Scweez
-
Items
69 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Scweez
-
Ja ik heb 2 geheugenstickjes gekocht. Ik ga er mij komend weekend mee bezighouden. Bedankt voor de hulp
-
De gevolgde stappen in jouw link verwijzen mij naar de herstelpunten. Ik vind geen instelling die automatische back-ups uitschakelt. Ik heb nog geen kopie gemaakt naar een gegevensdrager, misschien een ideetje voor de toekomst. Maar mijn C-schijf heeft een capaciteit van +/- 51 GB. Daarvan zijn 18 GB foto's en documenten. Door wat wordt de rest gebruikt? Het besturingssysteem en de weinige programma's die ik heb zouden dan 30 GB in beslag nemen. Vind ik vreemd. Maar ik zal dan wel foto's overzetten naar een USB-stickje. Bedankt.
-
Ik heb jouw link gezien, zo heb ik de herstelpunten verwijderd behalve de meest recente. Op mijn C-schijf staan enkel foto's en documenten van in totaal 19 GB. Ik heb geen muziek of films.
-
Ik zie enkel in het back-upcentrum dat Windows automatisch herstelpunten aanmaakt en opslaat op de C-schijf. Neemt dit zoveel ruimte in beslag? En hoe kan ik dit verwijderen? Edit: Ik heb het inmiddels gevonden via Schijfopruiming. Nu heb ik 3 GB vrije ruimte wat nog altijd veel te weinig is.
-
Ik heb CCleaner meermaals laten analyseren en schoonmaken maar nog niet meer schijfruimte, integendeel...
-
Snelheid is in orde. Maar wat kan ik doen aan mijn schijfruimte? Nu heb ik ineens nog maar 1,5 GB over en er is helemaal niets geïnstalleerd. Ik heb een screenshot toegevoegd in bijlage.
-
In bijlage het logbestand van AdwCleaner. Wat ik raar vind is dat ik maar 2 GB schijfruimte over heb op mijn C-schijf terwijl ik maar 18 GB aan foto"s heb en voor de rest geen zware programma's heb geïnstalleerd. AdwCleanerS0.txt
-
Bedankt voor de reactie. In bijlage het log-bestandje. zoek-results.log
-
Hallo Kan iemand mij helpen met opschonen van deze laptop? Sinds kort laden de internetpagina's heel traag etc. Ik heb een HJT-logje gemaakt: Logfile of random's system information tool 1.10 (written by random/random) Run by Mark at 2014-12-26 12:14:03 Microsoft® Windows Vista™ Home Premium System drive C: has 623 MB (1%) free of 52 GB Total RAM: 1790 MB (31% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:14:07, on 26/12/2014 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16982) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Users\Mark\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Mark\Downloads\HijackThis.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Mark\Downloads\RSIT.exe C:\Program Files\trend micro\Mark.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/?a=19en4j0IgVN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: IncrediMail MediaBar Nederlands 2 Toolbar - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: IncrediMail MediaBar Nederlands 2 - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: IncrediMail MediaBar Nederlands 2 Toolbar - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9547 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95324e44-4b0a-47a9-8f77-9c6415e51c29}] IncrediMail MediaBar Nederlands 2 Toolbar - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll [2014-09-23 423744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-03 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-10 1001936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288] {95324e44-4b0a-47a9-8f77-9c6415e51c29} - IncrediMail MediaBar Nederlands 2 Toolbar - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll [2014-09-23 423744] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-03 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-07-27 1006264] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216] "eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-06-11 1286144] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048] "SetPanel"=C:\Acer\APanel\APanel.cmd [] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-08-15 772616] "PlayMovie"=C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2007-05-24 206952] "Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816] "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344] "PLFSetL"=C:\Windows\PLFSetL.exe [2007-07-05 94208] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-06-06 159744] "eRecoveryService"= [] "Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [] "MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-03 13556256] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-03 92704] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2012-06-29 1232896] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2012-07-04 366536] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-07-21 39408] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.mkdmp3enc"=C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2014-12-26 12:14:04 ----D---- C:\Program Files\trend micro 2014-12-26 12:14:03 ----D---- C:\rsit ======List of files/folders modified in the last 1 month====== 2014-12-26 12:14:06 ----D---- C:\Windows\Prefetch 2014-12-26 12:14:04 ----RD---- C:\Program Files 2014-12-26 12:13:56 ----D---- C:\Windows\Temp 2014-12-26 12:11:06 ----D---- C:\Windows\System32 2014-12-26 12:11:06 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-12-26 12:11:05 ----D---- C:\Windows\inf 2014-12-25 12:15:09 ----SHD---- C:\System Volume Information 2014-12-10 19:39:09 ----SHD---- C:\Windows\Installer 2014-12-10 19:39:04 ----D---- C:\ProgramData\Microsoft Help 2014-12-10 19:22:28 ----D---- C:\Windows\system32\MRT 2014-12-10 19:21:42 ----A---- C:\Windows\system32\mrt.exe 2014-12-10 19:19:23 ----D---- C:\Windows\system32\catroot2 2014-12-10 19:11:14 ----A---- C:\Windows\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800] R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 20776] R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16680] R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 60712] R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 13560] R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-05-17 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-05-17 8192] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-14 154624] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-06-18 737280] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-05-16 32256] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-05-17 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-05-17 207360] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-18 1841312] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-07-27 6144] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-07-16 1062304] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-03 7606688] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-05-17 12032] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-07-27 82432] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-08-02 1749376] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-05-17 659968] S1 MpKsl078a845b;MpKsl078a845b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{871E2A72-64E6-4878-9405-A533E77D5963}\MpKsl078a845b.sys [] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560] S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512] R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-04-23 24576] R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 135168] R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248] R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 24576] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-03 203296] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-23 266343] R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-14 167936] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-05-17 386560] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27 107912] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27 107912] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-01 194032] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- Alvast bedankt en prettige feesten!
-
======List of files/folders created in the last 1 month====== 2013-10-16 13:08:33 ----A---- C:\Windows\system32\FNTCACHE.DAT 2013-10-14 18:26:33 ----D---- C:\rsit 2013-10-14 18:26:33 ----D---- C:\Program Files\trend micro 2013-10-13 11:15:27 ----SHD---- C:\Config.Msi 2013-10-13 11:11:27 ----A---- C:\Windows\system32\comctl32.dll 2013-10-13 11:11:26 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-13 11:11:20 ----A---- C:\Windows\system32\shell32.dll 2013-10-13 11:11:17 ----A---- C:\Windows\SYSWOW64\shell32.dll 2013-10-13 11:11:15 ----A---- C:\Windows\system32\twinui.dll 2013-10-13 11:11:14 ----A---- C:\Windows\SYSWOW64\twinui.dll 2013-10-13 11:11:14 ----A---- C:\Windows\SYSWOW64\msctf.dll 2013-10-13 11:11:14 ----A---- C:\Windows\system32\msctf.dll 2013-10-13 11:11:14 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-13 11:11:02 ----A---- C:\Windows\system32\SettingSync.dll 2013-10-13 11:11:02 ----A---- C:\Windows\system32\authui.dll 2013-10-13 11:11:01 ----A---- C:\Windows\SYSWOW64\SettingSync.dll 2013-10-13 11:11:01 ----A---- C:\Windows\SYSWOW64\mbsmsapi.dll 2013-10-13 11:11:01 ----A---- C:\Windows\SYSWOW64\authui.dll 2013-10-13 11:11:01 ----A---- C:\Windows\system32\shdocvw.dll 2013-10-13 11:11:01 ----A---- C:\Windows\system32\mbsmsapi.dll 2013-10-13 11:11:00 ----A---- C:\Windows\SYSWOW64\shdocvw.dll 2013-10-13 11:11:00 ----A---- C:\Windows\system32\SettingSyncInfo.dll 2013-10-13 11:10:52 ----A---- C:\Windows\SYSWOW64\wvc.dll 2013-10-13 11:10:52 ----A---- C:\Windows\SYSWOW64\wdc.dll 2013-10-13 11:10:52 ----A---- C:\Windows\system32\wvc.dll 2013-10-13 11:10:52 ----A---- C:\Windows\system32\wdc.dll 2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\uxtheme.dll 2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\UXInit.dll 2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-10-13 11:10:49 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-10-13 11:10:48 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-10-13 11:10:48 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-10-13 11:10:48 ----A---- C:\Windows\system32\UXInit.dll 2013-10-13 11:10:48 ----A---- C:\Windows\system32\urlmon.dll 2013-10-13 11:10:47 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-10-13 11:10:47 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-13 11:10:47 ----A---- C:\Windows\system32\iesetup.dll 2013-10-13 11:10:47 ----A---- C:\Windows\system32\iernonce.dll 2013-10-13 11:10:47 ----A---- C:\Windows\system32\ie4uinit.exe 2013-10-13 11:10:46 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-10-13 11:10:45 ----A---- C:\Windows\system32\uxtheme.dll 2013-10-13 11:10:45 ----A---- C:\Windows\system32\jscript.dll 2013-10-13 11:10:45 ----A---- C:\Windows\system32\ieframe.dll 2013-10-13 11:10:44 ----A---- C:\Windows\system32\iesysprep.dll 2013-10-13 11:10:43 ----A---- C:\Windows\system32\wininet.dll 2013-10-13 11:10:43 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-13 11:10:40 ----A---- C:\Windows\system32\mshtml.dll 2013-10-13 11:10:33 ----A---- C:\Windows\system32\jscript9.dll 2013-10-13 11:10:31 ----A---- C:\Windows\system32\iertutil.dll 2013-10-13 11:10:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-10-13 11:10:29 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-10-13 11:10:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-10-13 11:10:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-10-13 11:10:01 ----A---- C:\Windows\system32\drivers\WdfLdr.sys 2013-10-13 11:10:01 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-13 11:10:00 ----A---- C:\Windows\system32\drivers\usbprint.sys 2013-10-13 11:10:00 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-13 11:10:00 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-13 11:09:52 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2013-10-13 11:09:52 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-13 11:09:52 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys 2013-10-13 11:09:50 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-13 11:09:50 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-13 11:09:50 ----A---- C:\Windows\system32\atmlib.dll 2013-10-13 11:09:50 ----A---- C:\Windows\system32\atmfd.dll 2013-10-13 11:09:49 ----A---- C:\Windows\system32\win32k.sys 2013-10-13 11:09:45 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-10-13 11:09:45 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-10-13 11:09:40 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-13 11:09:40 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-13 11:09:35 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS 2013-10-13 11:09:35 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS 2013-10-13 11:09:35 ----A---- C:\Windows\system32\drivers\UCX01000.SYS 2013-10-10 21:49:14 ----A---- C:\Windows\system32\bootdelete.exe 2013-10-10 21:04:04 ----D---- C:\ProgramData\HitmanPro 2013-10-10 21:03:23 ----D---- C:\Users\Kenny\AppData\Roaming\Malwarebytes 2013-10-10 21:03:06 ----D---- C:\ProgramData\Malwarebytes 2013-10-10 21:03:04 ----A---- C:\Windows\system32\drivers\mbam.sys 2013-10-10 21:03:03 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-20 19:19:07 ----D---- C:\Program Files (x86)\GoldWave 2013-09-18 10:53:57 ----A---- C:\Windows\system32\tssdisai.dll ======List of files/folders modified in the last 1 month====== 2013-10-16 15:11:22 ----D---- C:\Windows\Temp 2013-10-16 15:00:35 ----D---- C:\ProgramData\MOCP 2013-10-16 15:00:00 ----D---- C:\Windows\system32\sru 2013-10-16 14:35:47 ----D---- C:\Windows\system32\config 2013-10-16 14:33:44 ----D---- C:\Windows\Microsoft.NET 2013-10-16 14:25:03 ----D---- C:\Windows\Prefetch 2013-10-16 13:55:51 ----D---- C:\Windows\AUInstallAgent 2013-10-16 13:55:40 ----HD---- C:\Program Files\WindowsApps 2013-10-16 13:14:05 ----D---- C:\Windows\System32 2013-10-16 13:14:05 ----D---- C:\Windows\Inf 2013-10-16 13:14:05 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-16 13:11:44 ----A---- C:\Windows\SYSWOW64\log.txt 2013-10-15 19:27:08 ----RD---- C:\Windows\assembly 2013-10-15 19:22:09 ----D---- C:\Windows\system32\MRT 2013-10-15 19:18:21 ----A---- C:\Windows\system32\MRT.exe 2013-10-15 19:18:15 ----D---- C:\Windows\CbsTemp 2013-10-15 19:18:07 ----D---- C:\Windows\apppatch 2013-10-15 19:18:00 ----D---- C:\Windows\WinSxS 2013-10-14 18:26:33 ----RD---- C:\Program Files 2013-10-14 18:25:36 ----D---- C:\Program Files (x86)\AutocompletePro 2013-10-14 18:25:36 ----D---- C:\Program Files (x86)\Ask.com 2013-10-14 18:08:19 ----D---- C:\Windows\SysWOW64 2013-10-14 18:06:19 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-14 18:06:10 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-13 15:29:08 ----D---- C:\Program Files (x86)\Internet Explorer 2013-10-13 15:29:05 ----D---- C:\Program Files\Internet Explorer 2013-10-13 15:29:02 ----D---- C:\Windows\system32\Drivers 2013-10-13 15:28:52 ----RD---- C:\Windows\ToastData 2013-10-13 15:28:46 ----D---- C:\Windows\system32\DriverStore 2013-10-13 15:26:50 ----D---- C:\Users\Kenny\AppData\Roaming\uTorrent 2013-10-13 14:20:38 ----D---- C:\Users\Kenny\AppData\Roaming\vlc 2013-10-13 12:37:17 ----SHD---- C:\System Volume Information 2013-10-13 12:03:29 ----D---- C:\Windows\system32\catroot2 2013-10-13 11:21:11 ----SHD---- C:\Windows\Installer 2013-10-13 11:21:10 ----D---- C:\ProgramData\Microsoft Help 2013-10-10 22:57:54 ----D---- C:\Windows 2013-10-10 22:57:53 ----D---- C:\Windows\Tasks 2013-10-10 22:57:48 ----D---- C:\Windows\system32\Tasks 2013-10-10 22:57:44 ----D---- C:\Windows\system32\CodeIntegrity 2013-10-10 22:51:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-10 22:51:27 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-10-10 22:43:21 ----D---- C:\Windows\system32\wbem 2013-10-10 22:43:21 ----D---- C:\Windows\registration 2013-10-10 22:43:02 ----D---- C:\Users\Kenny\AppData\Roaming\Adobe 2013-10-10 22:41:45 ----D---- C:\ProgramData\Adobe 2013-10-10 22:41:07 ----RHD---- C:\MSOCache 2013-10-10 22:41:07 ----D---- C:\Program Files (x86)\Common Files 2013-10-10 22:41:07 ----D---- C:\Program Files (x86)\Adobe 2013-10-10 21:04:04 ----HD---- C:\ProgramData 2013-10-10 21:03:03 ----RD---- C:\Program Files (x86) 2013-10-10 21:00:26 ----D---- C:\Windows\Logs 2013-10-09 15:10:57 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2013-10-02 03:38:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-09-26 16:24:35 ----D---- C:\Program Files (x86)\McAfee 2013-09-26 08:43:27 ----D---- C:\Program Files\Common Files\mcafee 2013-09-19 16:39:25 ----D---- C:\Update 2013-09-18 16:22:48 ----D---- C:\ProgramData\Sony Corporation ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\Windows\System32\drivers\ACPI.sys [2012-09-20 425192] R0 acpiex;Microsoft ACPIEx Driver; C:\Windows\System32\Drivers\acpiex.sys [2012-07-26 77040] R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\Windows\System32\drivers\CLFS.sys [2012-07-26 361200] R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2012-10-11 562392] R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\Windows\System32\drivers\disk.sys [2012-07-26 102640] R0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\Windows\System32\drivers\EhStorClass.sys [2012-07-26 81136] R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\Windows\System32\drivers\fileinfo.sys [2012-07-26 71920] R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\Windows\system32\drivers\fltmgr.sys [2012-07-26 374512] R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2012-09-20 465128] R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-23 645952] R0 KSecDD;KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [2012-09-20 100072] R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2012-10-11 172264] R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-08-08 776168] R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-08-08 343568] R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\Windows\System32\drivers\mountmgr.sys [2012-07-26 93936] R0 msisadrv;msisadrv; C:\Windows\System32\drivers\msisadrv.sys [2012-07-26 17136] R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\Windows\System32\Drivers\mup.sys [2012-07-26 83696] R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\Windows\system32\drivers\ndis.sys [2013-06-17 997632] R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\Windows\System32\drivers\partmgr.sys [2013-01-10 91880] R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\Windows\System32\drivers\pci.sys [2012-07-26 234224] R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2012-07-26 52464] R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\Windows\system32\drivers\pdc.sys [2013-03-02 69864] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-07-26 217328] R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\Windows\System32\drivers\spaceport.sys [2013-05-04 284416] R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\Windows\System32\drivers\tcpip.sys [2013-08-01 2233688] R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\Windows\System32\drivers\vdrvroot.sys [2012-07-26 36080] R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\Windows\System32\drivers\volmgr.sys [2012-07-26 83184] R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\Windows\System32\drivers\volmgrx.sys [2012-07-26 378608] R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\Windows\System32\drivers\volsnap.sys [2013-06-01 327936] R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\Windows\system32\drivers\afd.sys [2012-11-06 560640] R1 BasicDisplay;BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [2012-07-26 48640] R1 BasicRender;BasicRender; C:\Windows\System32\drivers\BasicRender.sys [2012-07-26 29696] R1 Beep;Beep; C:\Windows\system32\drivers\Beep.sys [2012-07-26 7680] R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\Windows\System32\drivers\cdrom.sys [2012-07-26 174080] R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536] R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\Windows\System32\Drivers\dfsc.sys [2012-07-26 118784] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2012-07-26 50688] R1 dtsoftbus01;@oem29.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2013-07-01 283200] R1 Msfs;Msfs; C:\Windows\system32\drivers\Msfs.sys [2012-07-26 26112] R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\Windows\System32\drivers\mssmbios.sys [2012-07-26 37616] R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\Windows\system32\DRIVERS\netbios.sys [2012-07-26 46080] R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\Windows\System32\DRIVERS\netbt.sys [2012-07-26 331776] R1 Npfs;Npfs; C:\Windows\system32\drivers\Npfs.sys [2012-07-26 49152] R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\Windows\System32\drivers\npsvctrig.sys [2012-07-26 23552] R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2012-07-26 34304] R1 Null;Null; C:\Windows\system32\drivers\Null.sys [2012-07-26 5632] R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\Windows\system32\DRIVERS\pacer.sys [2012-07-26 145408] R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\Windows\system32\DRIVERS\rdbss.sys [2013-05-04 427520] R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2012-07-26 117248] R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\Windows\system32\DRIVERS\lltdio.sys [2012-07-26 60416] R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2012-07-26 134144] R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\Windows\system32\DRIVERS\nwifi.sys [2012-07-26 427520] R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\Windows\system32\drivers\Ndu.sys [2012-07-26 97792] R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2013-04-09 805376] R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\Windows\system32\DRIVERS\rspndr.sys [2012-07-26 78848] R2 secdrv;Security Driver; C:\Windows\system32\drivers\secdrv.sys [2012-07-26 23040] R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2012-07-26 45056] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-08-20 10280960] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-08-20 368640] R3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\Windows\system32\DRIVERS\asyncmac.sys [2012-07-26 26624] R3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-08-13 88728] R3 athr;@oem24.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-08-20 3618304] R3 AtiHDAudioService;@oem18.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW86.sys [2012-08-20 98472] R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2012-07-26 101888] R3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-08-13 344216] R3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-08-13 114840] R3 BTATH_BUS;@oem7.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2012-08-13 33944] R3 BTATH_HCRP;@oem13.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2012-08-13 178840] R3 BTATH_LWFLT;@oem14.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-08-13 76952] R3 BTATH_RCP;@oem16.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2012-08-13 135832] R3 BTATH_VDP;@oem17.inf,%BTATH_VDP.SvcDesc%;Bluetooth VDP Driver; C:\Windows\system32\drivers\btath_vdp.sys [2012-08-13 427416] R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-08-13 567808] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752] R3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\Windows\System32\drivers\CmBatt.sys [2012-07-26 25600] R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\Windows\System32\drivers\CompositeBus.sys [2012-07-26 36352] R3 condrv;Console Driver; C:\Windows\System32\drivers\condrv.sys [2012-07-26 33792] R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2013-04-16 1455368] R3 fastfat;FAT12/16/32 File System Driver; C:\Windows\system32\drivers\fastfat.sys [2012-07-26 210672] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\System32\drivers\HDAudBus.sys [2012-09-20 71168] R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\Windows\System32\drivers\hidusb.sys [2013-05-04 27648] R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\Windows\system32\drivers\HTTP.sys [2013-03-15 861184] R3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver; C:\Windows\System32\drivers\i8042prt.sys [2012-07-26 112640] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-08-20 4102928] R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\Windows\System32\drivers\intelppm.sys [2012-11-06 89088] R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\Windows\System32\drivers\kbdclass.sys [2012-07-26 48368] R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\Windows\system32\DRIVERS\kdnic.sys [2012-07-26 18432] R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [2012-07-26 21376] R3 MEIx64;@oem19.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784] R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-08-08 179664] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-08-08 310224] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-08-08 519064] R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver-service; C:\Windows\System32\drivers\monitor.sys [2013-03-01 30720] R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\Windows\System32\drivers\mouclass.sys [2012-07-26 45808] R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\Windows\System32\drivers\mouhid.sys [2013-03-02 26112] R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2012-10-11 74752] R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\Windows\system32\DRIVERS\mrxsmb.sys [2013-02-06 370688] R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 279552] R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2013-02-06 215552] R3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2012-07-26 8704] R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\Windows\system32\DRIVERS\ndistapi.sys [2012-09-20 25088] R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\Windows\system32\DRIVERS\ndisuio.sys [2012-07-26 58880] R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080] R3 NDProxy;NDIS Proxy; C:\Windows\system32\drivers\NDProxy.sys [2013-04-09 60416] R3 Ntfs;Ntfs; C:\Windows\system32\drivers\Ntfs.sys [2013-02-02 1933544] R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\Windows\system32\DRIVERS\raspptp.sys [2012-07-26 114176] R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 68608] R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\Windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 124928] R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\Windows\system32\DRIVERS\raspppoe.sys [2012-07-26 81920] R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2012-07-26 92672] R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\Windows\System32\drivers\rdpbus.sys [2012-07-26 22528] R3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\Windows\System32\drivers\rdpdr.sys [2012-07-26 179712] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-12 27880] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672] R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-07-30 683664] R3 SensorsSimulatorDriver;@oem35.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656] R3 SFEP;@oem4.inf,%SvcDesc%;Sony Firmware Extension Parser; C:\Windows\System32\drivers\SFEP.sys [2012-07-11 14336] R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-21 43832] R3 SOWS;@oem5.inf,%SOWS%;Sony Wireless State Device; C:\Windows\System32\drivers\sows.sys [2012-06-11 24280] R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\Windows\System32\DRIVERS\srv.sys [2012-07-26 416768] R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2013-04-09 623104] R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2013-04-09 247808] R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\Windows\System32\drivers\swenum.sys [2012-07-26 13680] R3 SynTP;@oem22.