:2 "C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:3806563 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:1316304 /prefetch:2 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1957883420-1083450386-1349748412-100130_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1957883420-1083450386-1349748412-100130 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Windows\system32\SearchFilterHost.exe" 0 588 592 600 65536 596 C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Kenny\Desktop\RSITx64.exe" - - - Updated - - - ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default prefs.js - "browser.startup.homepage" - "http://www.google.be/" prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX] "Description"=Canon My Image Garden "Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] "Description"=This plugin updates Intel WebAPI component "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.0] "Description"= "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App V2 Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0] "Description"= "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Program Files (x86)\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\searchplugins\ yahoo.xml C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default\extensions\ support@predictad.com toolbar@ask.com - - - Updated - - - ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-04 545264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}] CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-13 64640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-04 193520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-04 453104] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{876d9f09-c6d6-4324-a2cc-04dd9a4de12f}] Microsoft Web Test Recorder 10.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26 74888] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-04 157680] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-20 1214608] "BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-13 764032] "BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-13 127616] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Pro Agent"=C:\Program Files (x86)\Portable\DAEMON Tools Pro Advanced v5.2.0.0348\DTAgent.exe -autorun [] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640] "AdobeBridge"= [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216] "ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2012-08-18 68776] "PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2012-07-27 724576] "Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 38112] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352] "Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-06-25 152896] "mcpltui_exe"=C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [2013-08-17 644656] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-15 152392] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312] "beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup [] "NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Parental Controls.lnk - C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "EnableUIADesktopToggle"=0 "EnableCursorSuppression"=1 "ConsentPromptBehaviorUser"=3 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableCAD"=1 "EnableLinkedConnections"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktopChanges"=1 "NoActiveDesktop"=1 - - - Updated - - - [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "midi2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux3"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* - - - Updated - - - Telkens als ik op 'snel reageren' klik, komt er een melding 'Bent u zeker dat u deze pagina wilt verlaten?' - - - Updated - - - Telkens als ik op 'snel reageren' klik, komt er een melding 'Bent u zeker dat u deze pagina wilt verlaten?'
-
En tenslotte het logbestandje van HitmanPro HitmanPro 3.7.7.205 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : KENNY Windows . . . . . . . : 6.2.0.9200.X64/4 User name . . . . . . : KENNY\Kenny UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (30 days left) Scan date . . . . . . : 2013-10-10 21:25:13 Scan mode . . . . . . : Normal Scan duration . . . . : 20m 18s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 290 Traces . . . . . . . : 759 Objects scanned . . . : 2 387 668 Files scanned . . . . : 91 536 Remnants scanned . . : 779 323 files / 1 516 809 keys Malware _____________________________________________________________________ C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G671ZG9B\UPnP[1].exe -> Deleted Size . . . . . . . : 75 264 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:53:09) Entropy . . . . . : 7.7 SHA-256 . . . . . : 23B62F46B7A4846FC16AD44D882D3724265AB100673FE67AA0000015F177AE69 Product . . . . . : WorkerFlower Description . . . : WorkerFlower Version . . . . . : 1.0.0.0 Copyright . . . . : Copyright © 2013 Source URL . . . . : hxxp://dl.dropbox.com/u/113991488/UPnP.exe > G Data . . . . . . : Trojan.Generic.KDZ.11447 > Ikarus . . . . . . : Trojan.SuspectCRC!IK > Kaspersky . . . . : HEUR:Trojan.Win32.Generic Fuzzy . . . . . . : 109.0 C:\Users\Kenny\AppData\Local\Temp\fzwkf-48.dll -> Deleted Size . . . . . . . : 7 168 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:31:22) Entropy . . . . . : 4.4 SHA-256 . . . . . : 08814FC6A3E3EACA020DF7478FD7031D5C730321244760C829D863C061F70DD8 Description . . . : Version . . . . . : 0.0.0.0 Copyright . . . . : > G Data . . . . . . : Gen:Variant.Kazy.156409 > Ikarus . . . . . . : Win32.SuspectCrc!IK Fuzzy . . . . . . : 106.0 C:\Users\Kenny\AppData\Local\Temp\hi8ylix1.dll -> Deleted Size . . . . . . . : 7 168 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:31:22) Entropy . . . . . : 4.4 SHA-256 . . . . . : D18ED29A473EEB40D4453BAC2FDF0C2D7B735FB75F65175AB30D71CD4172548D Description . . . : Version . . . . . : 0.0.0.0 Copyright . . . . : > G Data . . . . . . : Gen:Variant.Kazy.156409 > Ikarus . . . . . . : Win32.SuspectCrc!IK Fuzzy . . . . . . : 106.0 C:\Users\Kenny\AppData\Local\Temp\jar_cache6254978253509695947.tmp -> Quarantined Size . . . . . . . : 19 134 bytes Age . . . . . . . : 0.1 days (2013-10-10 19:31:56) Entropy . . . . . : 7.9 SHA-256 . . . . . : 5E814E032FF7890B4AF4BF2CBC14D297715C59DC77BAE69F9C65F584F76C2047 > Kaspersky . . . . : HEUR:Exploit.Java.CVE-2012-1723.gen Fuzzy . . . . . . : 102.0 Forensic Cluster -79.