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-08-21 447800] R3 TPM;@tpm.inf,%TPM%;TPM; C:\Windows\system32\drivers\tpm.sys [2013-03-02 148712] R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Stuurprogramma voor Microsoft IPv6 Tunnel-minipoortadapter; C:\Windows\system32\DRIVERS\tunnel.sys [2012-07-26 149504] R3 UCX01000;USB Controller Extension; C:\Windows\System32\drivers\ucx01000.sys [2013-07-02 213336] R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\Windows\System32\drivers\umbus.sys [2012-07-26 48128] R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-06 121984] R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\Windows\System32\drivers\usbccgp.sys [2013-06-29 120832] R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\System32\drivers\usbehci.sys [2013-07-01 79192] R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Stuurprogramma voor Microsoft USB Standaard-hub; C:\Windows\System32\drivers\usbhub.sys [2013-07-01 623448] R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\Windows\System32\drivers\UsbHub3.sys [2013-07-02 447320] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-06 210560] R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\Windows\System32\drivers\USBXHCI.SYS [2013-07-02 337752] R4 cdfs;CD/DVD File System Reader; C:\Windows\system32\DRIVERS\cdfs.sys [2012-07-26 108544] S0 3ware;3ware; C:\Windows\System32\drivers\3ware.sys [2012-07-26 106736] S0 adp94xx;adp94xx; C:\Windows\System32\drivers\adp94xx.sys [2012-07-26 492272] S0 adpahci;adpahci; C:\Windows\System32\drivers\adpahci.sys [2012-07-26 340720] S0 adpu320;adpu320; C:\Windows\System32\drivers\adpu320.sys [2012-07-26 184048] S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\Windows\System32\drivers\agp440.sys [2012-07-26 63216] S0 amdsata;amdsata; C:\Windows\System32\drivers\amdsata.sys [2012-07-26 76016] S0 amdsbs;amdsbs; C:\Windows\System32\drivers\amdsbs.sys [2012-07-26 258288] S0 amdxata;amdxata; C:\Windows\System32\drivers\amdxata.sys [2012-07-26 26352] S0 arc;arc; C:\Windows\System32\drivers\arc.sys [2012-07-26 104688] S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\Windows\System32\drivers\arcsas.sys [2012-07-26 108272] S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\Windows\System32\drivers\atapi.sys [2012-07-26 25840] S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\Windows\System32\drivers\bxvbda.sys [2012-09-20 533224] S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\System32\drivers\evbda.sys [2012-09-20 3265256] S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\Windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 113904] S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\System32\drivers\gagp30kx.sys [2012-07-26 66800] S0 HpSAMD;HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [2012-07-26 64752] S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2012-07-26 24816] S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\Windows\System32\drivers\iaStorV.sys [2012-07-26 411888] S0 iirsp;iirsp; C:\Windows\System32\drivers\iirsp.sys [2012-07-26 45296] S0 intelide;intelide; C:\Windows\System32\drivers\intelide.sys [2012-07-26 18672] S0 isapnp;isapnp; C:\Windows\System32\drivers\isapnp.sys [2012-07-26 22256] S0 LSI_SAS;LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [2012-07-26 108784] S0 LSI_SAS2;LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [2012-07-26 92400] S0 LSI_SCSI;LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [2012-07-26 116976] S0 LSI_SSS;LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [2012-07-26 81136] S0 megasas;megasas; C:\Windows\System32\drivers\megasas.sys [2012-07-26 51952] S0 MegaSR;MegaSR; C:\Windows\System32\drivers\MegaSR.sys [2012-07-26 353008] S0 mvumis;mvumis; C:\Windows\System32\drivers\mvumis.sys [2012-07-26 64240] S0 nfrd960;nfrd960; C:\Windows\System32\drivers\nfrd960.sys [2012-07-26 52464] S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\Windows\System32\drivers\nv_agp.sys [2012-07-26 125168] S0 nvraid;nvraid; C:\Windows\System32\drivers\nvraid.sys [2012-07-26 150256] S0 nvstor;nvstor; C:\Windows\System32\drivers\nvstor.sys [2012-07-26 168176] S0 pciide;pciide; C:\Windows\System32\drivers\pciide.sys [2012-07-26 14064] S0 pcmcia;pcmcia; C:\Windows\System32\drivers\pcmcia.sys [2012-07-26 237808] S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\Windows\System32\drivers\sbp2port.sys [2012-07-26 107760] S0 SiSRaid2;SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [2012-07-26 44784] S0 SiSRaid4;SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [2012-07-26 81648] S0 stexstor;stexstor; C:\Windows\System32\drivers\stexstor.sys [2012-07-26 30960] S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\Windows\System32\drivers\storahci.sys [2013-03-02 77544] S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 45160] S0 storvsc;storvsc; C:\Windows\System32\drivers\storvsc.sys [2012-07-26 37992] S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\Windows\System32\drivers\uagp35.sys [2012-07-26 65776] S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\Windows\System32\drivers\uliagpkx.sys [2012-07-26 66800] S0 viaide;viaide; C:\Windows\System32\drivers\viaide.sys [2012-07-26 19184] S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\System32\drivers\vmbus.sys [2012-07-26 137832] S0 vsmraid;vsmraid; C:\Windows\System32\drivers\vsmraid.sys [2012-07-26 164080] S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\Windows\System32\drivers\vstxraid.sys [2012-07-26 322800] S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\Windows\system32\drivers\dam.sys [2013-08-16 58200] S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\Windows\System32\drivers\1394ohci.sys [2012-07-26 226304] S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\Windows\System32\drivers\acpipagr.sys [2012-07-26 10240] S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\Windows\System32\drivers\acpipmi.sys [2012-07-26 12288] S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\Windows\System32\drivers\acpitime.sys [2012-07-26 10752] S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\Windows\System32\drivers\amdk8.sys [2012-11-06 90624] S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\Windows\System32\drivers\amdppm.sys [2012-11-06 88064] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2012-07-26 79360] S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632] S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [2012-07-26 51200] S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [2012-11-27 29952] S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\Windows\System32\drivers\bthmodem.sys [2012-07-26 65536] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040] S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\Windows\System32\drivers\circlass.sys [2012-07-26 45056] S3 dg_ssudbus;@oem32.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448] S3 dmvsc;dmvsc; C:\Windows\System32\drivers\dmvsc.sys [2012-07-26 33280] S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2012-10-11 5632] S3 e1yexpress;@net1yx64.inf,%E1YExpress.Service.DispName%;Intel® Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2012-06-02 283136] S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\Windows\System32\drivers\errdev.sys [2012-07-26 10240] S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2012-07-26 194560] S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\Windows\System32\drivers\fdc.sys [2012-07-26 30720] S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2012-07-26 34816] S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\Windows\System32\drivers\flpydisk.sys [2012-07-26 24576] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2012-07-26 57584] S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\Windows\System32\drivers\fxppm.sys [2012-11-06 22528] S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\Windows\System32\drivers\vmgencounter.sys [2012-07-26 12288] S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\Windows\System32\Drivers\msgpioclx.sys [2013-07-09 120144] S3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2013-06-26 341504] S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\Windows\System32\drivers\HidBatt.sys [2012-07-26 27136] S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\Windows\System32\drivers\hidbth.sys [2013-04-09 95744] S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\Windows\System32\drivers\hidi2c.sys [2012-11-20 39936] S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\Windows\System32\drivers\hidir.sys [2012-07-26 46080] S3 hyperkbd;hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [2012-07-26 11776] S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 24576] S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\Windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 89088] S3 IPMIDRV;IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [2012-07-26 78336] S3 IPNAT;IP Network Address Translator; C:\Windows\System32\drivers\ipnat.sys [2012-07-26 145920] S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\Windows\system32\drivers\irenum.sys [2012-07-26 17920] S3 iscFlash;iscFlash; \??\C:\ProgramData\Sony Corporation\Sony Packaging Manager\PackagingTemp\{39035736-5CDA-4D8E-B4CD-B41423B2C0A4}\iscflashx64.sys [] S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\Windows\System32\drivers\msiscsi.sys [2012-11-06 277736] S3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\Windows\System32\drivers\kbdhid.sys [2012-07-26 29184] S3 Modem;Modem; C:\Windows\system32\drivers\modem.sys [2012-07-26 40448] S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\Windows\system32\drivers\mrxdav.sys [2012-07-26 141312] S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2012-07-26 129536] S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\Windows\System32\drivers\msgpiowin32.sys [2013-01-10 28904] S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\Windows\System32\drivers\mshidumdf.sys [2012-07-26 10752] S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2012-07-26 11008] S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\Windows\system32\DRIVERS\mslldp.sys [2012-07-26 68608] S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2012-07-26 7168] S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2012-07-26 6912] S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2012-07-26 390896] S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2012-07-26 8192] S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\Windows\System32\drivers\MTConfig.sys [2012-07-26 14848] S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\Windows\system32\DRIVERS\ndiscap.sys [2012-07-26 46592] S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 126464] S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080] S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-06-28 13546344] S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\Windows\System32\drivers\parport.sys [2012-07-26 105984] S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\Windows\System32\drivers\processr.sys [2012-11-06 87552] S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2012-07-26 46592] S3 RasAcd;Remote Access Auto Connection Driver; C:\Windows\System32\DRIVERS\rasacd.sys [2012-07-26 16384] S3 RDPWD;RDP Winstation Driver; C:\Windows\system32\drivers\RDPWD.sys [2012-07-26 208384] S3 RSPCIESTOR;@oem20.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2012-08-07 339600] S3 s3cap;s3cap; C:\Windows\System32\drivers\vms3cap.sys [2012-07-26 7168] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2012-07-26 36864] S3 sdbus;sdbus; C:\Windows\System32\drivers\sdbus.sys [2013-06-29 195416] S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\Windows\System32\drivers\sdstor.sys [2012-10-11 56552] S3 SerCx;Serial UART Support Library; C:\Windows\system32\drivers\SerCx.sys [2012-07-26 62976] S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\Windows\System32\drivers\serenum.sys [2012-07-26 23040] S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\Windows\System32\drivers\serial.sys [2012-07-26 76800] S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\Windows\System32\drivers\sermouse.sys [2012-07-26 27136] S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\Windows\System32\drivers\sfloppy.sys [2012-07-26 16896] S3 SpbCx;Simple Peripheral Bus Support Library; C:\Windows\system32\drivers\SpbCx.sys [2012-07-26 59392] S3 ssudmdm;@oem34.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672] S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2013-08-01 2233688] S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\Windows\System32\drivers\terminpt.sys [2012-07-26 36592] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-07-26 57344] S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\Windows\System32\drivers\TsUsbGD.sys [2012-07-26 30208] S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2013-01-15 21200] S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\Windows\System32\drivers\uaspstor.sys [2012-07-26 97008] S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass-stuurprogramma; C:\Windows\System32\drivers\umpass.sys [2012-07-26 11776] S3 USBAAPL64;@oem27.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\Windows\System32\drivers\usbcir.sys [2013-07-06 99328] S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\System32\drivers\usbohci.sys [2012-11-20 27136] S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\Windows\System32\drivers\usbprint.sys [2013-07-02 25600] S3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;Stuurprogramma voor USB-massaopslag; C:\Windows\System32\drivers\USBSTOR.SYS [2013-06-06 119040] S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\System32\drivers\usbuhci.sys [2013-06-29 32256] S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\Windows\system32\drivers\VerifierExt.sys [2012-07-26 106224] S3 vhdmp;vhdmp; C:\Windows\System32\drivers\vhdmp.sys [2013-03-02 495336] S3 VMBusHID;VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [2012-07-26 22144] S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\Windows\System32\drivers\vpci.sys [2012-07-26 67824] S3 VSPerfDrv110;Performance Tools Driver 11.0; \??\C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [2012-07-13 70264] S4 udfs;udfs; C:\Windows\system32\DRIVERS\udfs.sys [2013-06-26 321536] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-08-20 239616] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-13 211584] R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 DcomLaunch;@combase.dll,-5012; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-08-07 2445968] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456] R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104] R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856] R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720] R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-07-17 277824] R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 McSchedulerSvc;McAfee PC Task Scheduler Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-08 219272] R2 mfeicfcoreocp;McAfee Content Filter; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2013-08-08 2776256] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-08-08 182752] R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280] R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-07-27 474208] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 RpcSs;@combase.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-08-06 156672] R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe [2012-09-20 35840] R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe [2012-07-26 769024] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624] R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696] R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-07-17 365376] R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-08-18 68776] R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-15 641352] R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\Windows\System32\svchost.exe [2012-09-20 29696] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2012-09-20 29696] R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2012-09-20 29696] R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696] R3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\Windows\system32\svchost.exe [2012-09-20 29696] R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2012-09-20 35840] R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2012-10-12 54760] R3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2013-06-01 680960] R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [2013-08-01 1368624] S2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2012-09-20 29696] S2 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] S2 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2013-08-16 4917760] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416] S3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe [2012-07-26 94208] S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2012-07-26 10752] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2012-09-20 35840] S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2012-07-26 669696] S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-08-03 43616] S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2012-09-20 35840] S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656] S3 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe [2012-07-26 144384] S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec.exe [2012-07-26 124416] S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe [2012-09-20 35840] S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 NetworkSupport;NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2012-08-18 623784] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2012-07-26 20992] S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe [2012-07-26 9728] S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2012-07-26 14848] S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-08-08 123616] S3 SOHDms;VAIO Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-08-08 460512] S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-08-08 78048] S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952] S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2012-09-20 29696] S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976] S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2013-05-16 98304] S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2012-07-26 40960] S3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-07-19 476328] S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-08-08 972000] S3 Visual Studio Analyzer RPC bridge;Visual Studio Analyzer RPC bridge; C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [1998-06-06 34036] S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696] S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\Windows\system32\vssvc.exe [2013-05-04 1483776] S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696] S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696] S4 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696] -----------------EOF-----------------
-
Reageren lukt niet meer... de pagina blijft laden als ik een groot stuk tekst plak. - - - Updated - - - Logfile of random's system information tool 1.09 (written by random/random) Run by Kenny at 2013-10-16 15:02:26 Microsoft Windows 8 System drive C: has 326 GB (48%) free of 677 GB Total RAM: 6091 MB (69% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:02:27, on 16/10/2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Kenny.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\Portable\DAEMON Tools Pro Advanced v5.2.0.0348\DTAgent.exe" -autorun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - Global Startup: McAfee Parental Controls.lnk = C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Content Filter (mfeicfcoreocp) - McAfee, Inc. - C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Unknown owner - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 13907 bytes - - - Updated - - - ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe "dwm.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService atieclxx C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-35c1aaba-ad33-489e-9b7e-dfbc7cbe8d37 -SystemEventPortName:HostProcess-c4626861-25dd-4136-a4f7-00852f45c7fe -IoCancelEventPortName:HostProcess-90a68f19-67e9-42e3-849f-f675d12cf9e3 -NonStateChangingEventPortName:HostProcess-bf635065-7057-40cc-80a0-1a25f610c110 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:81df414f-ecd8-4178-b6db-5fc00657d53c -DeviceGroupId:WudfDefaultDevicePool C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\Bluetooth Suite\adminservice.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE" dashost.exe {412a9321-4426-4bec-a8ca20dc827e044f} "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc "C:\Windows\system32\mfevtps.exe" "C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe" "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe" "C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" "\Program Files\Synaptics\SynTP\SynTPEnh.exe" taskhostex.exe "C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe" C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe "C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe" C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83} C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\Explorer.EXE "C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE" "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe" "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 "C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe" /platui "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart "C:\Program Files\iPod\bin\iPodService.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow "C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary "C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=10000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1" "/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "&" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\%C3 & Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata" "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files\Sony\VAIO Update\VUAgent.exe" C:\Windows\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529} C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0 "C:\Program Files\Windows Defender\MsMpEng.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files\Sony\VAIO Improvement\vim.exe" -System "C:\Program Files\Sony\VAIO Improvement\vim.exe" -User "C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate "C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding "C:\Program Files\Sony\VAIO Care\VCService.exe" "C:\Program Files\Sony\VAIO Care\VCAgent.exe" "C:\Windows\system32\wwahost.exe" -ServerName:SonyCorporation.VAIOMessageCenter.wwa C:\Windows\System32\vds.exe "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:267521 /prefetch:2 "C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:3806563 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:1316304 /prefetch:2 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1957883420-1083450386-1349748412-100130_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1957883420-1083450386-1349748412-100130 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Windows\system32\SearchFilterHost.exe" 0 588 592 600 65536 596 C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Kenny\Desktop\RSITx64.exe" - - - Updated - - - ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default prefs.js - "browser.startup.homepage" - "http://www.google.be/" prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX] "Description"=Canon My Image Garden "Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] "Description"=This plugin updates Intel WebAPI component "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.0] "Description"= "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App V2 Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0] "Description"= "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Program Files (x86)\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\searchplugins\ yahoo.xml C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default\extensions\ support@predictad.com toolbar@ask.com - - - Updated - - - ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-04 545264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}] CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-13 64640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-04 193520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-04 453104] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{876d9f09-c6d6-4324-a2cc-04dd9a4de12f}] Microsoft Web Test Recorder 10.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26 74888] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-04 157680] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-20 1214608] "BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-13 764032] "BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-13 127616] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Pro Agent"=C:\Program Files (x86)\Portable\DAEMON Tools Pro Advanced v5.2.0.0348\DTAgent.exe -autorun [] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640] "AdobeBridge"= [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216] "ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2012-08-18 68776] "PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2012-07-27 724576] "Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 38112] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352] "Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-06-25 152896] "mcpltui_exe"=C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [2013-08-17 644656] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-15 152392] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312] "beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup [] "NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Parental Controls.lnk - C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "EnableUIADesktopToggle"=0 "EnableCursorSuppression"=1 "ConsentPromptBehaviorUser"=3 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableCAD"=1 "EnableLinkedConnections"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktopChanges"=1 "NoActiveDesktop"=1 - - - Updated - - - [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "midi2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux3"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* - - - Updated - - - Telkens als ik op 'snel reageren' klik, komt er een melding 'Bent u zeker dat u deze pagina wilt verlaten?' - - - Updated - - - Telkens als ik op 'snel reageren' klik, komt er een melding 'Bent u zeker dat u deze pagina wilt verlaten?'
-
En tenslotte het logbestandje van HitmanPro HitmanPro 3.7.7.205 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : KENNY Windows . . . . . . . : 6.2.0.9200.X64/4 User name . . . . . . : KENNY\Kenny UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (30 days left) Scan date . . . . . . : 2013-10-10 21:25:13 Scan mode . . . . . . : Normal Scan duration . . . . : 20m 18s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 290 Traces . . . . . . . : 759 Objects scanned . . . : 2 387 668 Files scanned . . . . : 91 536 Remnants scanned . . : 779 323 files / 1 516 809 keys Malware _____________________________________________________________________ C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G671ZG9B\UPnP[1].exe -> Deleted Size . . . . . . . : 75 264 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:53:09) Entropy . . . . . : 7.7 SHA-256 . . . . . : 23B62F46B7A4846FC16AD44D882D3724265AB100673FE67AA0000015F177AE69 Product . . . . . : WorkerFlower Description . . . : WorkerFlower Version . . . . . : 1.0.0.0 Copyright . . . . : Copyright © 2013 Source URL . . . . : hxxp://dl.dropbox.com/u/113991488/UPnP.exe > G Data . . . . . . : Trojan.Generic.KDZ.11447 > Ikarus . . . . . . : Trojan.SuspectCRC!IK > Kaspersky . . . . : HEUR:Trojan.Win32.Generic Fuzzy . . . . . . : 109.0 C:\Users\Kenny\AppData\Local\Temp\fzwkf-48.dll -> Deleted Size . . . . . . . : 7 168 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:31:22) Entropy . . . . . : 4.4 SHA-256 . . . . . : 08814FC6A3E3EACA020DF7478FD7031D5C730321244760C829D863C061F70DD8 Description . . . : Version . . . . . : 0.0.0.0 Copyright . . . . : > G Data . . . . . . : Gen:Variant.Kazy.156409 > Ikarus . . . . . . : Win32.SuspectCrc!IK Fuzzy . . . . . . : 106.0 C:\Users\Kenny\AppData\Local\Temp\hi8ylix1.dll -> Deleted Size . . . . . . . : 7 168 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:31:22) Entropy . . . . . : 4.4 SHA-256 . . . . . : D18ED29A473EEB40D4453BAC2FDF0C2D7B735FB75F65175AB30D71CD4172548D Description . . . : Version . . . . . : 0.0.0.0 Copyright . . . . : > G Data . . . . . . : Gen:Variant.Kazy.156409 > Ikarus . . . . . . : Win32.SuspectCrc!IK Fuzzy . . . . . . : 106.0 C:\Users\Kenny\AppData\Local\Temp\jar_cache6254978253509695947.tmp -> Quarantined Size . . . . . . . : 19 134 bytes Age . . . . . . . : 0.1 days (2013-10-10 19:31:56) Entropy . . . . . : 7.9 SHA-256 . . . . . : 5E814E032FF7890B4AF4BF2CBC14D297715C59DC77BAE69F9C65F584F76C2047 > Kaspersky . . . . : HEUR:Exploit.Java.CVE-2012-1723.gen Fuzzy . . . . . . : 102.0 Forensic Cluster -79.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -79.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -79.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1696-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1699-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1697-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1698-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1693-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Exclusive-293x150[1].png -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\DHM-Pack-210-293x150[1].png -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1462-293x150[1].jpg -78.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1690-293x150[1].jpg -78.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -78.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -77.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\box[1].htm -77.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -77.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -77.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\scroll[1].png -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\relay[2].swf -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\unsure[1].gif -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\wink[1].gif -76.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\smile[1].gif -76.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\trackingPixel[1].gif -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\likebox[1].htm -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bmw_4j_468x60b_nl[1].swf -76.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ddc[1].htm -76.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1076615_584660756_1376328851_q[1].jpg -76.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1082988_100002033288453_1211801668_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1118134_100002508052499_1514861849_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1117978_100000706820412_247958862_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\273736_100003301036925_592490609_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1119082_100004100688077_1189558660_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -76.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1117351_100001086747136_213797438_q[1].jpg -76.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1082989_1406569077_401231436_q[1].jpg -76.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1694-293x150[1].jpg -76.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\OUUEEY9P.txt -76.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\iframe3[1].htm -76.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\z_v3.7c_300x250[1].swf -75.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[2].htm -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[4].htm -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1117279_100003973435146_1786722666_q[1].jpg -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\161747_100000115314118_1423120803_q[1].jpg -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1118494_100006766599995_1693723620_q[1].jpg -75.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1115596_100000346344870_533842328_q[1].jpg -75.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[3].htm -75.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\371049_100001335441826_1273431978_q[1].jpg -75.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\ss_v3.7c_728x90[1].swf -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\bg_ms_300250[1].png -74.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\GN8QV23N.txt -74.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\r[2].gif -74.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -74.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -74.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZQ4TLMB.txt -74.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\thirdpartretargeting[3].gif -74.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YXV9I0KM.txt -74.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bga_728x90_ss_1[1].swf -74.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\72890_ss[1].jpg -74.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\6DMBDPP9.txt -74.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\r[1].gif -74.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\cta_1_ss[1].swf -74.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\JA222J06N-502@1.1[1].jpg -74.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\SE622J01B-513@1.1[1].jpg -72.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\SE622J00I-I00@1.1[1].jpg -69.6s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{B2564122-31D1-11E3-BEE3-083E8EB6BC90}.dat -69.6s C:\Users\Kenny\AppData\Local\Temp\Low\REGB167.tmp -68.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\__utm[4].gif -68.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1699-280x280[1].jpg -68.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1698-180x110[1].jpg -68.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\1691-180x110[1].jpg -68.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\Mixmash-Radio-180x110[1].jpg -67.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\sharethis_counter2[1].png -67.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\5092658564345193620[1].gif -67.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\T8OUGN58.txt -67.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\1CDOATKZ.txt -67.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y9DYCT5C.txt -66.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\z_v3.7c_728x90[1].swf -66.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\234a6140b599047b8686e87b1b2a1552_f[1].png -66.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\5-8201_PO_Continental_300x250_FR[1].swf -66.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\72890_n[1].jpg -65.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\KV644YXX.txt -65.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -65.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -58.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\pap[1].swf -31.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\__utm[5].gif -30.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\NVB34DU4.txt -30.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\blogo[1].jpg -30.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\download3[1].jpg -27.8s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{CB42C4BE-31D1-11E3-BEE3-083E8EB6BC90}.dat -27.7s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -27.7s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -25.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1694-180x110[1].jpg -25.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1693-180x110[1].jpg -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CL3AYT1P.txt -25.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\d3af36d8391aea778a3c50358b01a57b_f[1].png -24.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[2].htm -24.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\E8L1Q8T5.txt -24.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0I97ITVN.txt -24.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\4PCAK1Y6.txt -24.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -20.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\css[1].css -19.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\logo[1].png -19.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\2013[1].zip -19.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\impression[1].gif -19.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\EEQ9F00H.txt -19.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\tusfiles%20728x90[1].gif -19.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\set-action-cookie[1].gif -18.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\SQM2PNXW.txt -17.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\emily[1].htm -17.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0YQ0G6LZ.txt -17.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -17.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -17.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\PVB8CWTF.txt -17.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\__utm[1].gif -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\set-16[1].png -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\post-native[1].png -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -17.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\AKBUSA0S.txt -17.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CH96EZX1.txt -17.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\UFYOO4TN.txt -17.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\FECH0EO8.txt -17.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\TOX5Q922.txt -15.7s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -15.7s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -15.7s C:\Users\Kenny\AppData\Local\Temp\Low\REG8417.tmp -15.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VQ68MXJN.txt -15.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\O4MGBEJ1.txt -14.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\style[1].css -14.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\BJKK8OLF.txt -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -14.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -14.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -14.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q58KCYG9.txt -14.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\ms-partner[1].png -14.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img[1].jpg -13.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\DE3DW1W1.txt -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img2[1].jpg -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img3[1].jpg -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ep[1].png -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img4[1].jpg -13.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -13.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\cnet[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\waves[1].jpg -13.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -13.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -13.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5F9Z7X4D.txt -12.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\373AA1E44F5B933F81294FE7DF9AE44E -12.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\373AA1E44F5B933F81294FE7DF9AE44E -11.0s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -10.9s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -10.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\dot_clear[1].gif -8.9s C:\Users\Kenny\AppData\Local\Temp\Low\REG9E58.tmp -8.0s C:\Users\Kenny\AppData\Local\Temp\REGA20D.tmp 0.0s C:\Users\Kenny\AppData\Local\Temp\jar_cache6254978253509695947.tmp 0.9s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 0.9s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 1.4s C:\Windows\Prefetch\JP2LAUNCHER.EXE-8BC39A4D.pf 1.6s C:\Windows\Prefetch\JAVA.EXE-F26CFF01.pf 1.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 1.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 3.0s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 3.0s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 3.0s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 6.7s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\7613A2335EE754712DF5669B660851D0 9.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\922E2AB342E0D0C1180B322081FAAF27 11.8s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47.idx 11.9s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47 16.9s C:\Windows\Prefetch\REGSVR32.EXE-614DD671.pf 18.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{4BCD87B5-ED25-4569-810B-FE7C55E163ED} 26.8s C:\Windows\Prefetch\HBTAWQRVTGMHPNXTUCD.EXE-1597411A.pf 27.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1957883420-1083450386-1349748412-1001\7a723920be415a36e743df6c9728c362_6d3a7bb4-40b6-43a3-8088-81143c6d0db7 30.4s C:\Windows\Prefetch\SVCHOST.EXE-9332ECDC.pf 39.6s C:\Users\Kenny\AppData\Local\Temp\Low\zKEDYGOoOxl 40.4s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\bookmarkbackups\bookmarks-2013-10-10.json 40.7s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\localstore.rdf 43.3s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\Data\Tor\state C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp -> Quarantined Size . . . . . . . : 19 132 bytes Age . . . . . . . : 0.1 days (2013-10-10 19:31:57) Entropy . . . . . : 7.9 SHA-256 . . . . . : 57235D563B9B38C4745420FCAADFEDDD1FFBDB35A1E95D4137B89C53679E6257 > Kaspersky . . . . : HEUR:Exploit.Java.CVE-2012-1723.gen Fuzzy . . . . . . : 102.0 Forensic Cluster -80.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -80.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1696-293x150[1].jpg -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1699-293x150[1].jpg -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1697-293x150[1].jpg -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1698-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1693-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Exclusive-293x150[1].png -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\DHM-Pack-210-293x150[1].png -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1462-293x150[1].jpg -79.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1690-293x150[1].jpg -79.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -79.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -78.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\box[1].htm -78.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -78.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -78.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\scroll[1].png -77.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\relay[2].swf -77.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\unsure[1].gif -77.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\wink[1].gif -77.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\smile[1].gif -77.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\trackingPixel[1].gif -77.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\likebox[1].htm -77.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bmw_4j_468x60b_nl[1].swf -77.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ddc[1].htm -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1076615_584660756_1376328851_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1082988_100002033288453_1211801668_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1118134_100002508052499_1514861849_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1117978_100000706820412_247958862_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\273736_100003301036925_592490609_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1119082_100004100688077_1189558660_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -77.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1117351_100001086747136_213797438_q[1].jpg -77.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1082989_1406569077_401231436_q[1].jpg -77.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1694-293x150[1].jpg -77.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\OUUEEY9P.txt -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\iframe3[1].htm -76.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\z_v3.7c_300x250[1].swf -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[2].htm -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[4].htm -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1117279_100003973435146_1786722666_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\161747_100000115314118_1423120803_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1118494_100006766599995_1693723620_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1115596_100000346344870_533842328_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[3].htm -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\371049_100001335441826_1273431978_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\ss_v3.7c_728x90[1].swf -76.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\bg_ms_300250[1].png -75.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\GN8QV23N.txt -75.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\r[2].gif -75.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -75.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -75.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZQ4TLMB.txt -75.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\thirdpartretargeting[3].gif -75.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YXV9I0KM.txt -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bga_728x90_ss_1[1].swf -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\72890_ss[1].jpg -75.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\6DMBDPP9.txt -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\r[1].gif -75.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\cta_1_ss[1].swf -74.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\JA222J06N-502@1.1[1].jpg -74.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\SE622J01B-513@1.1[1].jpg -73.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\SE622J00I-I00@1.1[1].jpg -70.5s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{B2564122-31D1-11E3-BEE3-083E8EB6BC90}.dat -70.4s C:\Users\Kenny\AppData\Local\Temp\Low\REGB167.tmp -69.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\__utm[4].gif -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1699-280x280[1].jpg -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1698-180x110[1].jpg -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\1691-180x110[1].jpg -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\Mixmash-Radio-180x110[1].jpg -68.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\sharethis_counter2[1].png -68.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\5092658564345193620[1].gif -68.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\T8OUGN58.txt -67.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\1CDOATKZ.txt -67.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y9DYCT5C.txt -67.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\z_v3.7c_728x90[1].swf -67.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\234a6140b599047b8686e87b1b2a1552_f[1].png -67.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\5-8201_PO_Continental_300x250_FR[1].swf -67.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\72890_n[1].jpg -66.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\KV644YXX.txt -66.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -66.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -59.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\pap[1].swf -32.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\__utm[5].gif -31.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\NVB34DU4.txt -31.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\blogo[1].jpg -31.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\download3[1].jpg -28.7s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{CB42C4BE-31D1-11E3-BEE3-083E8EB6BC90}.dat -28.5s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -28.5s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1694-180x110[1].jpg -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1693-180x110[1].jpg -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CL3AYT1P.txt -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\d3af36d8391aea778a3c50358b01a57b_f[1].png -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[2].htm -25.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\E8L1Q8T5.txt -25.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0I97ITVN.txt -25.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\4PCAK1Y6.txt -24.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -21.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\css[1].css -20.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\logo[1].png -20.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\2013[1].zip -20.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\impression[1].gif -19.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\EEQ9F00H.txt -19.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\tusfiles%20728x90[1].gif -19.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\set-action-cookie[1].gif -19.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\SQM2PNXW.txt -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\emily[1].htm -18.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0YQ0G6LZ.txt -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -18.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\PVB8CWTF.txt -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\__utm[1].gif -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\set-16[1].png -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\post-native[1].png -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -18.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\AKBUSA0S.txt -18.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CH96EZX1.txt -18.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\UFYOO4TN.txt -17.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\FECH0EO8.txt -17.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\TOX5Q922.txt -16.6s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -16.6s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -16.6s C:\Users\Kenny\AppData\Local\Temp\Low\REG8417.tmp -16.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VQ68MXJN.txt -16.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\O4MGBEJ1.txt -15.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\style[1].css -15.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\BJKK8OLF.txt -15.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -15.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -15.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -15.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -14.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q58KCYG9.txt -14.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\ms-partner[1].png -14.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img[1].jpg -14.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\DE3DW1W1.txt -14.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img2[1].jpg -14.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img3[1].jpg -14.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ep[1].png -14.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img4[1].jpg -14.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -14.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\cnet[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\waves[1].jpg -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -14.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5F9Z7X4D.txt -13.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\373AA1E44F5B933F81294FE7DF9AE44E -13.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\373AA1E44F5B933F81294FE7DF9AE44E -11.9s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -11.8s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -11.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\dot_clear[1].gif -9.8s C:\Users\Kenny\AppData\Local\Temp\Low\REG9E58.tmp -8.9s C:\Users\Kenny\AppData\Local\Temp\REGA20D.tmp -0.9s C:\Users\Kenny\AppData\Local\Temp\jar_cache6254978253509695947.tmp 0.0s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 0.0s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 0.5s C:\Windows\Prefetch\JP2LAUNCHER.EXE-8BC39A4D.pf 0.7s C:\Windows\Prefetch\JAVA.EXE-F26CFF01.pf 1.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 1.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 2.2s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 2.2s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 2.2s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 5.8s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\7613A2335EE754712DF5669B660851D0 8.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\922E2AB342E0D0C1180B322081FAAF27 11.0s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47.idx 11.0s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47 16.1s C:\Windows\Prefetch\REGSVR32.EXE-614DD671.pf 17.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{4BCD87B5-ED25-4569-810B-FE7C55E163ED} 25.9s C:\Windows\Prefetch\HBTAWQRVTGMHPNXTUCD.EXE-1597411A.pf 26.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1957883420-1083450386-1349748412-1001\7a723920be415a36e743df6c9728c362_6d3a7bb4-40b6-43a3-8088-81143c6d0db7 29.6s C:\Windows\Prefetch\SVCHOST.EXE-9332ECDC.pf 38.8s C:\Users\Kenny\AppData\Local\Temp\Low\zKEDYGOoOxl 39.6s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\bookmarkbackups\bookmarks-2013-10-10.json 39.8s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\localstore.rdf 42.4s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\Data\Tor\state C:\Users\Kenny\AppData\Local\Temp\tmp.exe -> Deleted Size . . . . . . . : 75 264 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:53:09) Entropy . . . . . : 7.7 SHA-256 . . . . . : 23B62F46B7A4846FC16AD44D882D3724265AB100673FE67AA0000015F177AE69 Product . . . . . : WorkerFlower Description . . . : WorkerFlower Version . . . . . : 1.0.0.0 Copyright . . . . : Copyright © 2013 Source URL . . . . : hxxp://dl.dropbox.com/u/113991488/UPnP.exe > G Data . . . . . . : Trojan.Generic.KDZ.11447 > Ikarus . . . . . . : Trojan.SuspectCRC!IK > Kaspersky . . . . : HEUR:Trojan.Win32.Generic Fuzzy . . . . . . : 112.0 C:\Users\Kenny\AppData\Local\Temp\tmp5C91.tmp.exe -> Deleted Size . . . . . . . : 75 264 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:53:09) Entropy . . . . . : 7.7 SHA-256 . . . . . : 23B62F46B7A4846FC16AD44D882D3724265AB100673FE67AA0000015F177AE69 Product . . . . . : WorkerFlower Description . . . : WorkerFlower Version . . . . . : 1.0.0.0 Copyright . . . . : Copyright © 2013 Source URL . . . . : hxxp://dl.dropbox.com/u/113991488/UPnP.exe > G Data . . . . . . : Trojan.Generic.KDZ.11447 > Ikarus . . . . . . : Trojan.SuspectCRC!IK > Kaspersky . . . . : HEUR:Trojan.Win32.Generic Fuzzy . . . . . . : 117.0 C:\Users\Kenny\Downloads\Mixed In Key v2.5 (Full)\Mixed-In-Key v2.5.exe -> Deleted Size . . . . . . . : 1 851 034 bytes Age . . . . . . . : 102.2 days (2013-06-30 17:31:14) Entropy . . . . . : 8.0 SHA-256 . . . . . : D3E063EB2DA91A6A0A274334B608FA035A3FE833D508009C81310C28FB7AEDBE Product . . . . . : Mixed In Key Publisher . . . . : Mixed In Key LLC > G Data . . . . . . : MemScan:Trojan.Generic.2203227 > Ikarus . . . . . . : Trojan.Win32.Comame!IK > Kaspersky . . . . : Trojan.Win32.Chifrax.d Fuzzy . . . . . . : 111.0 C:\Users\Kenny\Downloads\Wondershare QuizCreator 4.2.1.1 Software\Keygen\keygen.exe -> Quarantined Size . . . . . . . : 59 392 bytes Age . . . . . . . : 172.5 days (2013-04-21 10:34:37) Entropy . . . . . : 7.9 SHA-256 . . . . . : 81231F6696A2AAB86B079628197AEEDC00C155DF563D7F41760B6917C5889429 > Ikarus . . . . . . : possible-Threat.Keygen.Core!IK Fuzzy . . . . . . : 118.0 C:\Users\Kenny\Downloads\Xilisoft.Video.Converter.Ultimate.v7.7.2.20130217.Incl.Keygen-BRD\Keygen\Keygen.exe -> Quarantined Size . . . . . . . : 78 848 bytes Age . . . . . . . : 47.2 days (2013-08-24 16:47:26) Entropy . . . . . : 7.8 SHA-256 . . . . . : 78058079D249AD132C0FF56BEDBFB2616B3D0315839916054E52446AC472AB5C > Ikarus . . . . . . : Backdoor.Win32.Hupigon!IK Fuzzy . . . . . . : 114.0 Suspicious files ____________________________________________________________ C:\Users\Kenny\Desktop\Ine\vb5\TOOLS\MSIE\MSIE301.EXE Size . . . . . . . : 5 585 256 bytes Age . . . . . . . : 55.5 days (2013-08-16 10:02:49) Entropy . . . . . : 8.0 SHA-256 . . . . . : 3E19AFC892335BBB4D4784A2D07793C3D9E374D18131D6CB6D853ECB889F311D Product . . . . . : Microsoft Internet Explorer 3.0 Publisher . . . . : Microsoft Corporation Description . . . : Microsoft Internet Explorer 3.0 Version . . . . . : 4.70.0.1215 Copyright . . . . : Copyright © Microsoft Corp. 1995-1996 RSA Key Size . . . : 1024 Authenticode . . . : Invalid Fuzzy . . . . . . : 23.0 Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Potential Unwanted Programs _________________________________________________ C:\Program Files (x86)\Ask.com\ (AskBar) C:\Program Files (x86)\Ask.com\cobrand.ico (AskBar) C:\Program Files (x86)\Ask.com\config.xml (AskBar) C:\Program Files (x86)\Ask.com\favicon.ico (AskBar) C:\Program Files (x86)\Ask.com\mupcfg.xml (AskBar) C:\Users\Kenny\Local Settings\Temp\AskSearch\ (AskBar) C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar) C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1043.MST (AskBar) C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe (AskBar) Size . . . . . . . : 102 400 bytes Age . . . . . . . : 39.2 days (2013-09-01 16:02:02) Entropy . . . . . : 6.1 SHA-256 . . . . . : EA345C1A9C45D94F6D1A71FBBBEEF52F68054DEA36B93B1285B0207261DEF846 Product . . . . . : InstallShield Publisher . . . . : Acresso Software Inc. Description . . . : InstallShield Version . . . . . : 15.0.498 Copyright . . . . : Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved. Fuzzy . . . . . . : 0.0 HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1\ (AskBar) HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\ (AskBar) HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF\ (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\AppDataLow\AskToolbarInfo\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Ask.com\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\AskTB5.6 (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Softonic\ (Softonic) Cookies _____________________________________________________________________ C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\IHVD8U7W.txt C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\PXTEMPEB.txt C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\YE2JCXEC.txt C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default\cookies.sqlite:atdmt.com C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default\cookies.sqlite:serving-sys.com
-
Hier volgt het logje van Malwarebytes... Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.10.10.06 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16688 Kenny :: KENNY [administrator] 10/10/2013 21:03:57 mbam-log-2013-10-10 (21-03-57).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 228619 Verstreken tijd: 13 minuut/minuten, 45 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Adober.exe (Backdoor.Agent.TMPGen) -> Data: "C:\Users\Kenny\AppData\Local\Temp\tmp5C92.tmp.exe" -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 1 HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Slecht: ("regedit.exe" "%1") Goed: (regedit.exe "%1") -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 17 C:\Users\Kenny\AppData\Local\Temp\9JEIww0E.exe.part (PUP.Optional.Topmedia) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\arzHg8pM.exe.part (PUP.BundleInstaller.DW) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\Ax+apxD6.exe.part (PUP.Optional.Topmedia) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\hsXBk_Le.exe.part (PUP.Optional.Installrex) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\k5_tzJUB.exe.part (PUP.Optional.Solimba) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\LyricsPal_1060-8101_v116.exe (PUP.Optional.LyricsAd) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\nsd8F3F.tmp (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\nswBDF0.tmp (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\rwxaeosnmc.exe (Trojan.Dropper.MS) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\SofHGz_D.exe.part (PUP.BundleInstaller.DW) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\z8wCCqIc.exe.part (PUP.Optional.Installex) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\Downloads\AKVIS Coloriage v. 7.5 By Adrian Dennis.rar (Trojan.Bumat) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\Local Settings\Temporary Internet Files\Content.IE5\DQA6GF03\bi_downloader[1].exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\AppLaunch\Service.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\AppLaunch\msnmsgr.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Kenny\AppData\Local\Temp\tmp5C92.tmp.exe (Backdoor.Agent.TMPGen) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
-
Ik heb ondertussen toch een systeemherstel kunnen uitvoeren waarbij het virus verdwenen is. Vervolgens heb ik malwarebytes en hitmanpro geïnstalleerd. Deze zijn momenteel aan het scannen. Dan heb ik ook maar een HJT-logje gemaakt. Kan iemand dit even nakijken? Het logje van Malwarebytes zal ik dadelijk posten. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 21:07:53, on 10/10/2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16688) FIREFOX: 23.0.1 (nl) Boot mode: Normal Running processes: C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\SysWOW64\mdm.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\Kenny\Downloads\HijackThis.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Adober.exe] "C:\Users\Kenny\AppData\Local\Temp\tmp5C92.tmp.exe" O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\Portable\DAEMON Tools Pro Advanced v5.2.0.0348\DTAgent.exe" -autorun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - Global Startup: McAfee Parental Controls.lnk = C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Content Filter (mfeicfcoreocp) - McAfee, Inc. - C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Unknown owner - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 14521 bytes
-
Beste Na het opstarten van mijn laptop krijg ik het venster van het politievirus. Omdat ik over Windows 8 beschik kan ik nu ook niet meer in veilige modus opstarten. Kan iemand mij helpen om dit te verwijderen? bedankt.
-
Heel erg bedankt!
-
ComboFix 13-06-22.01 - mediamarkt 23/06/2013 10:18:11.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.1514 [GMT 2:00] Gestart vanuit: c:\users\mediamarkt\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\mediamarkt\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2013-05-23 to 2013-06-23 )))))))))))))))))))))))))))))) . . 2013-06-23 08:43 . 2013-06-23 08:43 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-06-22 13:34 . 2013-06-22 13:34 -------- d-----w- c:\program files\Microsoft Synchronization Services 2013-06-22 13:33 . 2013-06-22 13:33 -------- d-----w- c:\program files\Microsoft Sync Framework 2013-06-22 13:33 . 2013-06-22 13:33 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2013-06-22 13:31 . 2013-06-22 13:31 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2013-06-22 13:29 . 2013-06-22 13:29 -------- d-----w- c:\program files\Microsoft Analysis Services 2013-06-22 11:06 . 2013-06-22 11:06 338 ----a-w- c:\windows\DeleteOnReboot.bat 2013-06-22 09:03 . 2013-05-28 13:05 163328 ------w- c:\windows\system32\FlashPlayerUpdateService.exe 2013-06-18 18:32 . 2013-06-18 18:32 -------- d-----w- c:\program files\CCleaner 2013-06-12 20:17 . 2013-06-12 20:17 -------- d-----w- c:\programdata\WindowsSearch 2013-06-12 15:27 . 2013-06-23 08:04 -------- d-----r- c:\users\mediamarkt\Dropbox 2013-06-12 15:25 . 2013-06-12 15:25 -------- d-----w- c:\program files\Dropbox 2013-06-12 15:22 . 2013-06-23 08:04 -------- d-----w- c:\users\mediamarkt\AppData\Roaming\Dropbox . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-07 18:25 . 2013-05-07 18:25 723230 ----a-w- c:\windows\unins000.exe 2013-04-21 19:57 . 2013-04-21 19:57 71048 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-04-21 19:57 . 2013-04-21 19:57 691592 ------w- c:\windows\system32\FlashPlayerApp.exe 2013-04-11 01:18 . 2013-04-11 01:18 302368 ------w- c:\windows\system32\drivers\avgtdix.sys 2007-03-12 17:59 . 2007-03-12 17:59 299008 ----a-w- c:\program files\navigram_register.exe 2013-05-21 20:01 . 2011-08-27 14:04 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-07-10 10:42 . 2011-09-25 20:27 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-01-12 39408] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-12-05 270336] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "Facebook Update"="c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-07 138096] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-09-16 6266880] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-19 1348904] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-10 30192] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2007-01-12 24576] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2010-02-05 2056192] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "Skytel"="Skytel.exe" [2008-09-16 1826816] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-05 13556256] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-05 92704] "RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336] "BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-06-28 75048] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296] "CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736] "ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2012-06-27 86016] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] . c:\users\mediamarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808] Facebook Messenger.lnk - c:\users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-10-14 776744] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-11-05 17:32 98304 ------w- c:\windows\System32\VESWinlogon.dll . R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2010-06-21 35712] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-06-18 18:29 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-06-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3560193050-1199720700-1633096986-1000Core.job - c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 15:40] . 2013-06-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3560193050-1199720700-1633096986-1000UA.job - c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 15:40] . 2013-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-06-12 15:24] . 2013-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-06-12 15:24] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=hp&installDate=07/05/2013 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Free YouTube Download - c:\program files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm IE: Free YouTube to MP3 Converter - c:\program files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html Trusted Zone: plantyn.com\interactief TCP: DhcpNameServer = 195.130.130.3 195.130.131.3 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab FF - ProfilePath - c:\users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\ FF - ExtSQL: 2013-05-07 20:25; lrcsTube@hansanddeta.com; c:\program files\LyricsTube\FF FF - ExtSQL: 2013-05-08 15:33; {a1cf6028-cc2f-4808-a0b4-e18f341316bc}; c:\users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\{a1cf6028-cc2f-4808-a0b4-e18f341316bc} FF - ExtSQL: !HIDDEN! 2009-09-02 19:19; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-06-23 10:43 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:0000007b . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(1712) c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll c:\windows\system32\btmmhook.dll . Voltooingstijd: 2013-06-23 10:47:24 ComboFix-quarantined-files.txt 2013-06-23 08:47 ComboFix2.txt 2013-06-22 15:41 . Pre-Run: 186.395.828.224 bytes beschikbaar Post-Run: 185.087.369.216 bytes beschikbaar . - - End Of File - - C6FE6F093CB00F197883532DBFACCFFC 5C616939100B85E558DA92B899A0FC36 Dat is ook weer gebeurd.