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -79.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -79.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1696-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1699-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1697-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1698-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1693-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Exclusive-293x150[1].png -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\DHM-Pack-210-293x150[1].png -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1462-293x150[1].jpg -78.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1690-293x150[1].jpg -78.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -78.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -77.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\box[1].htm -77.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -77.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -77.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\scroll[1].png -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\relay[2].swf -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\unsure[1].gif -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\wink[1].gif -76.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\smile[1].gif -76.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\trackingPixel[1].gif -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\likebox[1].htm -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bmw_4j_468x60b_nl[1].swf -76.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ddc[1].htm -76.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1076615_584660756_1376328851_q[1].jpg -76.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1082988_100002033288453_1211801668_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1118134_100002508052499_1514861849_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1117978_100000706820412_247958862_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\273736_100003301036925_592490609_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1119082_100004100688077_1189558660_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -76.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1117351_100001086747136_213797438_q[1].jpg -76.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1082989_1406569077_401231436_q[1].jpg -76.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1694-293x150[1].jpg -76.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\OUUEEY9P.txt -76.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\iframe3[1].htm -76.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\z_v3.7c_300x250[1].swf -75.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[2].htm -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[4].htm -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1117279_100003973435146_1786722666_q[1].jpg -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\161747_100000115314118_1423120803_q[1].jpg -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1118494_100006766599995_1693723620_q[1].jpg -75.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1115596_100000346344870_533842328_q[1].jpg -75.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[3].htm -75.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\371049_100001335441826_1273431978_q[1].jpg -75.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\ss_v3.7c_728x90[1].swf -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\bg_ms_300250[1].png -74.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\GN8QV23N.txt -74.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\r[2].gif -74.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -74.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -74.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZQ4TLMB.txt -74.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\thirdpartretargeting[3].gif -74.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YXV9I0KM.txt -74.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bga_728x90_ss_1[1].swf -74.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\72890_ss[1].jpg -74.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\6DMBDPP9.txt -74.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\r[1].gif -74.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\cta_1_ss[1].swf -74.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\JA222J06N-502@1.1[1].jpg -74.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\SE622J01B-513@1.1[1].jpg -72.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\SE622J00I-I00@1.1[1].jpg -69.6s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{B2564122-31D1-11E3-BEE3-083E8EB6BC90}.dat -69.6s C:\Users\Kenny\AppData\Local\Temp\Low\REGB167.tmp -68.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\__utm[4].gif -68.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1699-280x280[1].jpg -68.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1698-180x110[1].jpg -68.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\1691-180x110[1].jpg -68.