-
ComboFix 13-06-22.01 - mediamarkt 22/06/2013 17:25:59.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.1798 [GMT 2:00] Gestart vanuit: c:\users\mediamarkt\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\users\mediamarkt\AppData\Roaming\.# c:\users\mediamarkt\AppData\Roaming\.#\MBX@1024@1C52908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1024@1C52938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1024@1C52968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1080@6F2908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1080@6F2938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1080@6F2968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1160@1E12908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1160@1E12938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1160@1E12968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@118C@3E2908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@118C@3E2938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@118C@3E2968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@11CC@1762908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@11CC@1762938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@11CC@1762968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@11E4@1CA2908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@11E4@1CA2938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@11E4@1CA2968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1210@1E32908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1210@1E32938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1210@1E32968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@122C@AD2908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@122C@AD2938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@122C@AD2968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1234@1DA2908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1234@1DA2938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1234@1DA2968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@123C@392908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@123C@392938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@123C@392968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1298@242908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1298@242938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1298@242968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@12AC@1D22908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@12AC@1D22938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@12AC@1D22968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@12D0@1722908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@12D0@1722938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@12D0@1722968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1374@1D12908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1374@1D12938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1374@1D12968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@172908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@172938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@172968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@1C92908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@1C92938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@1C92968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13E8@1DD2908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13E8@1DD2938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13E8@1DD2968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13F4@1CD2908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13F4@1CD2938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@13F4@1CD2968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@14F8@3C2908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@14F8@3C2938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@14F8@3C2968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1668@3B2908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1668@3B2938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@1668@3B2968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@5E0@1872908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@5E0@1872938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@5E0@1872968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@9CC@1762908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@9CC@1762938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@9CC@1762968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@B28@A92908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@B28@A92938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@B28@A92968.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@DF8@1AB2908.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@DF8@1AB2938.### c:\users\mediamarkt\AppData\Roaming\.#\MBX@DF8@1AB2968.### c:\users\mediamarkt\AppData\Roaming\Adobe\plugs c:\users\mediamarkt\AppData\Roaming\Adobe\plugs\mmc104.exe c:\users\mediamarkt\AppData\Roaming\Adobe\plugs\mmc2796442.txt c:\users\mediamarkt\AppData\Roaming\Adobe\plugs\mmc37.exe c:\users\mediamarkt\AppData\Roaming\Adobe\shed c:\users\mediamarkt\AppData\Roaming\Adobe\shed\thr1.chm c:\windows\iun6002.exe c:\windows\security\Database\tmp.edb c:\windows\system32\DEBUG.log c:\windows\wininit.ini . . (((((((((((((((((((( Bestanden Gemaakt van 2013-05-22 to 2013-06-22 )))))))))))))))))))))))))))))) . . 2013-06-22 15:38 . 2013-06-22 15:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-06-22 13:34 . 2013-06-22 13:34 -------- d-----w- c:\program files\Microsoft Synchronization Services 2013-06-22 13:33 . 2013-06-22 13:33 -------- d-----w- c:\program files\Microsoft Sync Framework 2013-06-22 13:33 . 2013-06-22 13:33 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2013-06-22 13:31 . 2013-06-22 13:31 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2013-06-22 13:29 . 2013-06-22 13:29 -------- d-----w- c:\program files\Microsoft Analysis Services 2013-06-22 11:06 . 2013-06-22 11:06 338 ----a-w- c:\windows\DeleteOnReboot.bat 2013-06-22 09:03 . 2013-05-28 13:05 163328 ------w- c:\windows\system32\FlashPlayerUpdateService.exe 2013-06-18 18:32 . 2013-06-18 18:32 -------- d-----w- c:\program files\CCleaner 2013-06-12 20:17 . 2013-06-12 20:17 -------- d-----w- c:\programdata\WindowsSearch 2013-06-12 15:27 . 2013-06-22 14:28 -------- d-----r- c:\users\mediamarkt\Dropbox 2013-06-12 15:25 . 2013-06-12 15:25 -------- d-----w- c:\program files\Dropbox 2013-06-12 15:22 . 2013-06-22 14:28 -------- d-----w- c:\users\mediamarkt\AppData\Roaming\Dropbox . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-07 18:25 . 2013-05-07 18:25 723230 ----a-w- c:\windows\unins000.exe 2013-04-21 19:57 . 2013-04-21 19:57 71048 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-04-21 19:57 . 2013-04-21 19:57 691592 ------w- c:\windows\system32\FlashPlayerApp.exe 2013-04-11 01:18 . 2013-04-11 01:18 302368 ------w- c:\windows\system32\drivers\avgtdix.sys 2007-03-12 17:59 . 2007-03-12 17:59 299008 ----a-w- c:\program files\navigram_register.exe 2013-05-21 20:01 . 2011-08-27 14:04 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-07-10 10:42 . 2011-09-25 20:27 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-01-12 39408] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-12-05 270336] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-09-26 17353352] "Facebook Update"="c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-07 138096] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-09-16 6266880] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-19 1348904] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-10 30192] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2007-01-12 24576] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2010-02-05 2056192] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "Skytel"="Skytel.exe" [2008-09-16 1826816] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-05 13556256] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-05 92704] "RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336] "BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-06-28 75048] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296] "CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736] "ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2012-06-27 86016] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] . c:\users\mediamarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808] Facebook Messenger.lnk - c:\users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-10-14 776744] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-11-05 17:32 98304 ------w- c:\windows\System32\VESWinlogon.dll . R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2010-06-21 35712] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-06-18 18:29 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-06-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3560193050-1199720700-1633096986-1000Core.job - c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 15:40] . 2013-06-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3560193050-1199720700-1633096986-1000UA.job - c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 15:40] . 2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-06-12 15:24] . 2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-06-12 15:24] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=hp&installDate=07/05/2013 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Free YouTube Download - c:\program files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm IE: Free YouTube to MP3 Converter - c:\program files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html Trusted Zone: plantyn.com\interactief TCP: DhcpNameServer = 195.130.130.3 195.130.131.3 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab FF - ProfilePath - c:\users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\ FF - ExtSQL: 2013-05-07 20:25; lrcsTube@hansanddeta.com; c:\program files\LyricsTube\FF FF - ExtSQL: 2013-05-08 15:33; {a1cf6028-cc2f-4808-a0b4-e18f341316bc}; c:\users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\{a1cf6028-cc2f-4808-a0b4-e18f341316bc} FF - ExtSQL: !HIDDEN! 2009-09-02 19:19; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-06-22 17:38 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:0000007b . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2013-06-22 17:41:22 ComboFix-quarantined-files.txt 2013-06-22 15:41 . Pre-Run: 185.489.076.224 bytes beschikbaar Post-Run: 186.649.395.200 bytes beschikbaar . - - End Of File - - BC92DC1CCE15E79BD234511F5BB50A9B 5C616939100B85E558DA92B899A0FC36 Webbrowser opent nu wel vlot!
-
Dat is ook weer opgekuist... De reactietijd bij het openen van een webbrowser is nogal traag naar mijn mening, voor de rest lijkt alles vlotjes te draaien. Bedankt al!
-
# AdwCleaner v2.303 - Verslag gemaakt op 22/06/2013 om 13:05:28 # Geactualiseerd op 08/06/2013 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruiker : mediamarkt - PC_VAN_MEDIAMAR # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\mediamarkt\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijderd : C:\user.js File Verwijderd : C:\Users\MEDIAM~1\AppData\Local\Temp\Uninstall.exe File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\BabMaint.exe File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\bProtector_extensions.rdf File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\plugin@yontoo.com.xpi File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\searchplugins\Babylon.xml File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\searchplugins\BrowserProtect.xml File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\searchplugins\Web Search.xml File Verwijderd : C:\Users\mediamarkt\Documents\eBay.lnk File Verwijderd : C:\Windows\system32\conduitEngine.tmp Map Verwijderd : C:\Program Files\Common Files\AVG Secure Search Map Verwijderd : C:\Program Files\Conduit Map Verwijderd : C:\Program Files\ConduitEngine Map Verwijderd : C:\Program Files\DealPly Map Verwijderd : C:\Program Files\Freecorder Map Verwijderd : C:\Program Files\Freecorder extension Map Verwijderd : C:\Program Files\Funmoods Map Verwijderd : C:\Program Files\Ilivid Map Verwijderd : C:\Program Files\Searchqu Toolbar Map Verwijderd : C:\Program Files\Yontoo Map Verwijderd : C:\ProgramData\AVG Security Toolbar Map Verwijderd : C:\ProgramData\Babylon Map Verwijderd : C:\ProgramData\boost_interprocess Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly Map Verwijderd : C:\ProgramData\Tarma Installer Map Verwijderd : C:\Users\MEDIAM~1\AppData\Local\Temp\Smartbar Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Conduit Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Smartbar Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\BabylonToolbar Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\Conduit Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\ConduitEngine Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\Delta Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\Freecorder Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\Funmoods Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\PriceGong Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\searchquband Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\Searchqutoolbar Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\BabSolution Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Babylon Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\DealPly Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\dvdvideosoftiehelpers Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\file scout Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Funmoods Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freecorder Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\ffxtlbr@babylon.com Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\ffxtlbr@funmoods.com Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\plugin@yontoo.com Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\staged Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\Searchqutoolbar Map Verwijderd : C:\Windows\Freecorder Verwijderd bij het opstarten : C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} Verwijderd bij het opstarten : C:\ProgramData\BrowserProtect Verwijderd bij het opstarten : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433} ***** [Register] ***** Sleutel Verwijderd : HKCU\Software\a53de8ae03ae541 Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\conduitEngine Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Freecorder Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\searchqutoolbar Sleutel Verwijderd : HKCU\Software\AppDataLow\Toolbar Sleutel Verwijderd : HKCU\Software\Ask&Record Sleutel Verwijderd : HKCU\Software\BabylonChromeExtension Sleutel Verwijderd : HKCU\Software\BrowserMngr Sleutel Verwijderd : HKCU\Software\Conduit Sleutel Verwijderd : HKCU\Software\DataMngr Sleutel Verwijderd : HKCU\Software\DataMngr_Toolbar Sleutel Verwijderd : HKCU\Software\DealPly Sleutel Verwijderd : HKCU\Software\delta LTD Sleutel Verwijderd : HKCU\Software\Freecorder Sleutel Verwijderd : HKCU\Software\Funmoods Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijderd : HKCU\Software\InstallCore Sleutel Verwijderd : HKCU\Software\Microsoft\Babylon Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freecorder extension Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freecorder Toolbar Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu Toolbar Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1392B8D2-5C05-419F-A8F6-B9F15A596612} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{73908CE2-9FA3-4744-BD90-A4EBE8187D59} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods Sleutel Verwijderd : HKCU\Software\SmartBar Sleutel Verwijderd : HKCU\Software\SmartbarBackup Sleutel Verwijderd : HKCU\Software\SmartbarLog Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar Sleutel Verwijderd : HKLM\SOFTWARE\a53de8ae03ae541 Sleutel Verwijderd : HKLM\Software\Babylon Sleutel Verwijderd : HKLM\Software\BrowserMngr Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BrowserConnection.Loader Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42ae-A51E-B5750F160BFB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{73908CE2-9FA3-4744-BD90-A4EBE8187D59} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47bb-86A6-23F4F4F67342} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Conduit.Engine Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DnsBHO.BHO Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\f Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoods.dskBnd Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoodsApp.appCore Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.BHO Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193 Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHost.Tool Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT1060933 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Sleutel Verwijderd : HKLM\Software\Conduit Sleutel Verwijderd : HKLM\Software\conduitEngine Sleutel Verwijderd : HKLM\Software\DataMngr Sleutel Verwijderd : HKLM\Software\DealPly Sleutel Verwijderd : HKLM\Software\Freecorder Sleutel Verwijderd : HKLM\Software\Funmoods Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{168BC93F-06BA-4D83-B975-59214CA2CF03} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC389546-5B8A-40A4-BE2A-DBEA6EC8C369} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBB8B7EF-42A9-4816-BB8E-DB48F4D6D7D0} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{73908CE2-9FA3-4744-BD90-A4EBE8187D59} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282 Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder Toolbar Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar Sleutel Verwijderd : HKLM\Software\SearchquMediabarTb Sleutel Verwijderd : HKLM\Software\Tarma Installer Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Main [browserMngr Start Page] Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [browserMngrDefaultScope] Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}] Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1392B8D2-5C05-419F-A8F6-B9F15A596612}] Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}] ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.19088 Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www2.delta-search.com/?affID=119520&tt=gc_&babsrc=NT_ss&mntrId=AE0C0022FB03225C --> hxxp://www.google.com -\\ Mozilla Firefox v6.0 (nl) File : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\prefs.js C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\user.js ... Verwijderd ! Verwijderd : user_pref("extensions.BabylonToolbar.admin", false); Verwijderd : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Verwijderd : user_pref("extensions.BabylonToolbar.autoRvrt", "false"); Verwijderd : user_pref("extensions.BabylonToolbar.babExt", ""); Verwijderd : user_pref("extensions.BabylonToolbar.babTrack", "affID=110819&tt=120812_bandext_3312_5"); Verwijderd : user_pref("extensions.BabylonToolbar.babext", "babExt"); Verwijderd : user_pref("extensions.BabylonToolbar.babtrack", "babTrack"); Verwijderd : user_pref("extensions.BabylonToolbar.bbdpng", 0); Verwijderd : user_pref("extensions.BabylonToolbar.cntry", "BE"); Verwijderd : user_pref("extensions.BabylonToolbar.dfltlng", "en"); Verwijderd : user_pref("extensions.BabylonToolbar.dfltsrch", "false"); Verwijderd : user_pref("extensions.BabylonToolbar.envrmnt", "production"); Verwijderd : user_pref("extensions.BabylonToolbar.excTlbr", false); Verwijderd : user_pref("extensions.BabylonToolbar.hdrMd5", "A2D4B3011FA4648303ED7D7D902CA956"); Verwijderd : user_pref("extensions.BabylonToolbar.hmpg", true); Verwijderd : user_pref("extensions.BabylonToolbar.hrdid", "ae0cd6900000000000000022fb03225c"); Verwijderd : user_pref("extensions.BabylonToolbar.id", "ae0cd6900000000000000022fb03225c"); Verwijderd : user_pref("extensions.BabylonToolbar.instlday", "15566"); Verwijderd : user_pref("extensions.BabylonToolbar.instlref", "sst"); Verwijderd : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false"); Verwijderd : user_pref("extensions.BabylonToolbar.keywordurl", ""); Verwijderd : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.4.613:55:06"); Verwijderd : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.0"); Verwijderd : user_pref("extensions.BabylonToolbar.newTab", false); Verwijderd : user_pref("extensions.BabylonToolbar.newtab", "false"); Verwijderd : user_pref("extensions.BabylonToolbar.newtaburl", ""); Verwijderd : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Verwijderd : user_pref("extensions.BabylonToolbar.prtnrid", "babylon"); Verwijderd : user_pref("extensions.BabylonToolbar.sg", "tzb"); Verwijderd : user_pref("extensions.BabylonToolbar.smplGrp", "tzb"); Verwijderd : user_pref("extensions.BabylonToolbar.smplgrp", "tzb"); Verwijderd : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Verwijderd : user_pref("extensions.BabylonToolbar.srcext", "ss"); Verwijderd : user_pref("extensions.BabylonToolbar.srch", ""); Verwijderd : user_pref("extensions.BabylonToolbar.srchprvdr", ""); Verwijderd : user_pref("extensions.BabylonToolbar.tlbrid", "tb9"); Verwijderd : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://www.google.com/search?babsrc=TB_ggl&q="); Verwijderd : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6"); Verwijderd : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.4.613:55:06"); Verwijderd : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6"); Verwijderd : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.4.613:55:06"); Verwijderd : user_pref("extensions.BabylonToolbar_i.babExt", ""); Verwijderd : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=120812_bandext_3312_5"); Verwijderd : user_pref("extensions.BabylonToolbar_i.newTab", false); Verwijderd : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Verwijderd : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Verwijderd : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.613:55:06"); Verwijderd : user_pref("extensions.delta.admin", false); Verwijderd : user_pref("extensions.delta.aflt", "babsst"); Verwijderd : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Verwijderd : user_pref("extensions.delta.autoRvrt", "false"); Verwijderd : user_pref("extensions.delta.babTrack", "affID=110819&tt=120812_bandext_3312_5"); Verwijderd : user_pref("extensions.delta.bbDpng", "22"); Verwijderd : user_pref("extensions.delta.cntry", "BE"); Verwijderd : user_pref("extensions.delta.dfltLng", "en"); Verwijderd : user_pref("extensions.delta.dfltSrch", false); Verwijderd : user_pref("extensions.delta.excTlbr", false); Verwijderd : user_pref("extensions.delta.ffxUnstlRst", true); Verwijderd : user_pref("extensions.delta.hdrMd5", "86CECF391770A2166772CA7ED5BA47A8"); Verwijderd : user_pref("extensions.delta.hmpg", false); Verwijderd : user_pref("extensions.delta.id", "ae0cd6900000000000000022fb03225c"); Verwijderd : user_pref("extensions.delta.instlDay", "15832"); Verwijderd : user_pref("extensions.delta.instlRef", "sst"); Verwijderd : user_pref("extensions.delta.lastVrsnTs", ""); Verwijderd : user_pref("extensions.delta.newTab", false); Verwijderd : user_pref("extensions.delta.noFFXTlbr", false); Verwijderd : user_pref("extensions.delta.prdct", "delta"); Verwijderd : user_pref("extensions.delta.prtnrId", "delta"); Verwijderd : user_pref("extensions.delta.rvrt", "false"); Verwijderd : user_pref("extensions.delta.sg", "czb"); Verwijderd : user_pref("extensions.delta.smplGrp", "none"); Verwijderd : user_pref("extensions.delta.tlbrId", "base"); Verwijderd : user_pref("extensions.delta.tlbrSrchUrl", ""); Verwijderd : user_pref("extensions.delta.vrsn", "1.8.16.16"); Verwijderd : user_pref("extensions.delta.vrsnTs", "1.8.16.1620:26:42"); Verwijderd : user_pref("extensions.delta.vrsni", "1.8.16.16"); Verwijderd : user_pref("extensions.enabledAddons", "addon@freecorder.com:7.0.0.13,ffxtlbr@funmoods.com:1.5.0,plug[...] Verwijderd : user_pref("extensions.funmoods.aflt", "orgnl"); Verwijderd : user_pref("extensions.funmoods.brwsrsrc", "ietlbr"); Verwijderd : user_pref("extensions.funmoods.cntry", "BE"); Verwijderd : user_pref("extensions.funmoods.cv", "cv5"); Verwijderd : user_pref("extensions.funmoods.dfltlng", "en"); Verwijderd : user_pref("extensions.funmoods.dfltsrch", "false"); Verwijderd : user_pref("extensions.funmoods.hdrMd5", ""); Verwijderd : user_pref("extensions.funmoods.hmpg", true); Verwijderd : user_pref("extensions.funmoods.hrdid", "0"); Verwijderd : user_pref("extensions.funmoods.id", ""); Verwijderd : user_pref("extensions.funmoods.instlday", ""); Verwijderd : user_pref("extensions.funmoods.instlref", ""); Verwijderd : user_pref("extensions.funmoods.isDcmntCmplt", false); Verwijderd : user_pref("extensions.funmoods.keywordurl", ""); Verwijderd : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.117:04:41"); Verwijderd : user_pref("extensions.funmoods.newTab", true); Verwijderd : user_pref("extensions.funmoods.newtab", true); Verwijderd : user_pref("extensions.funmoods.newtaburl", ""); Verwijderd : user_pref("extensions.funmoods.prdct", ""); Verwijderd : user_pref("extensions.funmoods.prtnrid", ""); Verwijderd : user_pref("extensions.funmoods.sg", "none"); Verwijderd : user_pref("extensions.funmoods.smplGrp", "none"); Verwijderd : user_pref("extensions.funmoods.smplgrp", "none"); Verwijderd : user_pref("extensions.funmoods.srch", ""); Verwijderd : user_pref("extensions.funmoods.srchprvdr", ""); Verwijderd : user_pref("extensions.funmoods.tlbrid", "base"); Verwijderd : user_pref("extensions.funmoods.tlbrsrchurl", ""); Verwijderd : user_pref("extensions.funmoods.vrsn", ""); Verwijderd : user_pref("extensions.funmoods.vrsnTs", "1.5.11.117:04:41"); Verwijderd : user_pref("extensions.funmoods.vrsnts", "1.5.11.117:04:41"); Verwijderd : user_pref("extensions.funmoods_i.aflt", "ironto"); Verwijderd : user_pref("extensions.funmoods_i.dfltLng", ""); Verwijderd : user_pref("extensions.funmoods_i.dfltSrch", true); Verwijderd : user_pref("extensions.funmoods_i.dnsErr", true); Verwijderd : user_pref("extensions.funmoods_i.excTlbr", false); Verwijderd : user_pref("extensions.funmoods_i.hmpg", true); Verwijderd : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=ironto"); Verwijderd : user_pref("extensions.funmoods_i.id", "ae0cd6900000000000000022fb03225c"); Verwijderd : user_pref("extensions.funmoods_i.instlDay", "15354"); Verwijderd : user_pref("extensions.funmoods_i.instlRef", ""); Verwijderd : user_pref("extensions.funmoods_i.newTab", true); Verwijderd : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=ironto"); Verwijderd : user_pref("extensions.funmoods_i.prdct", "funmoods"); Verwijderd : user_pref("extensions.funmoods_i.prtnrId", "funmoods"); Verwijderd : user_pref("extensions.funmoods_i.smplGrp", "none"); Verwijderd : user_pref("extensions.funmoods_i.srchPrvdr", "Search"); Verwijderd : user_pref("extensions.funmoods_i.tlbrId", "base"); Verwijderd : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=ironto&q[...] Verwijderd : user_pref("extensions.funmoods_i.vrsn", "1.5.11.1"); Verwijderd : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.117:04:41"); Verwijderd : user_pref("extensions.funmoods_i.vrsni", "1.5.11.1"); Verwijderd : user_pref("extensions.helperbar.SmartbarDisabled", false); Verwijderd : user_pref("extensions.helperbar.SmartbarStateMinimaized", false); Verwijderd : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers"); Verwijderd : user_pref("extentions.y2layers.installId", "cf67d401-b963-43f9-91c7-4418b0ae44aa"); -\\ Google Chrome v27.0.1453.116 File : C:\Users\mediamarkt\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [41001 octets] - [22/06/2013 13:05:28] ########## EOF - C:\AdwCleaner[s1].txt - [41062 octets] ########## Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 13:14:34, on 22/06/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19088) FIREFOX: 6.0 (nl) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\sony\ISB Utility\ISBMgr.exe C:\Program Files\sony\Marketing Tools\MarketingTools.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\System32\rundll32.exe C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files\CyberLink\Shared files\brs.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\ClamWin\bin\ClamTray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\sony\Network Utility\LANUtil.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\NOTEPAD.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Users\mediamarkt\Downloads\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Facebook Update] "C:\Users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = C:\Users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Facebook Messenger.lnk = C:\Users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v1120/Navigram.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 15921 bytes Dit zijn de logjes... er is vooruitgang merkbaar
-