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\Mixmash-Radio-180x110[1].jpg -67.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\sharethis_counter2[1].png -67.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\5092658564345193620[1].gif -67.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\T8OUGN58.txt -67.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\1CDOATKZ.txt -67.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y9DYCT5C.txt -66.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\z_v3.7c_728x90[1].swf -66.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\234a6140b599047b8686e87b1b2a1552_f[1].png -66.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\5-8201_PO_Continental_300x250_FR[1].swf -66.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\72890_n[1].jpg -65.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\KV644YXX.txt -65.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -65.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -58.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\pap[1].swf -31.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\__utm[5].gif -30.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\NVB34DU4.txt -30.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\blogo[1].jpg -30.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\download3[1].jpg -27.8s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{CB42C4BE-31D1-11E3-BEE3-083E8EB6BC90}.dat -27.7s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -27.7s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -25.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1694-180x110[1].jpg -25.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1693-180x110[1].jpg -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CL3AYT1P.txt -25.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\d3af36d8391aea778a3c50358b01a57b_f[1].png -24.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[2].htm -24.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\E8L1Q8T5.txt -24.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0I97ITVN.txt -24.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\4PCAK1Y6.txt -24.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -20.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\css[1].css -19.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\logo[1].png -19.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\2013[1].zip -19.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\impression[1].gif -19.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\EEQ9F00H.txt -19.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\tusfiles%20728x90[1].gif -19.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\set-action-cookie[1].gif -18.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\SQM2PNXW.txt -17.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\emily[1].htm -17.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0YQ0G6LZ.txt -17.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -17.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -17.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\PVB8CWTF.txt -17.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\__utm[1].gif -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\set-16[1].png -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\post-native[1].png -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -17.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\AKBUSA0S.txt -17.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CH96EZX1.txt -17.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\UFYOO4TN.txt -17.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\FECH0EO8.txt -17.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\TOX5Q922.txt -15.7s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -15.7s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -15.7s C:\Users\Kenny\AppData\Local\Temp\Low\REG8417.tmp -15.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VQ68MXJN.txt -15.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\O4MGBEJ1.txt -14.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\style[1].css -14.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\BJKK8OLF.txt -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -14.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -14.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -14.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q58KCYG9.txt -14.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\ms-partner[1].png -14.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img[1].jpg -13.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\DE3DW1W1.txt -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img2[1].jpg -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img3[1].jpg -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ep[1].png -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img4[1].jpg -13.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -13.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\cnet[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\waves[1].jpg -13.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -13.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -13.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5F9Z7X4D.txt -12.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\373AA1E44F5B933F81294FE7DF9AE44E -12.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\373AA1E44F5B933F81294FE7DF9AE44E -11.0s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -10.9s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -10.