Ik zou graag een laptop opschonen. Ik denk dat er heel wat malware verscholen zit. Wie kan mij hier mee helpen? Hier is alvast een HJT-logje. Bedankt! Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 11:31:43, on 22/06/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19088) FIREFOX: 6.0 (nl) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\sony\ISB Utility\ISBMgr.exe C:\Program Files\sony\Marketing Tools\MarketingTools.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Freecorder\FLVSrvc.exe C:\Windows\System32\rundll32.exe C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files\CyberLink\Shared files\brs.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe C:\Program Files\ClamWin\bin\ClamTray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\sony\Network Utility\LANUtil.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Skype\Phone\Skype.exe C:\Users\mediamarkt\AppData\Local\Smartbar\Application\QuickShare.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\mediamarkt\Downloads\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=ds&q={searchTerms}&installDate=07/05/2013 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=ds&q={searchTerms}&installDate=07/05/2013 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=ds&q={searchTerms}&installDate=07/05/2013 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=ds&q={searchTerms}&installDate=07/05/2013 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ae0cd6900000000000000022fb03225c&tlver=1.4.19.19&affID=18606 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\funmoods\1.5.11.1\bh\funmoods.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll O2 - BHO: Freecorder extension - {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files\Freecorder extension\ScriptHost.dll O2 - BHO: LyricsTube - {B399EDE8-1525-458C-8DD9-31EADF632D06} - C:\Program Files\LyricsTube\lrcstube.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\funmoods\1.5.11.1\funmoodsTlbr.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Facebook Update] "C:\Users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Users\mediamarkt\AppData\Local\Smartbar\Application\QuickShare.exe startup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = C:\Users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Facebook Messenger.lnk = C:\Users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v1120/Navigram.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 20078 bytes
-
Verkenner blokkeert bij het kopiëren
Scweez reageerde op Scweez's topic in Archief Bestrijding malware & virussen
Is gebeurd. Tot nu toe geen problemen meer gehad. -
Verkenner blokkeert bij het kopiëren
Scweez reageerde op Scweez's topic in Archief Bestrijding malware & virussen
Ik heb ondertussen al 15 GB kunnen kopiëren naar een externe harde schijf zonder enig probleem. Windows verkenner reageert ook al wat vlugger. Ik denk dat de grootste problemen opgelost zijn. Heel erg bedankt! -
Verkenner blokkeert bij het kopiëren
Scweez reageerde op Scweez's topic in Archief Bestrijding malware & virussen
TDSSKiller heeft 2 maal een scan gedaan. De eerste keer waren er 3 threats. Dus ik post beide logjes. 17:00:49.0949 1524 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 17:00:50.0142 1524 ============================================================ 17:00:50.0143 1524 Current date / time: 2013/01/15 17:00:50.0142 17:00:50.0143 1524 SystemInfo: 17:00:50.0143 1524 17:00:50.0143 1524 OS Version: 6.0.6001 ServicePack: 1.0 17:00:50.0143 1524 Product type: Workstation 17:00:50.0143 1524 ComputerName: PC_VAN_SONY 17:00:50.0144 1524 UserName: Sony 17:00:50.0144 1524 Windows directory: C:\Windows 17:00:50.0144 1524 System windows directory: C:\Windows 17:00:50.0144 1524 Processor architecture: Intel x86 17:00:50.0144 1524 Number of processors: 2 17:00:50.0144 1524 Page size: 0x1000 17:00:50.0144 1524 Boot type: Normal boot 17:00:50.0144 1524 ============================================================ 17:00:51.0163 1524 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 17:00:51.0170 1524 ============================================================ 17:00:51.0170 1524 \Device\Harddisk0\DR0: 17:00:51.0187 1524 MBR partitions: 17:00:51.0187 1524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B54800, BlocksNum 0x1CD6682F 17:00:51.0187 1524 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E8BB800, BlocksNum 0x1BACA000 17:00:51.0187 1524 ============================================================ 17:00:51.0251 1524 C: <-> \Device\Harddisk0\DR0\Partition1 17:00:51.0328 1524 D: <-> \Device\Harddisk0\DR0\Partition2 17:00:51.0329 1524 ============================================================ 17:00:51.0329 1524 Initialize success 17:00:51.0329 1524 ============================================================ 17:01:10.0291 5484 ============================================================ 17:01:10.0292 5484 Scan started 17:01:10.0292 5484 Mode: Manual; 17:01:10.0292 5484 ============================================================ 17:01:12.0374 5484 ================ Scan system memory ======================== 17:01:12.0375 5484 System memory - ok 17:01:12.0375 5484 ================ Scan services ============================= 17:01:12.0735 5484 [ 35F57598F0589FEB3C3ABC1621BF329F ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 17:01:12.0744 5484 ACDaemon - ok 17:01:13.0320 5484 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys 17:01:13.0354 5484 ACPI - ok 17:01:13.0446 5484 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 17:01:13.0476 5484 AdobeActiveFileMonitor6.0 - ok 17:01:13.0567 5484 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 17:01:13.0571 5484 AdobeARMservice - ok 17:01:13.0710 5484 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 17:01:13.0754 5484 AdobeFlashPlayerUpdateSvc - ok 17:01:13.0841 5484 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 17:01:13.0855 5484 adp94xx - ok 17:01:13.0910 5484 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 17:01:13.0921 5484 adpahci - ok 17:01:13.0954 5484 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 17:01:13.0976 5484 adpu160m - ok 17:01:14.0009 5484 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 17:01:14.0016 5484 adpu320 - ok 17:01:14.0058 5484 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 17:01:14.0060 5484 AeLookupSvc - ok 17:01:14.0122 5484 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys 17:01:14.0172 5484 AFD - ok 17:01:14.0231 5484 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 17:01:14.0254 5484 agp440 - ok 17:01:14.0309 5484 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 17:01:14.0315 5484 aic78xx - ok 17:01:14.0333 5484 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 17:01:14.0339 5484 ALG - ok 17:01:14.0365 5484 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 17:01:14.0369 5484 aliide - ok 17:01:14.0392 5484 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 17:01:14.0397 5484 amdagp - ok 17:01:14.0415 5484 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 17:01:14.0420 5484 amdide - ok 17:01:14.0456 5484 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 17:01:14.0461 5484 AmdK7 - ok 17:01:14.0475 5484 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 17:01:14.0497 5484 AmdK8 - ok 17:01:14.0552 5484 [ 9325E49D555D8F12CE1735227DBB3D80 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 17:01:14.0559 5484 ApfiltrService - ok 17:01:14.0616 5484 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 17:01:14.0621 5484 Appinfo - ok 17:01:14.0769 5484 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:01:14.0785 5484 Apple Mobile Device - ok 17:01:14.0814 5484 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 17:01:14.0819 5484 arc - ok 17:01:14.0867 5484 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 17:01:14.0872 5484 arcsas - ok 17:01:14.0909 5484 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 17:01:14.0913 5484 ArcSoftKsUFilter - ok 17:01:15.0020 5484 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 17:01:15.0024 5484 aspnet_state - ok 17:01:15.0073 5484 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 17:01:15.0078 5484 AsyncMac - ok 17:01:15.0122 5484 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys 17:01:15.0127 5484 atapi - ok 17:01:15.0216 5484 [ 6455100A6CDB1DEDC551E12FD41BC519 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe 17:01:15.0240 5484 Ati External Event Utility - ok 17:01:15.0423 5484 [ 9F66D1BA97911731133E46212539A08D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 17:01:15.0557 5484 atikmdag - ok 17:01:15.0640 5484 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 17:01:15.0667 5484 AudioEndpointBuilder - ok 17:01:15.0681 5484 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll 17:01:15.0687 5484 Audiosrv - ok 17:01:15.0808 5484 [ C4D15594DB5BE042D3346EA58DF87D89 ] avg9wd C:\Program Files\AVG\AVG9\avgwdsvc.exe 17:01:15.0814 5484 avg9wd - ok 17:01:15.0858 5484 [ A9F4D19DE72C738759330D10D35C4398 ] AvgLdx86 C:\Windows\System32\Drivers\avgldx86.sys 17:01:15.0867 5484 AvgLdx86 - ok 17:01:15.0908 5484 [ 80FF2B1B7EEDA966394F0BAA895BBF4B ] AvgMfx86 C:\Windows\System32\Drivers\avgmfx86.sys 17:01:15.0912 5484 AvgMfx86 - ok 17:01:15.0993 5484 [ 9A7A93388F503A34E7339AE7F9997449 ] AvgTdiX C:\Windows\System32\Drivers\avgtdix.sys 17:01:16.0016 5484 AvgTdiX - ok 17:01:16.0063 5484 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 17:01:16.0067 5484 Beep - ok 17:01:16.0134 5484 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll 17:01:16.0164 5484 BFE - ok 17:01:16.0227 5484 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll 17:01:16.0286 5484 BITS - ok 17:01:16.0326 5484 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 17:01:16.0332 5484 blbdrive - ok 17:01:16.0496 5484 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 17:01:16.0509 5484 Bonjour Service - ok 17:01:16.0563 5484 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 17:01:16.0570 5484 bowser - ok 17:01:16.0628 5484 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 17:01:16.0633 5484 BrFiltLo - ok 17:01:16.0657 5484 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 17:01:16.0661 5484 BrFiltUp - ok 17:01:16.0711 5484 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 17:01:16.0717 5484 Browser - ok 17:01:16.0745 5484 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 17:01:16.0752 5484 Brserid - ok 17:01:16.0779 5484 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 17:01:16.0784 5484 BrSerWdm - ok 17:01:16.0803 5484 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 17:01:16.0808 5484 BrUsbMdm - ok 17:01:16.0831 5484 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 17:01:16.0836 5484 BrUsbSer - ok 17:01:16.0912 5484 [ AE19CFBBBA41800F3D5343E21D2CA09F ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 17:01:16.0928 5484 BthEnum - ok 17:01:16.0971 5484 [ 5FFA6988FF9597986FF2ADA736CC90C0 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 17:01:16.0976 5484 BTHMODEM - ok 17:01:16.0998 5484 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 17:01:17.0004 5484 BthPan - ok 17:01:17.0154 5484 [ 75F19DF0BC62992D05FDD8A32D968531 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 17:01:17.0183 5484 BTHPORT - ok 17:01:17.0226 5484 [ FC930B47A83F5F61DFADC64A0719DE43 ] BthServ C:\Windows\System32\bthserv.dll 17:01:17.0232 5484 BthServ - ok 17:01:17.0265 5484 [ 4CE2A25C5936BC515357D60FEE73F221 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 17:01:17.0270 5484 BTHUSB - ok 17:01:17.0328 5484 [ 14164C0CFD9D5A2704FDAB93A9688630 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 17:01:17.0343 5484 btwaudio - ok 17:01:17.0386 5484 [ 94DC6E5F3F532C5054F078D845714129 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 17:01:17.0423 5484 btwavdt - ok 17:01:17.0526 5484 [ C832A3622A35CA7C595EA8CA385BA813 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 17:01:17.0555 5484 btwdins - ok 17:01:17.0578 5484 [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 17:01:17.0607 5484 btwl2cap - ok 17:01:17.0643 5484 [ 61E29BA977B972C9BAA847CC11D48C3D ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 17:01:17.0647 5484 btwrchid - ok 17:01:17.0691 5484 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 17:01:17.0696 5484 cdfs - ok 17:01:17.0744 5484 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 17:01:17.0764 5484 cdrom - ok 17:01:17.0805 5484 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll 17:01:17.0822 5484 CertPropSvc - ok 17:01:17.0863 5484 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 17:01:17.0868 5484 circlass - ok 17:01:17.0899 5484 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys 17:01:17.0925 5484 CLFS - ok 17:01:17.0959 5484 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:01:17.0965 5484 clr_optimization_v2.0.50727_32 - ok 17:01:18.0108 5484 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:01:18.0152 5484 clr_optimization_v4.0.30319_32 - ok 17:01:18.0243 5484 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 17:01:18.0248 5484 CmBatt - ok 17:01:18.0265 5484 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 17:01:18.0270 5484 cmdide - ok 17:01:18.0296 5484 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 17:01:18.0325 5484 Compbatt - ok 17:01:18.0335 5484 COMSysApp - ok 17:01:18.0348 5484 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 17:01:18.0354 5484 crcdisk - ok 17:01:18.0380 5484 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 17:01:18.0384 5484 Crusoe - ok 17:01:18.0434 5484 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll 17:01:18.0439 5484 CryptSvc - ok 17:01:18.0514 5484 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll 17:01:18.0546 5484 DcomLaunch - ok 17:01:18.0598 5484 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys 17:01:18.0624 5484 DfsC - ok 17:01:18.0792 5484 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe 17:01:18.0908 5484 DFSR - ok 17:01:18.0989 5484 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 17:01:18.0995 5484 dg_ssudbus - ok 17:01:19.0056 5484 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll 17:01:19.0069 5484 Dhcp - ok 17:01:19.0123 5484 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys 17:01:19.0156 5484 disk - ok 17:01:19.0201 5484 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys 17:01:19.0205 5484 DMICall - ok 17:01:19.0251 5484 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll 17:01:19.0258 5484 Dnscache - ok 17:01:19.0287 5484 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll 17:01:19.0296 5484 dot3svc - ok 17:01:19.0330 5484 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 17:01:19.0351 5484 DPS - ok 17:01:19.0431 5484 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 17:01:19.0435 5484 drmkaud - ok 17:01:19.0479 5484 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 17:01:19.0565 5484 DXGKrnl - ok 17:01:19.0583 5484 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 17:01:19.0591 5484 E1G60 - ok 17:01:19.0621 5484 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 17:01:19.0628 5484 EapHost - ok 17:01:19.0688 5484 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys 17:01:19.0695 5484 Ecache - ok 17:01:19.0801 5484 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 17:01:19.0813 5484 ehRecvr - ok 17:01:19.0840 5484 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 17:01:19.0847 5484 ehSched - ok 17:01:19.0861 5484 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 17:01:19.0866 5484 ehstart - ok 17:01:19.0947 5484 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 17:01:19.0960 5484 elxstor - ok 17:01:20.0053 5484 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll 17:01:20.0066 5484 EMDMgmt - ok 17:01:20.0093 5484 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 17:01:20.0098 5484 ErrDev - ok 17:01:20.0179 5484 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll 17:01:20.0200 5484 EventSystem - ok 17:01:20.0365 5484 [ BA6063E3375F9BC11A9C8450A7F61E70 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 17:01:20.0591 5484 EvtEng - ok 17:01:20.0627 5484 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys 17:01:20.0634 5484 exfat - ok 17:01:20.0654 5484 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys 17:01:20.0662 5484 fastfat - ok 17:01:20.0688 5484 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 17:01:20.0693 5484 fdc - ok 17:01:20.0733 5484 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 17:01:20.0759 5484 fdPHost - ok 17:01:20.0785 5484 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 17:01:20.0792 5484 FDResPub - ok 17:01:20.0812 5484 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 17:01:20.0817 5484 FileInfo - ok 17:01:20.0831 5484 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 17:01:20.0837 5484 Filetrace - ok 17:01:20.0918 5484 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 17:01:21.0021 5484 FLEXnet Licensing Service - ok 17:01:21.0071 5484 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 17:01:21.0076 5484 flpydisk - ok 17:01:21.0139 5484 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 17:01:21.0167 5484 FltMgr - ok 17:01:21.0234 5484 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 17:01:21.0237 5484 FontCache3.0.0.0 - ok 17:01:21.0255 5484 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 17:01:21.0259 5484 Fs_Rec - ok 17:01:21.0284 5484 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 17:01:21.0299 5484 gagp30kx - ok 17:01:21.0337 5484 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys 17:01:21.0360 5484 GEARAspiWDM - ok 17:01:21.0462 5484 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 17:01:21.0477 5484 GoogleDesktopManager-051210-111108 - ok 17:01:21.0524 5484 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll 17:01:21.0553 5484 gpsvc - ok 17:01:21.0615 5484 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 17:01:21.0640 5484 gupdate - ok 17:01:21.0649 5484 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 17:01:21.0652 5484 gupdatem - ok 17:01:21.0725 5484 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 17:01:21.0733 5484 gusvc - ok 17:01:21.0769 5484 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 17:01:21.0779 5484 HdAudAddService - ok 17:01:21.0803 5484 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 17:01:21.0808 5484 HDAudBus - ok 17:01:21.0827 5484 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 17:01:21.0831 5484 HidBth - ok 17:01:21.0846 5484 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 17:01:21.0850 5484 HidIr - ok 17:01:21.0895 5484 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll 17:01:21.0919 5484 hidserv - ok 17:01:21.0956 5484 [ E2B5BD48AFCC0F0974FB44641B223250 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 17:01:21.0961 5484 HidUsb - ok 17:01:21.0988 5484 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 17:01:21.0996 5484 hkmsvc - ok 17:01:22.0042 5484 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 17:01:22.0054 5484 HpCISSs - ok 17:01:22.0076 5484 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS 17:01:22.0086 5484 HSFHWAZL - ok 17:01:22.0157 5484 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys 17:01:22.0215 5484 HSF_DPV - ok 17:01:22.0238 5484 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys 17:01:22.0263 5484 HSXHWAZL - ok 17:01:22.0323 5484 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys 17:01:22.0346 5484 HTTP - ok 17:01:22.0384 5484 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 17:01:22.0388 5484 i2omp - ok 17:01:22.0431 5484 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 17:01:22.0436 5484 i8042prt - ok 17:01:22.0514 5484 [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 17:01:22.0519 5484 iaStor - ok 17:01:22.0573 5484 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 17:01:22.0597 5484 iaStorV - ok 17:01:22.0679 5484 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 17:01:22.0801 5484 IDriverT - ok 17:01:22.0967 5484 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 17:01:23.0023 5484 idsvc - ok 17:01:23.0082 5484 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 17:01:23.0087 5484 iirsp - ok 17:01:23.0148 5484 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll 17:01:23.0181 5484 IKEEXT - ok 17:01:23.0413 5484 [ 4A0F260DF9A5333C07F4AB40CA9D4F4B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 17:01:23.0711 5484 IntcAzAudAddService - ok 17:01:23.0754 5484 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 17:01:23.0764 5484 intelide - ok 17:01:23.0812 5484 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 17:01:23.0817 5484 intelppm - ok 17:01:23.0854 5484 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 17:01:23.0866 5484 IPBusEnum - ok 17:01:23.0886 5484 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:01:23.0910 5484 IpFilterDriver - ok 17:01:23.0964 5484 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 17:01:23.0997 5484 iphlpsvc - ok 17:01:24.0007 5484 IpInIp - ok 17:01:24.0043 5484 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 17:01:24.0059 5484 IPMIDRV - ok 17:01:24.0080 5484 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 17:01:24.0087 5484 IPNAT - ok 17:01:24.0181 5484 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 17:01:24.0267 5484 iPod Service - ok 17:01:24.0284 5484 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 17:01:24.0289 5484 IRENUM - ok 17:01:24.0321 5484 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 17:01:24.0337 5484 isapnp - ok 17:01:24.0380 5484 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 17:01:24.0388 5484 iScsiPrt - ok 17:01:24.0419 5484 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 17:01:24.0424 5484 iteatapi - ok 17:01:24.0442 5484 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 17:01:24.0446 5484 iteraid - ok 17:01:24.0475 5484 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe 17:01:24.0493 5484 IviRegMgr - ok 17:01:24.0527 5484 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 17:01:24.0534 5484 kbdclass - ok 17:01:24.0570 5484 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 17:01:24.0576 5484 kbdhid - ok 17:01:24.0625 5484 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe 17:01:24.0654 5484 KeyIso - ok 17:01:24.0700 5484 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 17:01:24.0744 5484 KSecDD - ok 17:01:24.0845 5484 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 17:01:24.0888 5484 KtmRm - ok 17:01:24.0953 5484 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll 17:01:25.0008 5484 LanmanServer - ok 17:01:25.0057 5484 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 17:01:25.0072 5484 LanmanWorkstation - ok 17:01:25.0173 5484 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe 17:01:25.0396 5484 LinksysUpdater - ok 17:01:25.0452 5484 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 17:01:25.0469 5484 lltdio - ok 17:01:25.0510 5484 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 17:01:25.0537 5484 lltdsvc - ok 17:01:25.0572 5484 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 17:01:25.0580 5484 lmhosts - ok 17:01:25.0609 5484 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 17:01:25.0630 5484 LSI_FC - ok 17:01:25.0652 5484 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 17:01:25.0658 5484 LSI_SAS - ok 17:01:25.0672 5484 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 17:01:25.0679 5484 LSI_SCSI - ok 17:01:25.0714 5484 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 17:01:25.0741 5484 luafv - ok 17:01:25.0808 5484 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 17:01:25.0821 5484 Mcx2Svc - ok 17:01:25.0864 5484 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 17:01:25.0868 5484 mdmxsdk - ok 17:01:25.0934 5484 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 17:01:25.0939 5484 megasas - ok 17:01:25.0986 5484 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 17:01:26.0007 5484 MegaSR - ok 17:01:26.0045 5484 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 17:01:26.0062 5484 MMCSS - ok 17:01:26.0108 5484 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 17:01:26.0128 5484 Modem - ok 17:01:26.0163 5484 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 17:01:26.0169 5484 monitor - ok 17:01:26.0192 5484 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 17:01:26.0196 5484 mouclass - ok 17:01:26.0216 5484 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 17:01:26.0220 5484 mouhid - ok 17:01:26.0246 5484 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 17:01:26.0251 5484 MountMgr - ok 17:01:26.0349 5484 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 17:01:26.0356 5484 MozillaMaintenance - ok 17:01:26.0399 5484 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 17:01:26.0413 5484 mpio - ok 17:01:26.0435 5484 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 17:01:26.0440 5484 mpsdrv - ok 17:01:26.0514 5484 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll 17:01:26.0536 5484 MpsSvc - ok 17:01:26.0550 5484 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 17:01:26.0554 5484 Mraid35x - ok 17:01:26.0583 5484 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 17:01:26.0590 5484 MRxDAV - ok 17:01:26.0638 5484 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 17:01:26.0683 5484 mrxsmb - ok 17:01:26.0763 5484 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:01:26.0777 5484 mrxsmb10 - ok 17:01:26.0825 5484 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:01:26.0841 5484 mrxsmb20 - ok 17:01:26.0881 5484 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys 17:01:26.0886 5484 msahci - ok 17:01:26.0989 5484 [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe 17:01:27.0091 5484 MSCSPTISRV - ok 17:01:27.0135 5484 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 17:01:27.0161 5484 msdsm - ok 17:01:27.0197 5484 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 17:01:27.0229 5484 MSDTC - ok 17:01:27.0277 5484 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 17:01:27.0285 5484 Msfs - ok 17:01:27.0310 5484 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 17:01:27.0315 5484 msisadrv - ok 17:01:27.0357 5484 