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\dot_clear[1].gif -8.9s C:\Users\Kenny\AppData\Local\Temp\Low\REG9E58.tmp -8.0s C:\Users\Kenny\AppData\Local\Temp\REGA20D.tmp 0.0s C:\Users\Kenny\AppData\Local\Temp\jar_cache6254978253509695947.tmp 0.9s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 0.9s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 1.4s C:\Windows\Prefetch\JP2LAUNCHER.EXE-8BC39A4D.pf 1.6s C:\Windows\Prefetch\JAVA.EXE-F26CFF01.pf 1.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 1.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 3.0s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 3.0s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 3.0s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 6.7s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\7613A2335EE754712DF5669B660851D0 9.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\922E2AB342E0D0C1180B322081FAAF27 11.8s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47.idx 11.9s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47 16.9s C:\Windows\Prefetch\REGSVR32.EXE-614DD671.pf 18.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{4BCD87B5-ED25-4569-810B-FE7C55E163ED} 26.8s C:\Windows\Prefetch\HBTAWQRVTGMHPNXTUCD.EXE-1597411A.pf 27.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1957883420-1083450386-1349748412-1001\7a723920be415a36e743df6c9728c362_6d3a7bb4-40b6-43a3-8088-81143c6d0db7 30.4s C:\Windows\Prefetch\SVCHOST.EXE-9332ECDC.pf 39.6s C:\Users\Kenny\AppData\Local\Temp\Low\zKEDYGOoOxl 40.4s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\bookmarkbackups\bookmarks-2013-10-10.json 40.7s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\localstore.rdf 43.3s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\Data\Tor\state C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp -> Quarantined Size . . . . . . . : 19 132 bytes Age . . . . . . . : 0.1 days (2013-10-10 19:31:57) Entropy . . . . . : 7.9 SHA-256 . . . . . : 57235D563B9B38C4745420FCAADFEDDD1FFBDB35A1E95D4137B89C53679E6257 > Kaspersky . . . . : HEUR:Exploit.Java.CVE-2012-1723.gen Fuzzy . . . . . . : 102.0 Forensic Cluster -80.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -80.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1696-293x150[1].jpg -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1699-293x150[1].jpg -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1697-293x150[1].jpg -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1698-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1693-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Exclusive-293x150[1].png -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\DHM-Pack-210-293x150[1].png -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1462-293x150[1].jpg -79.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1690-293x150[1].jpg -79.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -79.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -78.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\box[1].htm -78.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -78.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -78.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\scroll[1].png -77.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\relay[2].swf -77.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\unsure[1].gif -77.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\wink[1].gif -77.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\smile[1].gif -77.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\trackingPixel[1].gif -77.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\likebox[1].htm -77.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bmw_4j_468x60b_nl[1].swf -77.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ddc[1].htm -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1076615_584660756_1376328851_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1082988_100002033288453_1211801668_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1118134_100002508052499_1514861849_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1117978_100000706820412_247958862_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\273736_100003301036925_592490609_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1119082_100004100688077_1189558660_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -77.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1117351_100001086747136_213797438_q[1].jpg -77.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1082989_1406569077_401231436_q[1].jpg -77.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1694-293x150[1].jpg -77.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\OUUEEY9P.txt -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\iframe3[1].htm -76.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\z_v3.7c_300x250[1].swf -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[2].htm -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[4].htm -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1117279_100003973435146_1786722666_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\161747_100000115314118_1423120803_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1118494_100006766599995_1693723620_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1115596_100000346344870_533842328_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[3].htm -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\371049_100001335441826_1273431978_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\ss_v3.7c_728x90[1].swf -76.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\bg_ms_300250[1].png -75.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\GN8QV23N.txt -75.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\r[2].gif -75.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -75.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -75.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZQ4TLMB.txt -75.