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 17:01:27.0380 5484 MSiSCSI - ok 17:01:27.0391 5484 msiserver - ok 17:01:27.0466 5484 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 17:01:27.0470 5484 MSKSSRV - ok 17:01:27.0485 5484 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 17:01:27.0490 5484 MSPCLOCK - ok 17:01:27.0512 5484 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 17:01:27.0516 5484 MSPQM - ok 17:01:27.0547 5484 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 17:01:27.0555 5484 MsRPC - ok 17:01:27.0588 5484 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 17:01:27.0611 5484 mssmbios - ok 17:01:27.0621 5484 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 17:01:27.0627 5484 MSTEE - ok 17:01:27.0664 5484 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys 17:01:27.0669 5484 Mup - ok 17:01:27.0712 5484 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll 17:01:27.0729 5484 napagent - ok 17:01:27.0816 5484 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 17:01:27.0824 5484 NativeWifiP - ok 17:01:27.0871 5484 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys 17:01:27.0900 5484 NDIS - ok 17:01:27.0924 5484 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 17:01:27.0928 5484 NdisTapi - ok 17:01:27.0941 5484 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 17:01:27.0946 5484 Ndisuio - ok 17:01:28.0002 5484 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 17:01:28.0009 5484 NdisWan - ok 17:01:28.0021 5484 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 17:01:28.0027 5484 NDProxy - ok 17:01:28.0049 5484 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 17:01:28.0054 5484 NetBIOS - ok 17:01:28.0073 5484 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 17:01:28.0082 5484 netbt - ok 17:01:28.0096 5484 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe 17:01:28.0101 5484 Netlogon - ok 17:01:28.0173 5484 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 17:01:28.0203 5484 Netman - ok 17:01:28.0221 5484 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 17:01:28.0235 5484 netprofm - ok 17:01:28.0284 5484 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 17:01:28.0306 5484 NetTcpPortSharing - ok 17:01:28.0538 5484 [ BA420E8EBFCAD35581FE8E4C64F71469 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys 17:01:28.0698 5484 NETw5v32 - ok 17:01:28.0740 5484 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 17:01:28.0761 5484 nfrd960 - ok 17:01:28.0791 5484 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 17:01:28.0798 5484 NlaSvc - ok 17:01:28.0855 5484 [ BF9E505065040D05F35F551A72100EF5 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE 17:01:28.0873 5484 nlsX86cc - ok 17:01:28.0972 5484 [ 82C5A813E8EA7E94DC1AFA24CD803B80 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe 17:01:29.0001 5484 nmservice - ok 17:01:29.0018 5484 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys 17:01:29.0023 5484 Npfs - ok 17:01:29.0040 5484 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 17:01:29.0048 5484 nsi - ok 17:01:29.0085 5484 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 17:01:29.0111 5484 nsiproxy - ok 17:01:29.0228 5484 [ B30F5C423B45A6668EADAD883678E2D0 ] NSUService C:\Program Files\sony\Network Utility\NSUService.exe 17:01:29.0403 5484 NSUService - ok 17:01:29.0475 5484 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 17:01:29.0519 5484 Ntfs - ok 17:01:29.0539 5484 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 17:01:29.0543 5484 ntrigdigi - ok 17:01:29.0559 5484 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 17:01:29.0564 5484 Null - ok 17:01:29.0583 5484 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 17:01:29.0590 5484 nvraid - ok 17:01:29.0617 5484 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 17:01:29.0623 5484 nvstor - ok 17:01:29.0637 5484 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 17:01:29.0689 5484 nv_agp - ok 17:01:29.0697 5484 NwlnkFlt - ok 17:01:29.0708 5484 NwlnkFwd - ok 17:01:29.0811 5484 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 17:01:29.0867 5484 odserv - ok 17:01:29.0910 5484 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 17:01:29.0915 5484 ohci1394 - ok 17:01:30.0025 5484 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:01:30.0045 5484 ose - ok 17:01:30.0115 5484 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll 17:01:30.0144 5484 p2pimsvc - ok 17:01:30.0173 5484 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll 17:01:30.0188 5484 p2psvc - ok 17:01:30.0230 5484 [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe 17:01:30.0288 5484 PACSPTISVR - ok 17:01:30.0330 5484 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 17:01:30.0336 5484 Parport - ok 17:01:30.0357 5484 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys 17:01:30.0362 5484 partmgr - ok 17:01:30.0381 5484 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 17:01:30.0408 5484 Parvdm - ok 17:01:30.0476 5484 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 17:01:30.0484 5484 PcaSvc - ok 17:01:30.0509 5484 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys 17:01:30.0517 5484 pci - ok 17:01:30.0533 5484 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 17:01:30.0537 5484 pciide - ok 17:01:30.0563 5484 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 17:01:30.0571 5484 pcmcia - ok 17:01:30.0623 5484 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys 17:01:30.0629 5484 pcouffin - ok 17:01:30.0680 5484 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 17:01:30.0723 5484 PEAUTH - ok 17:01:30.0869 5484 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 17:01:30.0935 5484 pla - ok 17:01:31.0008 5484 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll 17:01:31.0031 5484 PlugPlay - ok 17:01:31.0064 5484 [ B63A3AE87ED0AC525B3AA88B39608BFC ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys 17:01:31.0068 5484 pnarp - ok 17:01:31.0100 5484 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 17:01:31.0116 5484 PNRPAutoReg - ok 17:01:31.0158 5484 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll 17:01:31.0172 5484 PNRPsvc - ok 17:01:31.0213 5484 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 17:01:31.0234 5484 PolicyAgent - ok 17:01:31.0264 5484 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 17:01:31.0269 5484 PptpMiniport - ok 17:01:31.0295 5484 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 17:01:31.0301 5484 Processor - ok 17:01:31.0335 5484 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll 17:01:31.0347 5484 ProfSvc - ok 17:01:31.0368 5484 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe 17:01:31.0372 5484 ProtectedStorage - ok 17:01:31.0409 5484 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys 17:01:31.0414 5484 PSched - ok 17:01:31.0439 5484 [ 633CC728D6493C4263368A86928B0BFD ] purendis C:\Windows\system32\DRIVERS\purendis.sys 17:01:31.0443 5484 purendis - ok 17:01:31.0479 5484 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 17:01:31.0485 5484 PxHelp20 - ok 17:01:31.0627 5484 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 17:01:31.0671 5484 ql2300 - ok 17:01:31.0697 5484 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 17:01:31.0714 5484 ql40xx - ok 17:01:31.0787 5484 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 17:01:31.0816 5484 QWAVE - ok 17:01:31.0831 5484 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 17:01:31.0836 5484 QWAVEdrv - ok 17:01:31.0870 5484 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 17:01:31.0880 5484 RasAcd - ok 17:01:31.0900 5484 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 17:01:31.0911 5484 RasAuto - ok 17:01:31.0942 5484 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 17:01:31.0948 5484 Rasl2tp - ok 17:01:31.0999 5484 [ AFB474438762F0418060653F7294D92C ] RasMan C:\Windows\System32\rasmans.dll 17:01:32.0014 5484 RasMan - ok 17:01:32.0042 5484 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 17:01:32.0047 5484 RasPppoe - ok 17:01:32.0061 5484 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 17:01:32.0067 5484 RasSstp - ok 17:01:32.0097 5484 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 17:01:32.0112 5484 rdbss - ok 17:01:32.0149 5484 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 17:01:32.0154 5484 RDPCDD - ok 17:01:32.0193 5484 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 17:01:32.0223 5484 rdpdr - ok 17:01:32.0232 5484 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 17:01:32.0238 5484 RDPENCDD - ok 17:01:32.0279 5484 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 17:01:32.0300 5484 RDPWD - ok 17:01:32.0348 5484 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys 17:01:32.0352 5484 regi - ok 17:01:32.0451 5484 [ 7EEEEC28A34516E66137F355DCC15BDB ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 17:01:32.0667 5484 RegSrvc - ok 17:01:32.0709 5484 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 17:01:32.0718 5484 RemoteAccess - ok 17:01:32.0757 5484 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll 17:01:32.0778 5484 RemoteRegistry - ok 17:01:32.0807 5484 [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 17:01:32.0816 5484 RFCOMM - ok 17:01:32.0838 5484 [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys 17:01:32.0846 5484 rimsptsk - ok 17:01:32.0861 5484 [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys 17:01:32.0867 5484 risdptsk - ok 17:01:32.0900 5484 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 17:01:32.0908 5484 RpcLocator - ok 17:01:32.0947 5484 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll 17:01:32.0960 5484 RpcSs - ok 17:01:32.0984 5484 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 17:01:32.0989 5484 rspndr - ok 17:01:33.0051 5484 [ 065A51298212455584F1811B033B617E ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys 17:01:33.0122 5484 RTHDMIAzAudService - ok 17:01:33.0158 5484 [ DF1970AB067B4BA4221F0AD0AB9EBB30 ] RtkAudioService C:\Windows\RtkAudioService.exe 17:01:33.0240 5484 RtkAudioService - ok 17:01:33.0282 5484 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe 17:01:33.0288 5484 SamSs - ok 17:01:33.0326 5484 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 17:01:33.0339 5484 sbp2port - ok 17:01:33.0398 5484 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll 17:01:33.0409 5484 SCardSvr - ok 17:01:33.0503 5484 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll 17:01:33.0525 5484 Schedule - ok 17:01:33.0558 5484 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll 17:01:33.0561 5484 SCPolicySvc - ok 17:01:33.0615 5484 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 17:01:33.0621 5484 sdbus - ok 17:01:33.0638 5484 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 17:01:33.0660 5484 SDRSVC - ok 17:01:33.0676 5484 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 17:01:33.0681 5484 secdrv - ok 17:01:33.0713 5484 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 17:01:33.0722 5484 seclogon - ok 17:01:33.0756 5484 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 17:01:33.0765 5484 SENS - ok 17:01:33.0786 5484 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 17:01:33.0791 5484 Serenum - ok 17:01:33.0812 5484 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 17:01:33.0818 5484 Serial - ok 17:01:33.0854 5484 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 17:01:33.0868 5484 sermouse - ok 17:01:33.0916 5484 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 17:01:33.0940 5484 SessionEnv - ok 17:01:33.0976 5484 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys 17:01:33.0991 5484 SFEP - ok 17:01:34.0011 5484 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 17:01:34.0016 5484 sffdisk - ok 17:01:34.0034 5484 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 17:01:34.0039 5484 sffp_mmc - ok 17:01:34.0061 5484 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 17:01:34.0066 5484 sffp_sd - ok 17:01:34.0092 5484 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 17:01:34.0103 5484 sfloppy - ok 17:01:34.0194 5484 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 17:01:34.0208 5484 SharedAccess - ok 17:01:34.0245 5484 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 17:01:34.0270 5484 ShellHWDetection - ok 17:01:34.0293 5484 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 17:01:34.0299 5484 sisagp - ok 17:01:34.0314 5484 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 17:01:34.0318 5484 SiSRaid2 - ok 17:01:34.0358 5484 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 17:01:34.0381 5484 SiSRaid4 - ok 17:01:34.0425 5484 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 17:01:34.0433 5484 SkypeUpdate - ok 17:01:34.0574 5484 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe 17:01:34.0672 5484 slsvc - ok 17:01:34.0704 5484 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll 17:01:34.0714 5484 SLUINotify - ok 17:01:34.0740 5484 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys 17:01:34.0752 5484 Smb - ok 17:01:34.0808 5484 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 17:01:34.0817 5484 SNMPTRAP - ok 17:01:34.0854 5484 [ 1A9DD46C547646A54CDB4065C1996A07 ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe 17:01:34.0860 5484 SOHCImp - ok 17:01:34.0921 5484 [ 2E1B0D8278BB616148DDCA13DAE87544 ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe 17:01:34.0933 5484 SOHDms - ok 17:01:34.0956 5484 [ 892529EE03211C35AEA7132E119F4862 ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe 17:01:34.0959 5484 SOHDs - ok 17:01:34.0993 5484 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 17:01:35.0010 5484 spldr - ok 17:01:35.0091 5484 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe 17:01:35.0154 5484 Spooler - ok 17:01:35.0255 5484 [ D15DA1BA189770D93EEA2D7E18F95AF9 ] sptd C:\Windows\system32\Drivers\sptd.sys 17:01:35.0338 5484 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: D15DA1BA189770D93EEA2D7E18F95AF9 17:01:35.0341 5484 sptd ( LockedFile.Multi.Generic ) - warning 17:01:35.0341 5484 sptd - detected LockedFile.Multi.Generic (1) 17:01:35.0402 5484 [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe 17:01:35.0516 5484 SPTISRV - ok 17:01:35.0569 5484 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys 17:01:35.0595 5484 srv - ok 17:01:35.0651 5484 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 17:01:35.0681 5484 srv2 - ok 17:01:35.0705 5484 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 17:01:35.0713 5484 srvnet - ok 17:01:35.0770 5484 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 17:01:35.0787 5484 SSDPSRV - ok 17:01:35.0823 5484 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 17:01:35.0835 5484 SstpSvc - ok 17:01:35.0900 5484 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 17:01:35.0909 5484 ssudmdm - ok 17:01:35.0951 5484 [ 84F8C797F357D1A53794A12B7CD36AC4 ] ssudobex C:\Windows\system32\DRIVERS\ssudobex.sys 17:01:35.0959 5484 ssudobex - ok 17:01:36.0020 5484 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll 17:01:36.0049 5484 stisvc - ok 17:01:36.0281 5484 [ 9A97B7024E2CA4D42046BF272997E14C ] SupportSoft RemoteAssist C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe 17:01:36.0337 5484 SupportSoft RemoteAssist - ok 17:01:36.0402 5484 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 17:01:36.0416 5484 swenum - ok 17:01:36.0483 5484 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll 17:01:36.0554 5484 swprv - ok 17:01:36.0572 5484 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 17:01:36.0577 5484 Symc8xx - ok 17:01:36.0618 5484 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 17:01:36.0623 5484 Sym_hi - ok 17:01:36.0637 5484 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 17:01:36.0645 5484 Sym_u3 - ok 17:01:36.0707 5484 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll 17:01:36.0744 5484 SysMain - ok 17:01:36.0769 5484 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 17:01:36.0781 5484 TabletInputService - ok 17:01:36.0807 5484 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll 17:01:36.0838 5484 TapiSrv - ok 17:01:36.0860 5484 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 17:01:36.0885 5484 TBS - ok 17:01:37.0040 5484 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 17:01:37.0083 5484 Tcpip - ok 17:01:37.0241 5484 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 17:01:37.0254 5484 Tcpip6 - ok 17:01:37.0304 5484 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 17:01:37.0309 5484 tcpipreg - ok 17:01:37.0331 5484 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 17:01:37.0336 5484 TDPIPE - ok 17:01:37.0360 5484 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 17:01:37.0375 5484 TDTCP - ok 17:01:37.0395 5484 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 17:01:37.0401 5484 tdx - ok 17:01:37.0414 5484 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 17:01:37.0419 5484 TermDD - ok 17:01:37.0482 5484 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll 17:01:37.0511 5484 TermService - ok 17:01:37.0538 5484 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll 17:01:37.0548 5484 Themes - ok 17:01:37.0574 5484 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 17:01:37.0578 5484 THREADORDER - ok 17:01:37.0686 5484 [ EFEF22B9577E5051057FDE1AE381B50C ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 17:01:37.0700 5484 TomTomHOMEService - ok 17:01:37.0729 5484 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 17:01:37.0747 5484 TrkWks - ok 17:01:37.0813 5484 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 17:01:37.0834 5484 TrustedInstaller - ok 17:01:37.0878 5484 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 17:01:37.0884 5484 tssecsrv - ok 17:01:37.0900 5484 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 17:01:37.0904 5484 tunmp - ok 17:01:37.0926 5484 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 17:01:37.0936 5484 tunnel - ok 17:01:37.0975 5484 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 17:01:37.0980 5484 uagp35 - ok 17:01:38.0036 5484 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 17:01:38.0042 5484 uCamMonitor - ok 17:01:38.0075 5484 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 17:01:38.0084 5484 udfs - ok 17:01:38.0116 5484 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 17:01:38.0136 5484 UI0Detect - ok 17:01:38.0146 5484 UIUSys - ok 17:01:38.0175 5484 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 17:01:38.0205 5484 uliagpkx - ok 17:01:38.0263 5484 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 17:01:38.0306 5484 uliahci - ok 17:01:38.0329 5484 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 17:01:38.0335 5484 UlSata - ok 17:01:38.0360 5484 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 17:01:38.0404 5484 ulsata2 - ok 17:01:38.0440 5484 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 17:01:38.0461 5484 umbus - ok 17:01:38.0499 5484 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 17:01:38.0522 5484 upnphost - ok 17:01:38.0568 5484 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 17:01:38.0589 5484 USBAAPL - ok 17:01:38.0649 5484 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 17:01:38.0657 5484 usbaudio - ok 17:01:38.0716 5484 [ A7CD5B4ADEA26765CAB06BDAB7B07B13 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 17:01:38.0723 5484 usbccgp - ok 17:01:38.0793 5484 [ 2825E0E294686A26506690059E1F437A ] USBCCID C:\Windows\system32\DRIVERS\usbccid.sys 17:01:38.0835 5484 USBCCID - ok 17:01:38.0861 5484 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 17:01:38.0882 5484 usbcir - ok 17:01:38.0916 5484 [ 686D4188AE36254C3008B71FEDACADF3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 17:01:38.0932 5484 usbehci - ok 17:01:38.0991 5484 [ 4E42F665A658F08D153F7FFFE7C83806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 17:01:39.0000 5484 usbhub - ok 17:01:39.0017 5484 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 17:01:39.0022 5484 usbohci - ok 17:01:39.0054 5484 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 17:01:39.0059 5484 usbprint - ok 17:01:39.0088 5484 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 17:01:39.0093 5484 usbscan - ok 17:01:39.0163 5484 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:01:39.0169 5484 USBSTOR - ok 17:01:39.0215 5484 [ 40F95A3D6D50D82F947F1D167C2EC39D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 17:01:39.0233 5484 usbuhci - ok 17:01:39.0272 5484 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 17:01:39.0280 5484 usbvideo - ok 17:01:39.0300 5484 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll 17:01:39.0310 5484 UxSms - ok 17:01:39.0375 5484 [ 2C3DBB9B671AB95245DED1EFC5276CE9 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe 17:01:39.0384 5484 VAIO Event Service - ok 17:01:39.0485 5484 [ C1ED0F71D3B9EA8D774FC7C4CBF7EE7F ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe 17:01:39.0552 5484 VAIO Power Management - ok 17:01:39.0632 5484 [ 7773EB681E99217FD92E5E8A5A199AE5 ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 17:01:39.0800 5484 VCFw - ok 17:01:39.0858 5484 [ 2686B87EDC54ED215CE479AC9B7675DE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 17:01:39.0871 5484 VcmIAlzMgr - ok 17:01:39.0914 5484 [ BB5781ED436D3E121F85617C3BBB7AD5 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe 17:01:39.0920 5484 VcmXmlIfHelper - ok 17:01:39.0956 5484 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe 17:01:39.0983 5484 vds - ok 17:01:40.0052 5484 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 17:01:40.0076 5484 vga - ok 17:01:40.0154 5484 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 17:01:40.0165 5484 VgaSave - ok 17:01:40.0207 5484 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 17:01:40.0212 5484 viaagp - ok 17:01:40.0259 5484 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 17:01:40.0265 5484 ViaC7 - ok 17:01:40.0312 5484 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 17:01:40.0316 5484 viaide - ok 17:01:40.0373 5484 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 17:01:40.0379 5484 volmgr - ok 17:01:40.0450 5484 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 17:01:40.0462 5484 volmgrx - ok 17:01:40.0524 5484 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys 17:01:40.0553 5484 volsnap - ok 17:01:40.0585 5484 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 17:01:40.0592 5484 vsmraid - ok 17:01:40.0690 5484 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe 17:01:40.0733 5484 VSS - ok 17:01:40.0850 5484 [ 416F115DC1003BB624D03E019C3D563D ] VUAgent C:\Program Files\sony\VAIO Update\VUAgent.exe 17:01:41.0064 5484 VUAgent - ok 17:01:41.0160 5484 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll 17:01:41.0212 5484 W32Time - ok 17:01:41.0238 5484 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 17:01:41.0243 5484 WacomPen - ok 17:01:41.0261 5484 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 17:01:41.0267 5484 Wanarp - ok 17:01:41.0275 5484 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 17:01:41.0281 5484 Wanarpv6 - ok 17:01:41.0326 5484 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll 17:01:41.0396 5484 wcncsvc - ok 17:01:41.0422 5484 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 17:01:41.0449 5484 WcsPlugInService - ok 17:01:41.0468 5484 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 17:01:41.0473 5484 Wd - ok 17:01:41.0503 5484 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 17:01:41.0547 5484 Wdf01000 - ok 17:01:41.0588 5484 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 17:01:41.0597 5484 WdiServiceHost - ok 17:01:41.0605 5484 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 17:01:41.0613 5484 WdiSystemHost - ok 17:01:41.0671 5484 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll 17:01:41.0693 5484 WebClient - ok 17:01:41.0769 5484 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 17:01:41.0784 5484 Wecsvc - ok 17:01:41.0813 5484 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 17:01:41.0838 5484 wercplsupport - ok 17:01:41.0882 5484 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll 17:01:41.0907 5484 WerSvc - ok 17:01:41.0965 5484 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 17:01:41.0973 5484 WimFltr - ok 17:01:42.0013 5484 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys 17:01:42.0042 5484 winachsf - ok 17:01:42.0151 5484 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 17:01:42.0192 5484 WinDefend - ok 17:01:42.0206 5484 WinHttpAutoProxySvc - ok 17:01:42.0296 5484 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 17:01:42.0303 5484 Winmgmt - ok 17:01:42.0415 5484 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 17:01:42.0474 5484 WinRM - ok 17:01:42.0549 5484 [ F03110711B17AD31271CB2BAF0DBB2B1 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys 17:01:42.0624 5484 WinUSB - ok 17:01:42.0687 5484 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll 17:01:42.0732 5484 Wlansvc - ok 17:01:42.0882 5484 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 17:01:42.0953 5484 wlidsvc - ok 17:01:43.0031 5484 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 17:01:43.0036 5484 WmiAcpi - ok 17:01:43.0080 5484 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 17:01:43.0089 5484 wmiApSrv - ok 17:01:43.0255 5484 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 17:01:43.0285 5484 WMPNetworkSvc - ok 17:01:43.0333 5484 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 17:01:43.0347 5484 WPCSvc - ok 17:01:43.0380 5484 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 17:01:43.0401 5484 WPDBusEnum - ok 17:01:43.0477 5484 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 17:01:43.0498 5484 WpdUsb - ok 17:01:43.0749 5484 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 17:01:43.0771 5484 WPFFontCache_v0400 - ok 17:01:43.0801 5484 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 17:01:43.0815 5484 ws2ifsl - ok 17:01:43.0849 5484 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll 17:01:43.0856 5484 wscsvc - ok 17:01:43.0865 5484 WSearch - ok 17:01:43.0966 5484 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll 17:01:44.0051 5484 wuauserv - ok 17:01:44.0072 5484 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 17:01:44.0092 5484 WUDFRd - ok 17:01:44.0157 5484 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 17:01:44.0169 5484 wudfsvc - ok 17:01:44.0208 5484 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys 17:01:44.0213 5484 XAudio - ok 17:01:44.0243 5484 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe 17:01:44.0256 5484 XAudioService - ok 17:01:44.0304 5484 [ 67E3D2AF24C3873E6A0CAC89DE78D63B ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys 17:01:44.0317 5484 yukonwlh - ok 17:01:44.0334 5484 ================ Scan global =============================== 17:01:44.0388 5484 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 17:01:44.0458 5484 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll 17:01:44.0544 5484 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll 17:01:44.0600 5484 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe 17:01:44.0610 5484 [Global] - ok 17:01:44.0611 5484 ================ Scan MBR ================================== 17:01:44.0631 5484 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 17:01:45.0147 5484 \Device\Harddisk0\DR0 - ok 17:01:45.0148 5484 ================ Scan VBR ================================== 17:01:45.0160 5484 [ 1A3AA288306F95FEB2E7805ED918330D ] \Device\Harddisk0\DR0\Partition1 17:01:45.0164 5484 \Device\Harddisk0\DR0\Partition1 - ok 17:01:45.0186 5484 [ B49B14357609F57B5C894195D663F0BF ] \Device\Harddisk0\DR0\Partition2 