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\thirdpartretargeting[3].gif -75.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YXV9I0KM.txt -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bga_728x90_ss_1[1].swf -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\72890_ss[1].jpg -75.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\6DMBDPP9.txt -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\r[1].gif -75.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\cta_1_ss[1].swf -74.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\JA222J06N-502@1.1[1].jpg -74.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\SE622J01B-513@1.1[1].jpg -73.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\SE622J00I-I00@1.1[1].jpg -70.5s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{B2564122-31D1-11E3-BEE3-083E8EB6BC90}.dat -70.4s C:\Users\Kenny\AppData\Local\Temp\Low\REGB167.tmp -69.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\__utm[4].gif -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1699-280x280[1].jpg -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1698-180x110[1].jpg -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\1691-180x110[1].jpg -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\Mixmash-Radio-180x110[1].jpg -68.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\sharethis_counter2[1].png -68.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\5092658564345193620[1].gif -68.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\T8OUGN58.txt -67.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\1CDOATKZ.txt -67.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y9DYCT5C.txt -67.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\z_v3.7c_728x90[1].swf -67.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\234a6140b599047b8686e87b1b2a1552_f[1].png -67.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\5-8201_PO_Continental_300x250_FR[1].swf -67.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\72890_n[1].jpg -66.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\KV644YXX.txt -66.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -66.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -59.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\pap[1].swf -32.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\__utm[5].gif -31.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\NVB34DU4.txt -31.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\blogo[1].jpg -31.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\download3[1].jpg -28.7s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{CB42C4BE-31D1-11E3-BEE3-083E8EB6BC90}.dat -28.5s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -28.5s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1694-180x110[1].jpg -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1693-180x110[1].jpg -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CL3AYT1P.txt -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\d3af36d8391aea778a3c50358b01a57b_f[1].png -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[2].htm -25.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\E8L1Q8T5.txt -25.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0I97ITVN.txt -25.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\4PCAK1Y6.txt -24.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -21.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\css[1].css -20.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\logo[1].png -20.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\2013[1].zip -20.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\impression[1].gif -19.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\EEQ9F00H.txt -19.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\tusfiles%20728x90[1].gif -19.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\set-action-cookie[1].gif -19.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\SQM2PNXW.txt -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\emily[1].htm -18.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0YQ0G6LZ.txt -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -18.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\PVB8CWTF.txt -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\__utm[1].gif -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\set-16[1].png -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\post-native[1].png -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -18.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\AKBUSA0S.txt -18.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CH96EZX1.txt -18.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\UFYOO4TN.txt -17.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\FECH0EO8.txt -17.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\TOX5Q922.txt -16.6s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -16.6s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -16.6s C:\Users\Kenny\AppData\Local\Temp\Low\REG8417.tmp -16.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VQ68MXJN.txt -16.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\O4MGBEJ1.txt -15.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\style[1].css -15.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\BJKK8OLF.txt -15.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -15.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -15.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -15.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -14.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q58KCYG9.txt -14.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\ms-partner[1].png -14.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img[1].jpg -14.