17:01:45.0225 5484 \Device\Harddisk0\DR0\Partition2 - ok 17:01:45.0226 5484 ============================================================ 17:01:45.0226 5484 Scan finished 17:01:45.0226 5484 ============================================================ 17:01:45.0247 6848 Detected object count: 1 17:01:45.0247 6848 Actual detected object count: 1 17:03:59.0824 6848 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine 17:03:59.0825 6848 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot 17:03:59.0871 6848 HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted on reboot 17:03:59.0909 6848 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot 17:03:59.0909 6848 sptd ( LockedFile.Multi.Generic ) - User select action: Delete 17:04:09.0508 0940 Deinitialize success 17:12:03.0062 4288 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 17:12:03.0374 4288 ============================================================ 17:12:03.0374 4288 Current date / time: 2013/01/15 17:12:03.0374 17:12:03.0374 4288 SystemInfo: 17:12:03.0374 4288 17:12:03.0374 4288 OS Version: 6.0.6001 ServicePack: 1.0 17:12:03.0374 4288 Product type: Workstation 17:12:03.0374 4288 ComputerName: PC_VAN_SONY 17:12:03.0374 4288 UserName: Sony 17:12:03.0374 4288 Windows directory: C:\Windows 17:12:03.0374 4288 System windows directory: C:\Windows 17:12:03.0374 4288 Processor architecture: Intel x86 17:12:03.0374 4288 Number of processors: 2 17:12:03.0374 4288 Page size: 0x1000 17:12:03.0374 4288 Boot type: Normal boot 17:12:03.0374 4288 ============================================================ 17:12:10.0693 4288 BG loaded 17:12:12.0316 4288 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 17:12:12.0331 4288 ============================================================ 17:12:12.0331 4288 \Device\Harddisk0\DR0: 17:12:12.0347 4288 MBR partitions: 17:12:12.0347 4288 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B54800, BlocksNum 0x1CD6682F 17:12:12.0347 4288 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E8BB800, BlocksNum 0x1BACA000 17:12:12.0347 4288 ============================================================ 17:12:12.0440 4288 C: <-> \Device\Harddisk0\DR0\Partition1 17:12:12.0487 4288 D: <-> \Device\Harddisk0\DR0\Partition2 17:12:12.0487 4288 ============================================================ 17:12:12.0487 4288 Initialize success 17:12:12.0487 4288 ============================================================ 17:12:19.0882 4832 ============================================================ 17:12:19.0882 4832 Scan started 17:12:19.0882 4832 Mode: Manual; 17:12:19.0882 4832 ============================================================ 17:12:26.0237 4832 ================ Scan system memory ======================== 17:12:26.0237 4832 System memory - ok 17:12:26.0237 4832 ================ Scan services ============================= 17:12:26.0877 4832 [ 35F57598F0589FEB3C3ABC1621BF329F ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 17:12:26.0955 4832 ACDaemon - ok 17:12:27.0610 4832 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys 17:12:27.0610 4832 ACPI - ok 17:12:27.0938 4832 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 17:12:27.0938 4832 AdobeActiveFileMonitor6.0 - ok 17:12:28.0140 4832 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 17:12:53.0288 4832 AdobeARMservice - ok 17:12:53.0802 4832 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 17:12:53.0927 4832 AdobeFlashPlayerUpdateSvc - ok 17:12:54.0099 4832 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 17:12:54.0302 4832 adp94xx - ok 17:12:54.0489 4832 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 17:12:54.0614 4832 adpahci - ok 17:12:54.0645 4832 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 17:12:54.0707 4832 adpu160m - ok 17:12:54.0738 4832 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 17:12:54.0770 4832 adpu320 - ok 17:12:54.0848 4832 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 17:12:58.0436 4832 AeLookupSvc - ok 17:12:59.0091 4832 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys 17:12:59.0138 4832 AFD - ok 17:12:59.0231 4832 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 17:12:59.0356 4832 agp440 - ok 17:12:59.0730 4832 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 17:12:59.0871 4832 aic78xx - ok 17:12:59.0918 4832 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 17:12:59.0933 4832 ALG - ok 17:13:00.0011 4832 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 17:13:00.0058 4832 aliide - ok 17:13:00.0152 4832 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 17:13:00.0183 4832 amdagp - ok 17:13:00.0292 4832 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 17:13:00.0495 4832 amdide - ok 17:13:00.0651 4832 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 17:13:00.0807 4832 AmdK7 - ok 17:13:01.0056 4832 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 17:13:01.0259 4832 AmdK8 - ok 17:13:01.0540 4832 [ 9325E49D555D8F12CE1735227DBB3D80 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 17:13:01.0540 4832 ApfiltrService - ok 17:13:01.0649 4832 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 17:13:01.0649 4832 Appinfo - ok 17:13:01.0836 4832 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:13:01.0899 4832 Apple Mobile Device - ok 17:13:01.0946 4832 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 17:13:01.0961 4832 arc - ok 17:13:02.0055 4832 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 17:13:02.0148 4832 arcsas - ok 17:13:02.0195 4832 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 17:13:02.0211 4832 ArcSoftKsUFilter - ok 17:13:02.0616 4832 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 17:13:02.0632 4832 aspnet_state - ok 17:13:02.0694 4832 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 17:13:02.0726 4832 AsyncMac - ok 17:13:02.0772 4832 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys 17:13:02.0866 4832 atapi - ok 17:13:03.0194 4832 [ 6455100A6CDB1DEDC551E12FD41BC519 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe 17:13:03.0209 4832 Ati External Event Utility - ok 17:13:04.0348 4832 [ 9F66D1BA97911731133E46212539A08D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 17:13:04.0426 4832 atikmdag - ok 17:13:04.0722 4832 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 17:13:04.0722 4832 AudioEndpointBuilder - ok 17:13:04.0754 4832 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll 17:13:04.0754 4832 Audiosrv - ok 17:13:04.0988 4832 [ C4D15594DB5BE042D3346EA58DF87D89 ] avg9wd C:\Program Files\AVG\AVG9\avgwdsvc.exe 17:13:04.0988 4832 avg9wd - ok 17:13:05.0081 4832 [ A9F4D19DE72C738759330D10D35C4398 ] AvgLdx86 C:\Windows\System32\Drivers\avgldx86.sys 17:13:05.0081 4832 AvgLdx86 - ok 17:13:05.0159 4832 [ 80FF2B1B7EEDA966394F0BAA895BBF4B ] AvgMfx86 C:\Windows\System32\Drivers\avgmfx86.sys 17:13:05.0159 4832 AvgMfx86 - ok 17:13:05.0237 4832 [ 9A7A93388F503A34E7339AE7F9997449 ] AvgTdiX C:\Windows\System32\Drivers\avgtdix.sys 17:13:05.0237 4832 AvgTdiX - ok 17:13:05.0346 4832 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 17:13:05.0362 4832 Beep - ok 17:13:05.0487 4832 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll 17:13:05.0487 4832 BFE - ok 17:13:05.0612 4832 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll 17:13:05.0627 4832 BITS - ok 17:13:05.0674 4832 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 17:13:05.0690 4832 blbdrive - ok 17:13:05.0846 4832 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 17:13:05.0846 4832 Bonjour Service - ok 17:13:05.0924 4832 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 17:13:05.0924 4832 bowser - ok 17:13:06.0017 4832 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 17:13:06.0033 4832 BrFiltLo - ok 17:13:06.0095 4832 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 17:13:06.0111 4832 BrFiltUp - ok 17:13:06.0158 4832 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 17:13:06.0158 4832 Browser - ok 17:13:06.0236 4832 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 17:13:06.0267 4832 Brserid - ok 17:13:06.0314 4832 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 17:13:06.0329 4832 BrSerWdm - ok 17:13:06.0392 4832 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 17:13:06.0407 4832 BrUsbMdm - ok 17:13:06.0454 4832 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 17:13:06.0470 4832 BrUsbSer - ok 17:13:06.0548 4832 [ AE19CFBBBA41800F3D5343E21D2CA09F ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 17:13:06.0579 4832 BthEnum - ok 17:13:06.0657 4832 [ 5FFA6988FF9597986FF2ADA736CC90C0 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 17:13:06.0688 4832 BTHMODEM - ok 17:13:06.0750 4832 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 17:13:06.0766 4832 BthPan - ok 17:13:06.0984 4832 [ 75F19DF0BC62992D05FDD8A32D968531 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 17:13:07.0125 4832 BTHPORT - ok 17:13:07.0296 4832 [ FC930B47A83F5F61DFADC64A0719DE43 ] BthServ C:\Windows\System32\bthserv.dll 17:13:07.0296 4832 BthServ - ok 17:13:07.0374 4832 [ 4CE2A25C5936BC515357D60FEE73F221 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 17:13:07.0374 4832 BTHUSB - ok 17:13:07.0562 4832 [ 14164C0CFD9D5A2704FDAB93A9688630 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 17:13:07.0608 4832 btwaudio - ok 17:13:07.0702 4832 [ 94DC6E5F3F532C5054F078D845714129 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 17:13:07.0733 4832 btwavdt - ok 17:13:08.0045 4832 [ C832A3622A35CA7C595EA8CA385BA813 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 17:13:08.0061 4832 btwdins - ok 17:13:08.0123 4832 [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 17:13:08.0123 4832 btwl2cap - ok 17:13:08.0248 4832 [ 61E29BA977B972C9BAA847CC11D48C3D ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 17:13:08.0248 4832 btwrchid - ok 17:13:08.0310 4832 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 17:13:08.0310 4832 cdfs - ok 17:13:08.0357 4832 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 17:13:08.0357 4832 cdrom - ok 17:13:08.0435 4832 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll 17:13:08.0435 4832 CertPropSvc - ok 17:13:08.0466 4832 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 17:13:08.0498 4832 circlass - ok 17:13:08.0560 4832 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys 17:13:08.0560 4832 CLFS - ok 17:13:08.0607 4832 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:13:08.0685 4832 clr_optimization_v2.0.50727_32 - ok 17:13:09.0075 4832 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:13:09.0262 4832 clr_optimization_v4.0.30319_32 - ok 17:13:09.0402 4832 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 17:13:09.0402 4832 CmBatt - ok 17:13:09.0449 4832 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 17:13:09.0449 4832 cmdide - ok 17:13:09.0512 4832 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 17:13:09.0543 4832 Compbatt - ok 17:13:09.0558 4832 COMSysApp - ok 17:13:09.0574 4832 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 17:13:09.0590 4832 crcdisk - ok 17:13:09.0621 4832 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 17:13:09.0636 4832 Crusoe - ok 17:13:09.0714 4832 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll 17:13:09.0714 4832 CryptSvc - ok 17:13:09.0792 4832 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll 17:13:09.0808 4832 DcomLaunch - ok 17:13:09.0855 4832 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys 17:13:09.0855 4832 DfsC - ok 17:13:10.0058 4832 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe 17:13:10.0276 4832 DFSR - ok 17:13:10.0354 4832 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 17:13:10.0354 4832 dg_ssudbus - ok 17:13:10.0448 4832 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll 17:13:10.0448 4832 Dhcp - ok 17:13:10.0541 4832 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys 17:13:10.0541 4832 disk - ok 17:13:10.0604 4832 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys 17:13:10.0604 4832 DMICall - ok 17:13:10.0666 4832 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll 17:13:10.0682 4832 Dnscache - ok 17:13:10.0775 4832 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll 17:13:10.0791 4832 dot3svc - ok 17:13:10.0884 4832 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 17:13:10.0900 4832 DPS - ok 17:13:10.0962 4832 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 17:13:10.0978 4832 drmkaud - ok 17:13:11.0118 4832 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 17:13:11.0118 4832 DXGKrnl - ok 17:13:11.0196 4832 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 17:13:11.0274 4832 E1G60 - ok 17:13:11.0321 4832 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 17:13:11.0337 4832 EapHost - ok 17:13:11.0477 4832 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys 17:13:11.0524 4832 Ecache - ok 17:13:11.0789 4832 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 17:13:11.0805 4832 ehRecvr - ok 17:13:11.0867 4832 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 17:13:11.0867 4832 ehSched - ok 17:13:11.0914 4832 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 17:13:11.0914 4832 ehstart - ok 17:13:12.0008 4832 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 17:13:12.0179 4832 elxstor - ok 17:13:12.0288 4832 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll 17:13:12.0288 4832 EMDMgmt - ok 17:13:12.0351 4832 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 17:13:12.0398 4832 ErrDev - ok 17:13:12.0507 4832 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll 17:13:12.0507 4832 EventSystem - ok 17:13:12.0710 4832 [ BA6063E3375F9BC11A9C8450A7F61E70 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 17:13:12.0725 4832 EvtEng - ok 17:13:12.0788 4832 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys 17:13:12.0819 4832 exfat - ok 17:13:12.0866 4832 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys 17:13:12.0881 4832 fastfat - ok 17:13:12.0959 4832 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 17:13:12.0975 4832 fdc - ok 17:13:13.0006 4832 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 17:13:13.0006 4832 fdPHost - ok 17:13:13.0023 4832 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 17:13:13.0023 4832 FDResPub - ok 17:13:13.0085 4832 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 17:13:13.0101 4832 FileInfo - ok 17:13:13.0132 4832 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 17:13:13.0147 4832 Filetrace - ok 17:13:13.0288 4832 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 17:13:13.0537 4832 FLEXnet Licensing Service - ok 17:13:13.0584 4832 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 17:13:13.0584 4832 flpydisk - ok 17:13:13.0647 4832 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 17:13:13.0647 4832 FltMgr - ok 17:13:13.0740 4832 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 17:13:13.0740 4832 FontCache3.0.0.0 - ok 17:13:13.0771 4832 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 17:13:13.0771 4832 Fs_Rec - ok 17:13:13.0849 4832 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 17:13:13.0881 4832 gagp30kx - ok 17:13:13.0927 4832 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys 17:13:13.0927 4832 GEARAspiWDM - ok 17:13:14.0099 4832 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 17:13:14.0099 4832 GoogleDesktopManager-051210-111108 - ok 17:13:14.0177 4832 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll 17:13:14.0193 4832 gpsvc - ok 17:13:14.0271 4832 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 17:13:14.0271 4832 gupdate - ok 17:13:14.0286 4832 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 17:13:14.0302 4832 gupdatem - ok 17:13:14.0411 4832 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 17:13:14.0458 4832 gusvc - ok 17:13:14.0598 4832 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 17:13:14.0645 4832 HdAudAddService - ok 17:13:14.0692 4832 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 17:13:14.0692 4832 HDAudBus - ok 17:13:14.0723 4832 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 17:13:14.0739 4832 HidBth - ok 17:13:14.0801 4832 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 17:13:14.0801 4832 HidIr - ok 17:13:14.0879 4832 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll 17:13:14.0879 4832 hidserv - ok 17:13:14.0926 4832 [ E2B5BD48AFCC0F0974FB44641B223250 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 17:13:14.0926 4832 HidUsb - ok 17:13:14.0973 4832 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 17:13:14.0988 4832 hkmsvc - ok 17:13:15.0097 4832 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 17:13:15.0113 4832 HpCISSs - ok 17:13:15.0160 4832 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS 17:13:15.0175 4832 HSFHWAZL - ok 17:13:15.0316 4832 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys 17:13:15.0331 4832 HSF_DPV - ok 17:13:15.0394 4832 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys 17:13:15.0394 4832 HSXHWAZL - ok 17:13:15.0487 4832 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys 17:13:15.0487 4832 HTTP - ok 17:13:15.0534 4832 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 17:13:15.0550 4832 i2omp - ok 17:13:15.0643 4832 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 17:13:15.0659 4832 i8042prt - ok 17:13:15.0753 4832 [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 17:13:15.0753 4832 iaStor - ok 17:13:15.0784 4832 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 17:13:15.0877 4832 iaStorV - ok 17:13:16.0033 4832 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 17:13:16.0080 4832 IDriverT - ok 17:13:16.0189 4832 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 17:13:16.0314 4832 idsvc - ok 17:13:16.0361 4832 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 17:13:16.0361 4832 iirsp - ok 17:13:16.0455 4832 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll 17:13:16.0470 4832 IKEEXT - ok 17:13:16.0689 4832 [ 4A0F260DF9A5333C07F4AB40CA9D4F4B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 17:13:16.0767 4832 IntcAzAudAddService - ok 17:13:16.0829 4832 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 17:13:16.0829 4832 intelide - ok 17:13:16.0891 4832 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 17:13:16.0891 4832 intelppm - ok 17:13:16.0938 4832 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 17:13:16.0954 4832 IPBusEnum - ok 17:13:17.0063 4832 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:13:17.0079 4832 IpFilterDriver - ok 17:13:17.0157 4832 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 17:13:17.0157 4832 iphlpsvc - ok 17:13:17.0172 4832 IpInIp - ok 17:13:17.0203 4832 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 17:13:17.0219 4832 IPMIDRV - ok 17:13:17.0250 4832 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 17:13:17.0266 4832 IPNAT - ok 17:13:17.0391 4832 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 17:13:17.0453 4832 iPod Service - ok 17:13:17.0469 4832 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 17:13:17.0484 4832 IRENUM - ok 17:13:17.0515 4832 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 17:13:17.0531 4832 isapnp - ok 17:13:17.0593 4832 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 17:13:17.0609 4832 iScsiPrt - ok 17:13:17.0640 4832 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 17:13:17.0640 4832 iteatapi - ok 17:13:17.0703 4832 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 17:13:17.0718 4832 iteraid - ok 17:13:17.0749 4832 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe 17:13:17.0749 4832 IviRegMgr - ok 17:13:17.0812 4832 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 17:13:17.0827 4832 kbdclass - ok 17:13:17.0859 4832 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 17:13:17.0859 4832 kbdhid - ok 17:13:17.0921 4832 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe 17:13:17.0921 4832 KeyIso - ok 17:13:17.0968 4832 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 17:13:18.0030 4832 KSecDD - ok 17:13:18.0093 4832 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 17:13:18.0155 4832 KtmRm - ok 17:13:18.0217 4832 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll 17:13:18.0217 4832 LanmanServer - ok 17:13:18.0311 4832 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 17:13:18.0311 4832 LanmanWorkstation - ok 17:13:19.0153 4832 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe 17:13:19.0153 4832 LinksysUpdater - ok 17:13:19.0372 4832 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 17:13:19.0372 4832 lltdio - ok 17:13:20.0994 4832 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 17:13:21.0057 4832 lltdsvc - ok 17:13:22.0882 4832 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 17:13:22.0882 4832 lmhosts - ok 17:13:24.0692 4832 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 17:13:24.0817 4832 LSI_FC - ok 17:13:29.0653 4832 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 17:13:29.0700 4832 LSI_SAS - ok 17:13:31.0447 4832 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 17:13:31.0510 4832 LSI_SCSI - ok 17:13:33.0210 4832 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 17:13:33.0210 4832 luafv - ok 17:13:34.0146 4832 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 17:13:34.0224 4832 Mcx2Svc - ok 17:13:34.0895 4832 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 17:13:34.0895 4832 mdmxsdk - ok 17:13:35.0316 4832 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 17:13:35.0316 4832 megasas - ok 17:13:35.0581 4832 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 17:13:35.0659 4832 MegaSR - ok 17:13:35.0831 4832 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 17:13:35.0831 4832 MMCSS - ok 17:13:36.0174 4832 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 17:13:36.0174 4832 Modem - ok 17:13:36.0408 4832 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 17:13:36.0408 4832 monitor - ok 17:13:36.0580 4832 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 17:13:36.0595 4832 mouclass - ok 17:13:36.0782 4832 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 17:13:36.0798 4832 mouhid - ok 17:13:36.0985 4832 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 17:13:36.0985 4832 MountMgr - ok 17:13:37.0328 4832 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 17:13:37.0360 4832 MozillaMaintenance - ok 17:13:37.0625 4832 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 17:13:37.0640 4832 mpio - ok 17:13:38.0717 4832 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 17:13:38.0717 4832 mpsdrv - ok 17:13:40.0152 4832 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll 17:13:40.0168 4832 MpsSvc - ok 17:13:41.0540 4832 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 17:13:41.0603 4832 Mraid35x - ok 17:13:41.0650 4832 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 17:13:41.0650 4832 MRxDAV - ok 17:13:41.0728 4832 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 17:13:41.0728 4832 mrxsmb - ok 17:13:41.0806 4832 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:13:41.0806 4832 mrxsmb10 - ok 17:13:42.0040 4832 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:13:42.0040 4832 mrxsmb20 - ok 17:13:42.0164 4832 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys 17:13:42.0242 4832 msahci - ok 17:13:42.0648 4832 [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe 17:13:42.0788 4832 MSCSPTISRV - ok 17:13:42.0835 4832 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 17:13:42.0898 4832 msdsm - ok 17:13:42.0960 4832 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 17:13:43.0085 4832 MSDTC - ok 17:13:43.0506 4832 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 17:13:43.0506 4832 Msfs - ok 17:13:43.0568 4832 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 17:13:43.0646 4832 msisadrv - ok 17:13:43.0771 4832 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 17:13:43.0849 4832 MSiSCSI - ok 17:13:43.0880 4832 msiserver - ok 17:13:44.0068 4832 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 17:13:44.0099 4832 MSKSSRV - ok 17:13:44.0270 4832 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 17:13:44.0395 4832 MSPCLOCK - ok 17:13:44.0816 4832 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 17:13:44.0863 4832 MSPQM - ok 17:13:44.0910 4832 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 17:13:45.0206 4832 MsRPC - ok 17:13:45.0238 4832 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 17:13:45.0238 4832 mssmbios - ok 17:13:45.0284 4832 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 17:13:45.0331 4832 MSTEE - ok 17:13:45.0362 4832 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys 17:13:45.0362 4832 Mup - ok 17:13:45.0487 4832 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll 17:13:45.0487 4832 napagent - ok 17:13:45.0550 4832 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 17:13:45.0550 4832 NativeWifiP - ok 17:13:45.0690 4832 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys 17:13:45.0908 4832 NDIS - ok 17:13:45.0940 4832 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 17:13:45.0955 4832 NdisTapi - ok 17:13:46.0018 4832 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 17:13:46.0018 4832 Ndisuio - ok 17:13:46.0080 4832 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 17:13:46.0080 4832 NdisWan - ok 17:13:46.0111 4832 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 17:13:46.0111 4832 NDProxy - ok 17:13:46.0205 4832 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 17:13:46.0205 4832 NetBIOS - ok 17:13:46.0267 4832 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 17:13:46.0283 4832 netbt - ok 17:13:46.0314 4832 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe 17:13:46.0314 4832 Netlogon - ok 17:13:46.0408 4832 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 17:13:46.0423 4832 Netman - ok 17:13:46.0501 4832 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 17:13:46.0517 4832 netprofm - ok 17:13:46.0564 4832 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 17:13:46.0610 4832 NetTcpPortSharing - ok 17:13:47.0000 4832 [ BA420E8EBFCAD35581FE8E4C64F71469 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys 17:13:47.0110 4832 NETw5v32 - ok 17:13:47.0203 4832 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 17:13:47.0203 4832 nfrd960 - ok 17:13:47.0406 4832 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 17:13:47.0406 4832 NlaSvc - ok 17:13:47.0484 4832 [ BF9E505065040D05F35F551A72100EF5 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE 17:13:47.0500 4832 nlsX86cc - ok 17:13:47.0702 4832 [ 82C5A813E8EA7E94DC1AFA24CD803B80 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe 17:13:47.0718 4832 nmservice - ok 17:13:47.0749 4832 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys 17:13:47.0765 4832 Npfs - ok 17:13:47.0812 4832 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 17:13:47.0827 4832 nsi - ok 17:13:47.0843 4832 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 17:13:47.0858 4832 nsiproxy - ok 17:13:48.0030 4832 [ B30F5C423B45A6668EADAD883678E2D0 ] NSUService C:\Program Files\sony\Network Utility\NSUService.exe 17:13:48.0030 4832 NSUService - ok 17:13:48.0264 4832 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 17:13:48.0701 4832 Ntfs - ok 17:13:48.0779 4832 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 17:13:48.0779 4832 ntrigdigi - ok 17:13:48.0841 4832 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 17:13:48.0841 4832 Null - ok 17:13:48.0966 4832 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 17:13:48.0997 4832 nvraid - ok 17:13:49.0091 4832 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 