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\DE3DW1W1.txt -14.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img2[1].jpg -14.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img3[1].jpg -14.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ep[1].png -14.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img4[1].jpg -14.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -14.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\cnet[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\waves[1].jpg -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -14.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5F9Z7X4D.txt -13.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\373AA1E44F5B933F81294FE7DF9AE44E -13.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\373AA1E44F5B933F81294FE7DF9AE44E -11.9s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -11.8s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -11.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\dot_clear[1].gif -9.8s C:\Users\Kenny\AppData\Local\Temp\Low\REG9E58.tmp -8.9s C:\Users\Kenny\AppData\Local\Temp\REGA20D.tmp -0.9s C:\Users\Kenny\AppData\Local\Temp\jar_cache6254978253509695947.tmp 0.0s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 0.0s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 0.5s C:\Windows\Prefetch\JP2LAUNCHER.EXE-8BC39A4D.pf 0.7s C:\Windows\Prefetch\JAVA.EXE-F26CFF01.pf 1.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 1.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 2.2s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 2.2s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 2.2s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 5.8s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\7613A2335EE754712DF5669B660851D0 8.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\922E2AB342E0D0C1180B322081FAAF27 11.0s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47.idx 11.0s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47 16.1s C:\Windows\Prefetch\REGSVR32.EXE-614DD671.pf 17.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{4BCD87B5-ED25-4569-810B-FE7C55E163ED} 25.9s C:\Windows\Prefetch\HBTAWQRVTGMHPNXTUCD.EXE-1597411A.pf 26.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1957883420-1083450386-1349748412-1001\7a723920be415a36e743df6c9728c362_6d3a7bb4-40b6-43a3-8088-81143c6d0db7 29.6s C:\Windows\Prefetch\SVCHOST.EXE-9332ECDC.pf 38.8s C:\Users\Kenny\AppData\Local\Temp\Low\zKEDYGOoOxl 39.6s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\bookmarkbackups\bookmarks-2013-10-10.json 39.8s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\localstore.rdf 42.4s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\Data\Tor\state C:\Users\Kenny\AppData\Local\Temp\tmp.exe -> Deleted Size . . . . . . . : 75 264 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:53:09) Entropy . . . . . : 7.7 SHA-256 . . . . . : 23B62F46B7A4846FC16AD44D882D3724265AB100673FE67AA0000015F177AE69 Product . . . . . : WorkerFlower Description . . . : WorkerFlower Version . . . . . : 1.0.0.0 Copyright . . . . : Copyright © 2013 Source URL . . . . : hxxp://dl.dropbox.com/u/113991488/UPnP.exe > G Data . . . . . . : Trojan.Generic.KDZ.11447 > Ikarus . . . . . . : Trojan.SuspectCRC!IK > Kaspersky . . . . : HEUR:Trojan.Win32.Generic Fuzzy . . . . . . : 112.0 C:\Users\Kenny\AppData\Local\Temp\tmp5C91.tmp.exe -> Deleted Size . . . . . . . : 75 264 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:53:09) Entropy . . . . . : 7.7 SHA-256 . . . . . : 23B62F46B7A4846FC16AD44D882D3724265AB100673FE67AA0000015F177AE69 Product . . . . . : WorkerFlower Description . . . : WorkerFlower Version . . . . . : 1.0.0.0 Copyright . . . . : Copyright © 2013 Source URL . . . . : hxxp://dl.dropbox.com/u/113991488/UPnP.exe > G Data . . . . . . : Trojan.Generic.KDZ.11447 > Ikarus . . . . . . : Trojan.SuspectCRC!IK > Kaspersky . . . . : HEUR:Trojan.Win32.Generic Fuzzy . . . . . . : 117.0 C:\Users\Kenny\Downloads\Mixed In Key v2.5 (Full)\Mixed-In-Key v2.5.exe -> Deleted Size . . . . . . . : 1 851 034 bytes Age . . . . . . . : 102.2 days (2013-06-30 17:31:14) Entropy . . . . . : 8.0 SHA-256 . . . . . : D3E063EB2DA91A6A0A274334B608FA035A3FE833D508009C81310C28FB7AEDBE Product . . . . . : Mixed In Key Publisher . . . . : Mixed In Key LLC > G Data . . . . . . : MemScan:Trojan.Generic.2203227 > Ikarus . . . . . . : Trojan.Win32.Comame!IK > Kaspersky . . . . : Trojan.Win32.Chifrax.d Fuzzy . . . . . . : 111.0 C:\Users\Kenny\Downloads\Wondershare QuizCreator 4.2.1.1 Software\Keygen\keygen.exe -> Quarantined Size . . . . . . . : 59 392 bytes Age . . . . . . . : 172.5 days (2013-04-21 10:34:37) Entropy . . . . . : 7.9 SHA-256 . . . . . : 81231F6696A2AAB86B079628197AEEDC00C155DF563D7F41760B6917C5889429 > Ikarus . . . . . . : possible-Threat.Keygen.Core!IK Fuzzy . . . . . . : 118.0 C:\Users\Kenny\Downloads\Xilisoft.Video.Converter.Ultimate.v7.7.2.20130217.Incl.Keygen-BRD\Keygen\Keygen.exe -> Quarantined Size . . . . . . . : 78 848 bytes Age . . . . . . . : 47.2 days (2013-08-24 16:47:26) Entropy . . . . . : 7.8 SHA-256 . . . . . : 78058079D249AD132C0FF56BEDBFB2616B3D0315839916054E52446AC472AB5C > Ikarus . . . . . . : Backdoor.Win32.Hupigon!IK Fuzzy . . . . . . : 114.0 Suspicious files ____________________________________________________________ C:\Users\Kenny\Desktop\Ine\vb5\TOOLS\MSIE\MSIE301.EXE Size . . . . . . . : 5 585 256 bytes Age . . . . . . . : 55.5 days (2013-08-16 10:02:49) Entropy . . . . . : 8.0 SHA-256 . . . . . : 3E19AFC892335BBB4D4784A2D07793C3D9E374D18131D6CB6D853ECB889F311D Product . . . . . : Microsoft Internet Explorer 3.0 Publisher . . . . : Microsoft Corporation Description . . . : Microsoft Internet Explorer 3.0 Version . . . . . : 4.70.0.1215 Copyright . . . . : Copyright © Microsoft Corp. 1995-1996 RSA Key Size . . . : 1024 Authenticode . . . : Invalid Fuzzy . . . . . . : 23.0 Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Potential Unwanted Programs _________________________________________________ C:\Program Files (x86)\Ask.com\ (AskBar) C:\Program Files (x86)\Ask.com\cobrand.ico (AskBar) C:\Program Files (x86)\Ask.com\config.xml (AskBar) C:\Program Files (x86)\Ask.com\favicon.ico (AskBar) C:\Program Files (x86)\Ask.com\mupcfg.xml (AskBar) C:\Users\Kenny\Local Settings\Temp\AskSearch\ (AskBar) C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar) C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1043.MST (AskBar) C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe (AskBar) Size . . . . . . . : 102 400 bytes Age . . . . . . . : 39.2 days (2013-09-01 16:02:02) Entropy . . . . . : 6.1 SHA-256 . . . . . : EA345C1A9C45D94F6D1A71FBBBEEF52F68054DEA36B93B1285B0207261DEF846 Product . . . . . : InstallShield Publisher . . . . : Acresso Software Inc. Description . . . : InstallShield Version . . . . . : 15.0.498 Copyright . . . . : Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved. Fuzzy . . . . . . : 0.0 HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1\ (AskBar) HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\ (AskBar) HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF\ (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\AppDataLow\AskToolbarInfo\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Ask.com\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\AskTB5.6 (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Softonic\ (Softonic) Cookies _____________________________________________________________________ C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\IHVD8U7W.txt C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\PXTEMPEB.txt C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\YE2JCXEC.txt C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default\cookies.sqlite:atdmt.com C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default\cookies.sqlite:serving-sys.com
-
Hier volgt het logje van Malwarebytes... Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.10.10.06 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16688 Kenny :: KENNY [administrator] 10/10/2013 21:03:57 mbam-log-2013-10-10 (21-03-57).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 228619 Verstreken tijd: 13 minuut/minuten, 45 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Adober.exe (Backdoor.Agent.TMPGen) -> Data: "C:\Users\Kenny\AppData\Local\Temp\tmp5C92.tmp.exe" -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 1 HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Slecht: ("regedit.exe" "%1") Goed: (regedit.exe "%1") -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 17 C:\Users\Kenny\AppData\Local\Temp\9JEIww0E.exe.part (PUP.Optional.Topmedia) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\arzHg8pM.exe.part (PUP.BundleInstaller.DW) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\Ax+apxD6.exe.part (PUP.Optional.Topmedia) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\hsXBk_Le.exe.part (PUP.Optional.Installrex) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\k5_tzJUB.exe.part (PUP.Optional.Solimba) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\LyricsPal_1060-8101_v116.exe (PUP.Optional.LyricsAd) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\nsd8F3F.tmp (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\nswBDF0.tmp (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\rwxaeosnmc.exe (Trojan.Dropper.MS) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\SofHGz_D.exe.part (PUP.BundleInstaller.DW) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\z8wCCqIc.exe.part (PUP.Optional.Installex) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\Downloads\AKVIS Coloriage v. 7.5 By Adrian Dennis.rar (Trojan.Bumat) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\Local Settings\Temporary Internet Files\Content.IE5\DQA6GF03\bi_downloader[1].exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\AppLaunch\Service.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\AppLaunch\msnmsgr.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\tmp5C92.tmp.exe (Backdoor.Agent.TMPGen) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
-
Ik heb ondertussen toch een systeemherstel kunnen uitvoeren waarbij het virus verdwenen is. Vervolgens heb ik malwarebytes en hitmanpro geïnstalleerd. Deze zijn momenteel aan het scannen. Dan heb ik ook maar een HJT-logje gemaakt. Kan iemand dit even nakijken? Het logje van Malwarebytes zal ik dadelijk posten. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 21:07:53, on 10/10/2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16688) FIREFOX: 23.0.1 (nl) Boot mode: Normal Running processes: C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\SysWOW64\mdm.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\Kenny\Downloads\HijackThis.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Adober.exe] "C:\Users\Kenny\AppData\Local\Temp\tmp5C92.tmp.exe" O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\Portable\DAEMON Tools Pro Advanced v5.2.0.0348\DTAgent.exe" -autorun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - Global Startup: McAfee Parental Controls.lnk = C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Content Filter (mfeicfcoreocp) - McAfee, Inc. - C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Unknown owner - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 14521 bytes
-
Beste Na het opstarten van mijn laptop krijg ik het venster van het politievirus. Omdat ik over Windows 8 beschik kan ik nu ook niet meer in veilige modus opstarten. Kan iemand mij helpen om dit te verwijderen? bedankt.