17:13:49.0169 4832 nvstor - ok 17:13:49.0216 4832 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 17:13:49.0231 4832 nv_agp - ok 17:13:49.0278 4832 NwlnkFlt - ok 17:13:49.0294 4832 NwlnkFwd - ok 17:13:49.0496 4832 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 17:13:49.0652 4832 odserv - ok 17:13:49.0684 4832 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 17:13:49.0684 4832 ohci1394 - ok 17:13:49.0949 4832 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:13:50.0027 4832 ose - ok 17:13:50.0245 4832 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll 17:13:50.0261 4832 p2pimsvc - ok 17:13:50.0666 4832 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll 17:13:50.0682 4832 p2psvc - ok 17:13:50.0807 4832 [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe 17:13:50.0838 4832 PACSPTISVR - ok 17:13:50.0916 4832 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 17:13:50.0916 4832 Parport - ok 17:13:50.0963 4832 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys 17:13:50.0995 4832 partmgr - ok 17:13:51.0026 4832 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 17:13:51.0057 4832 Parvdm - ok 17:13:51.0182 4832 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 17:13:51.0182 4832 PcaSvc - ok 17:13:51.0245 4832 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys 17:13:51.0245 4832 pci - ok 17:13:51.0291 4832 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 17:13:51.0307 4832 pciide - ok 17:13:51.0338 4832 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 17:13:51.0494 4832 pcmcia - ok 17:13:51.0541 4832 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys 17:13:51.0666 4832 pcouffin - ok 17:13:51.0822 4832 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 17:13:51.0837 4832 PEAUTH - ok 17:13:52.0165 4832 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 17:13:52.0212 4832 pla - ok 17:13:52.0290 4832 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll 17:13:52.0305 4832 PlugPlay - ok 17:13:52.0383 4832 [ B63A3AE87ED0AC525B3AA88B39608BFC ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys 17:13:52.0383 4832 pnarp - ok 17:13:52.0586 4832 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 17:13:52.0602 4832 PNRPAutoReg - ok 17:13:52.0758 4832 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll 17:13:52.0758 4832 PNRPsvc - ok 17:13:52.0851 4832 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 17:13:52.0851 4832 PolicyAgent - ok 17:13:52.0992 4832 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 17:13:52.0992 4832 PptpMiniport - ok 17:13:53.0039 4832 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 17:13:53.0070 4832 Processor - ok 17:13:53.0132 4832 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll 17:13:53.0148 4832 ProfSvc - ok 17:13:53.0210 4832 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe 17:13:53.0226 4832 ProtectedStorage - ok 17:13:53.0257 4832 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys 17:13:53.0257 4832 PSched - ok 17:13:53.0319 4832 [ 633CC728D6493C4263368A86928B0BFD ] purendis C:\Windows\system32\DRIVERS\purendis.sys 17:13:53.0319 4832 purendis - ok 17:13:53.0382 4832 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 17:13:53.0413 4832 PxHelp20 - ok 17:13:53.0585 4832 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 17:13:53.0756 4832 ql2300 - ok 17:13:53.0834 4832 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 17:13:53.0850 4832 ql40xx - ok 17:13:53.0990 4832 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 17:13:54.0006 4832 QWAVE - ok 17:13:54.0053 4832 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 17:13:54.0053 4832 QWAVEdrv - ok 17:13:54.0100 4832 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 17:13:54.0116 4832 RasAcd - ok 17:13:54.0163 4832 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 17:13:54.0178 4832 RasAuto - ok 17:13:54.0210 4832 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 17:13:54.0210 4832 Rasl2tp - ok 17:13:54.0319 4832 [ AFB474438762F0418060653F7294D92C ] RasMan C:\Windows\System32\rasmans.dll 17:13:54.0319 4832 RasMan - ok 17:13:54.0366 4832 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 17:13:54.0490 4832 RasPppoe - ok 17:13:54.0537 4832 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 17:13:54.0553 4832 RasSstp - ok 17:13:54.0631 4832 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 17:13:54.0646 4832 rdbss - ok 17:13:54.0678 4832 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 17:13:54.0693 4832 RDPCDD - ok 17:13:54.0771 4832 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 17:13:54.0834 4832 rdpdr - ok 17:13:54.0865 4832 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 17:13:54.0865 4832 RDPENCDD - ok 17:13:55.0036 4832 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 17:13:55.0224 4832 RDPWD - ok 17:13:55.0458 4832 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys 17:13:55.0458 4832 regi - ok 17:13:56.0331 4832 [ 7EEEEC28A34516E66137F355DCC15BDB ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 17:13:56.0331 4832 RegSrvc - ok 17:13:56.0440 4832 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 17:13:56.0456 4832 RemoteAccess - ok 17:13:56.0518 4832 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll 17:13:56.0534 4832 RemoteRegistry - ok 17:13:56.0690 4832 [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 17:13:56.0955 4832 RFCOMM - ok 17:13:57.0033 4832 [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys 17:13:57.0986 4832 rimsptsk - ok 17:13:58.0048 4832 [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys 17:13:58.0064 4832 risdptsk - ok 17:13:58.0126 4832 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 17:13:58.0126 4832 RpcLocator - ok 17:13:58.0298 4832 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll 17:13:58.0313 4832 RpcSs - ok 17:13:58.0423 4832 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 17:13:58.0423 4832 rspndr - ok 17:13:58.0657 4832 [ 065A51298212455584F1811B033B617E ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys 17:13:58.0703 4832 RTHDMIAzAudService - ok 17:13:58.0828 4832 [ DF1970AB067B4BA4221F0AD0AB9EBB30 ] RtkAudioService C:\Windows\RtkAudioService.exe 17:13:58.0828 4832 RtkAudioService - ok 17:13:58.0906 4832 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe 17:13:58.0906 4832 SamSs - ok 17:13:59.0015 4832 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 17:13:59.0078 4832 sbp2port - ok 17:13:59.0218 4832 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll 17:13:59.0234 4832 SCardSvr - ok 17:13:59.0437 4832 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll 17:13:59.0452 4832 Schedule - ok 17:13:59.0515 4832 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll 17:13:59.0515 4832 SCPolicySvc - ok 17:13:59.0686 4832 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 17:13:59.0764 4832 sdbus - ok 17:13:59.0811 4832 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 17:13:59.0827 4832 SDRSVC - ok 17:14:00.0014 4832 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 17:14:00.0014 4832 secdrv - ok 17:14:00.0123 4832 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 17:14:00.0123 4832 seclogon - ok 17:14:00.0154 4832 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 17:14:00.0154 4832 SENS - ok 17:14:00.0201 4832 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 17:14:00.0232 4832 Serenum - ok 17:14:00.0295 4832 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 17:14:00.0310 4832 Serial - ok 17:14:00.0373 4832 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 17:14:00.0404 4832 sermouse - ok 17:14:00.0513 4832 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 17:14:00.0513 4832 SessionEnv - ok 17:14:00.0638 4832 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys 17:14:00.0685 4832 SFEP - ok 17:14:00.0747 4832 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 17:14:00.0778 4832 sffdisk - ok 17:14:00.0903 4832 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 17:14:00.0934 4832 sffp_mmc - ok 17:14:00.0965 4832 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 17:14:01.0043 4832 sffp_sd - ok 17:14:01.0059 4832 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 17:14:01.0199 4832 sfloppy - ok 17:14:01.0309 4832 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 17:14:01.0340 4832 SharedAccess - ok 17:14:01.0496 4832 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 17:14:01.0511 4832 ShellHWDetection - ok 17:14:01.0558 4832 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 17:14:01.0621 4832 sisagp - ok 17:14:01.0667 4832 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 17:14:01.0667 4832 SiSRaid2 - ok 17:14:01.0714 4832 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 17:14:01.0730 4832 SiSRaid4 - ok 17:14:01.0855 4832 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 17:14:01.0855 4832 SkypeUpdate - ok 17:14:02.0057 4832 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe 17:14:02.0104 4832 slsvc - ok 17:14:02.0151 4832 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll 17:14:02.0167 4832 SLUINotify - ok 17:14:02.0182 4832 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys 17:14:02.0198 4832 Smb - ok 17:14:02.0229 4832 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 17:14:02.0229 4832 SNMPTRAP - ok 17:14:02.0276 4832 [ 1A9DD46C547646A54CDB4065C1996A07 ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe 17:14:02.0276 4832 SOHCImp - ok 17:14:02.0338 4832 [ 2E1B0D8278BB616148DDCA13DAE87544 ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe 17:14:02.0354 4832 SOHDms - ok 17:14:02.0369 4832 [ 892529EE03211C35AEA7132E119F4862 ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe 17:14:02.0369 4832 SOHDs - ok 17:14:02.0401 4832 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 17:14:02.0416 4832 spldr - ok 17:14:02.0479 4832 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe 17:14:02.0494 4832 Spooler - ok 17:14:02.0572 4832 [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe 17:14:02.0650 4832 SPTISRV - ok 17:14:02.0853 4832 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys 17:14:02.0853 4832 srv - ok 17:14:03.0025 4832 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 17:14:03.0025 4832 srv2 - ok 17:14:03.0227 4832 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 17:14:03.0227 4832 srvnet - ok 17:14:03.0305 4832 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 17:14:03.0321 4832 SSDPSRV - ok 17:14:03.0368 4832 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 17:14:03.0383 4832 SstpSvc - ok 17:14:03.0477 4832 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 17:14:03.0524 4832 ssudmdm - ok 17:14:03.0649 4832 [ 84F8C797F357D1A53794A12B7CD36AC4 ] ssudobex C:\Windows\system32\DRIVERS\ssudobex.sys 17:14:03.0976 4832 ssudobex - ok 17:14:04.0117 4832 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll 17:14:04.0132 4832 stisvc - ok 17:14:04.0663 4832 [ 9A97B7024E2CA4D42046BF272997E14C ] SupportSoft RemoteAssist C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe 17:14:04.0663 4832 SupportSoft RemoteAssist - ok 17:14:04.0709 4832 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 17:14:04.0709 4832 swenum - ok 17:14:04.0756 4832 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll 17:14:04.0772 4832 swprv - ok 17:14:04.0803 4832 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 17:14:04.0819 4832 Symc8xx - ok 17:14:04.0865 4832 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 17:14:04.0881 4832 Sym_hi - ok 17:14:04.0928 4832 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 17:14:04.0959 4832 Sym_u3 - ok 17:14:05.0006 4832 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll 17:14:05.0021 4832 SysMain - ok 17:14:05.0084 4832 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 17:14:05.0084 4832 TabletInputService - ok 17:14:05.0146 4832 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll 17:14:05.0146 4832 TapiSrv - ok 17:14:05.0209 4832 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 17:14:05.0224 4832 TBS - ok 17:14:05.0411 4832 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 17:14:05.0427 4832 Tcpip - ok 17:14:05.0567 4832 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 17:14:05.0583 4832 Tcpip6 - ok 17:14:05.0630 4832 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 17:14:05.0630 4832 tcpipreg - ok 17:14:05.0661 4832 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 17:14:05.0661 4832 TDPIPE - ok 17:14:05.0708 4832 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 17:14:05.0739 4832 TDTCP - ok 17:14:05.0770 4832 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 17:14:05.0770 4832 tdx - ok 17:14:05.0926 4832 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 17:14:05.0957 4832 TermDD - ok 17:14:06.0067 4832 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll 17:14:06.0067 4832 TermService - ok 17:14:06.0129 4832 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll 17:14:06.0129 4832 Themes - ok 17:14:06.0301 4832 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 17:14:06.0301 4832 THREADORDER - ok 17:14:06.0441 4832 [ EFEF22B9577E5051057FDE1AE381B50C ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 17:14:06.0441 4832 TomTomHOMEService - ok 17:14:06.0503 4832 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 17:14:06.0519 4832 TrkWks - ok 17:14:06.0628 4832 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 17:14:06.0628 4832 TrustedInstaller - ok 17:14:06.0691 4832 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 17:14:06.0722 4832 tssecsrv - ok 17:14:06.0753 4832 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 17:14:06.0753 4832 tunmp - ok 17:14:06.0784 4832 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 17:14:06.0831 4832 tunnel - ok 17:14:06.0878 4832 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 17:14:06.0925 4832 uagp35 - ok 17:14:07.0003 4832 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 17:14:07.0003 4832 uCamMonitor - ok 17:14:07.0143 4832 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 17:14:07.0315 4832 udfs - ok 17:14:07.0377 4832 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 17:14:07.0393 4832 UI0Detect - ok 17:14:07.0408 4832 UIUSys - ok 17:14:07.0455 4832 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 17:14:07.0471 4832 uliagpkx - ok 17:14:07.0533 4832 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 17:14:07.0580 4832 uliahci - ok 17:14:07.0627 4832 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 17:14:07.0658 4832 UlSata - ok 17:14:07.0689 4832 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 17:14:07.0720 4832 ulsata2 - ok 17:14:07.0767 4832 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 17:14:07.0767 4832 umbus - ok 17:14:07.0814 4832 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 17:14:07.0829 4832 upnphost - ok 17:14:07.0954 4832 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 17:14:07.0954 4832 USBAAPL - ok 17:14:08.0063 4832 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 17:14:08.0079 4832 usbaudio - ok 17:14:08.0126 4832 [ A7CD5B4ADEA26765CAB06BDAB7B07B13 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 17:14:08.0126 4832 usbccgp - ok 17:14:08.0204 4832 [ 2825E0E294686A26506690059E1F437A ] USBCCID C:\Windows\system32\DRIVERS\usbccid.sys 17:14:08.0282 4832 USBCCID - ok 17:14:08.0329 4832 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 17:14:08.0329 4832 usbcir - ok 17:14:08.0375 4832 [ 686D4188AE36254C3008B71FEDACADF3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 17:14:08.0391 4832 usbehci - ok 17:14:08.0453 4832 [ 4E42F665A658F08D153F7FFFE7C83806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 17:14:08.0453 4832 usbhub - ok 17:14:08.0485 4832 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 17:14:08.0500 4832 usbohci - ok 17:14:08.0547 4832 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 17:14:08.0563 4832 usbprint - ok 17:14:08.0625 4832 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 17:14:08.0656 4832 usbscan - ok 17:14:08.0719 4832 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:14:08.0719 4832 USBSTOR - ok 17:14:08.0765 4832 [ 40F95A3D6D50D82F947F1D167C2EC39D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 17:14:08.0765 4832 usbuhci - ok 17:14:08.0812 4832 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 17:14:08.0812 4832 usbvideo - ok 17:14:08.0843 4832 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll 17:14:08.0859 4832 UxSms - ok 17:14:08.0906 4832 [ 2C3DBB9B671AB95245DED1EFC5276CE9 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe 17:14:08.0921 4832 VAIO Event Service - ok 17:14:08.0999 4832 [ C1ED0F71D3B9EA8D774FC7C4CBF7EE7F ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe 17:14:09.0031 4832 VAIO Power Management - ok 17:14:09.0140 4832 [ 7773EB681E99217FD92E5E8A5A199AE5 ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 17:14:09.0140 4832 VCFw - ok 17:14:09.0202 4832 [ 2686B87EDC54ED215CE479AC9B7675DE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 17:14:09.0218 4832 VcmIAlzMgr - ok 17:14:09.0265 4832 [ BB5781ED436D3E121F85617C3BBB7AD5 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe 17:14:09.0280 4832 VcmXmlIfHelper - ok 17:14:09.0343 4832 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe 17:14:09.0343 4832 vds - ok 17:14:09.0389 4832 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 17:14:09.0405 4832 vga - ok 17:14:09.0452 4832 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 17:14:09.0452 4832 VgaSave - ok 17:14:09.0467 4832 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 17:14:09.0483 4832 viaagp - ok 17:14:09.0514 4832 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 17:14:09.0545 4832 ViaC7 - ok 17:14:09.0577 4832 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 17:14:09.0592 4832 viaide - ok 17:14:09.0608 4832 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 17:14:09.0623 4832 volmgr - ok 17:14:09.0670 4832 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 17:14:09.0701 4832 volmgrx - ok 17:14:09.0779 4832 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys 17:14:09.0795 4832 volsnap - ok 17:14:09.0842 4832 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 17:14:09.0857 4832 vsmraid - ok 17:14:09.0967 4832 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe 17:14:09.0998 4832 VSS - ok 17:14:10.0247 4832 [ 416F115DC1003BB624D03E019C3D563D ] VUAgent C:\Program Files\sony\VAIO Update\VUAgent.exe 17:14:10.0263 4832 VUAgent - ok 17:14:10.0372 4832 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll 17:14:10.0372 4832 W32Time - ok 17:14:10.0419 4832 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 17:14:10.0497 4832 WacomPen - ok 17:14:10.0544 4832 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 17:14:10.0544 4832 Wanarp - ok 17:14:10.0559 4832 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 17:14:10.0559 4832 Wanarpv6 - ok 17:14:10.0622 4832 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll 17:14:10.0637 4832 wcncsvc - ok 17:14:10.0653 4832 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 17:14:10.0669 4832 WcsPlugInService - ok 17:14:10.0700 4832 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 17:14:10.0715 4832 Wd - ok 17:14:10.0762 4832 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 17:14:10.0809 4832 Wdf01000 - ok 17:14:10.0856 4832 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 17:14:10.0871 4832 WdiServiceHost - ok 17:14:10.0887 4832 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 17:14:10.0887 4832 WdiSystemHost - ok 17:14:11.0199 4832 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll 17:14:11.0199 4832 WebClient - ok 17:14:11.0386 4832 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 17:14:11.0386 4832 Wecsvc - ok 17:14:11.0542 4832 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 17:14:11.0542 4832 wercplsupport - ok 17:14:11.0620 4832 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll 17:14:11.0636 4832 WerSvc - ok 17:14:11.0729 4832 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 17:14:11.0792 4832 WimFltr - ok 17:14:12.0041 4832 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys 17:14:12.0057 4832 winachsf - ok 17:14:12.0509 4832 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 17:14:12.0525 4832 WinDefend - ok 17:14:12.0525 4832 WinHttpAutoProxySvc - ok 17:14:13.0102 4832 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 17:14:13.0102 4832 Winmgmt - ok 17:14:13.0601 4832 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 17:14:13.0633 4832 WinRM - ok 17:14:13.0757 4832 [ F03110711B17AD31271CB2BAF0DBB2B1 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys 17:14:13.0789 4832 WinUSB - ok 17:14:14.0023 4832 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll 17:14:14.0038 4832 Wlansvc - ok 17:14:14.0771 4832 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 17:14:14.0787 4832 wlidsvc - ok 17:14:14.0912 4832 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 17:14:14.0912 4832 WmiAcpi - ok 17:14:15.0099 4832 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 17:14:15.0161 4832 wmiApSrv - ok 17:14:15.0692 4832 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 17:14:15.0707 4832 WMPNetworkSvc - ok 17:14:15.0832 4832 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 17:14:15.0848 4832 WPCSvc - ok 17:14:15.0988 4832 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 17:14:15.0988 4832 WPDBusEnum - ok 17:14:16.0269 4832 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 17:14:16.0348 4832 WpdUsb - ok 17:14:16.0722 4832 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 17:14:16.0738 4832 WPFFontCache_v0400 - ok 17:14:16.0800 4832 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 17:14:16.0832 4832 ws2ifsl - ok 17:14:16.0910 4832 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll 17:14:16.0925 4832 wscsvc - ok 17:14:16.0925 4832 WSearch - ok 17:14:17.0378 4832 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll 17:14:17.0409 4832 wuauserv - ok 17:14:17.0502 4832 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 17:14:17.0502 4832 WUDFRd - ok 17:14:17.0580 4832 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 17:14:17.0580 4832 wudfsvc - ok 17:14:17.0658 4832 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys 17:14:17.0658 4832 XAudio - ok 17:14:17.0768 4832 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe 17:14:17.0768 4832 XAudioService - ok 17:14:17.0970 4832 [ 67E3D2AF24C3873E6A0CAC89DE78D63B ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys 17:14:17.0970 4832 yukonwlh - ok 17:14:18.0017 4832 ================ Scan global =============================== 17:14:18.0111 4832 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 17:14:18.0282 4832 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll 17:14:18.0360 4832 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll 17:14:18.0579 4832 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe 17:14:18.0594 4832 [Global] - ok 17:14:18.0594 4832 ================ Scan MBR ================================== 17:14:18.0657 4832 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 17:14:20.0811 4832 \Device\Harddisk0\DR0 - ok 17:14:20.0826 4832 ================ Scan VBR ================================== 17:14:20.0873 4832 [ 1A3AA288306F95FEB2E7805ED918330D ] \Device\Harddisk0\DR0\Partition1 17:14:20.0873 4832 \Device\Harddisk0\DR0\Partition1 - ok 17:14:20.0904 4832 [ B49B14357609F57B5C894195D663F0BF ] \Device\Harddisk0\DR0\Partition2 17:14:20.0951 4832 \Device\Harddisk0\DR0\Partition2 - ok 17:14:20.0951 4832 ============================================================ 17:14:20.0951 4832 Scan finished 17:14:20.0951 4832 ============================================================ 17:14:20.0967 4756 Detected object count: 0 17:14:20.0967 4756 Actual detected object count: 0 17:20:13.0193 3244 Deinitialize success -
Verkenner blokkeert bij het kopiëren
Scweez reageerde op Scweez's topic in Archief Bestrijding malware & virussen
Sorry voor de late reactie maar het was een heel avontuur om de voorgaande instructies uit te voeren. Deze laptop heeft na iedere muisklik 5 minuten nodig om te reageren. Maar er is al heel wat opgeruimd, hier zijn de logjes: Malwarebytes Anti-Malware 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.01.14.09 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 8.0.6001.19088 Sony :: PC_VAN_SONY [administrator] 14/01/2013 19:40:55 mbam-log-2013-01-14 (19-40-55).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 238266 Verstreken tijd: 22 minuut/minuten, 40 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 9 HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 16 C:\Users\Sony\AppData\Local\Temp\~TM47FA.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\~TM48A6.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\~TM517C.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\~TM6C0.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\~TM7486.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\~TM94B3.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\~TMA511.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\~TMB68.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\~TMC1D5.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\~TMECCA.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\~TMF652.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\Temp1_WAV.MP3.Converter.v3.9.zip\rEdpAtChEr.exe (PUP.Hacktool.Patcher) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\Temp2_WAV.MP3.Converter.v3.9.zip\rEdpAtChEr.exe (PUP.Hacktool.Patcher) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\Temp3_WAV.MP3.Converter.v3.9.zip\rEdpAtChEr.exe (PUP.Hacktool.Patcher) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Local\Temp\Temp4_WAV.MP3.Converter.v3.9.zip\rEdpAtChEr.exe (PUP.Hacktool.Patcher) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Sony\AppData\Roaming\igxpgd32.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:28:16, on 14/01/2013 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.19088) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\sony\Marketing Tools\MarketingTools.exe C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe C:\Program Files\sony\ISB Utility\ISBMgr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\sony\VAIO Media plus\VMpTtray.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\sony\Network Utility\LANUtil.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\Samsung\Kies\KiesAirMessage.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Users\Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\System32\wsqmcons.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sony: Community: Welcome to the Sony Community for Computing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sony: Community: Welcome to the Sony Community for Computing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [startCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe InitApp O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [VMpTtray.exe] C:\Program Files\sony\VAIO Media plus\VMpTtray.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Audio Filter.lnk = C:\Program Files\sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe O4 - User Startup: Dropbox.lnk = Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - User Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\Users\Sony\DOCUME~1\School\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VUAgent - Sony Corporation - C:\Program Files\sony\VAIO Update\VUAgent.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 16723 bytes
