Scweez
-
Items
69 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Scweez
-
-
De gevolgde stappen in jouw link verwijzen mij naar de herstelpunten. Ik vind geen instelling die automatische back-ups uitschakelt.
Ik heb nog geen kopie gemaakt naar een gegevensdrager, misschien een ideetje voor de toekomst. Maar mijn C-schijf heeft een capaciteit van +/- 51 GB. Daarvan zijn 18 GB foto's en documenten. Door wat wordt de rest gebruikt? Het besturingssysteem en de weinige programma's die ik heb zouden dan 30 GB in beslag nemen. Vind ik vreemd. Maar ik zal dan wel foto's overzetten naar een USB-stickje.
Bedankt.
-
Ik heb jouw link gezien, zo heb ik de herstelpunten verwijderd behalve de meest recente.
Op mijn C-schijf staan enkel foto's en documenten van in totaal 19 GB. Ik heb geen muziek of films.
-
Ik zie enkel in het back-upcentrum dat Windows automatisch herstelpunten aanmaakt en opslaat op de C-schijf.
Neemt dit zoveel ruimte in beslag? En hoe kan ik dit verwijderen?Edit:
Ik heb het inmiddels gevonden via Schijfopruiming. Nu heb ik 3 GB vrije ruimte wat nog altijd veel te weinig is.
-
Ik heb CCleaner meermaals laten analyseren en schoonmaken maar nog niet meer schijfruimte, integendeel...
-
Snelheid is in orde. Maar wat kan ik doen aan mijn schijfruimte? Nu heb ik ineens nog maar 1,5 GB over en er is helemaal niets geïnstalleerd. Ik heb een screenshot toegevoegd in bijlage.
-
In bijlage het logbestand van AdwCleaner. Wat ik raar vind is dat ik maar 2 GB schijfruimte over heb op mijn C-schijf terwijl ik maar 18 GB aan foto"s heb en voor de rest geen zware programma's heb geïnstalleerd.
-
-
Hallo
Kan iemand mij helpen met opschonen van deze laptop? Sinds kort laden de internetpagina's heel traag etc.
Ik heb een HJT-logje gemaakt:
Logfile of random's system information tool 1.10 (written by random/random)Run by Mark at 2014-12-26 12:14:03Microsoft® Windows Vista™ Home PremiumSystem drive C: has 623 MB (1%) free of 52 GBTotal RAM: 1790 MB (31% free)Logfile of Trend Micro HijackThis v2.0.4Scan saved at 12:14:07, on 26/12/2014Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16982)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Windows\RtHDVCpl.exeC:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exeC:\Acer\Empowering Technology\eAudio\eAudio.exeC:\Users\Mark\AppData\Local\Temp\RtkBtMnt.exeC:\Program Files\Launch Manager\LManager.exeC:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exeC:\Program Files\Apoint2K\Apoint.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Windows\System32\rundll32.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\IncrediMail\Bin\IncMail.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\Windows\ehome\ehmsas.exeC:\Acer\Empowering Technology\ENET\ENMTRAY.EXEC:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXEC:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXEC:\Program Files\Apoint2K\ApMsgFwd.exeC:\Acer\Empowering Technology\eRecovery\ERAGENT.EXEC:\Program Files\Apoint2K\Apntex.exeC:\Program Files\IncrediMail\Bin\ImApp.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Users\Mark\Downloads\HijackThis.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchFilterHost.exeC:\Users\Mark\Downloads\RSIT.exeC:\Program Files\trend micro\Mark.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/?a=19en4j0IgVNR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllR3 - URLSearchHook: IncrediMail MediaBar Nederlands 2 Toolbar - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dllO1 - Hosts: ::1 localhostO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dllO2 - BHO: IncrediMail MediaBar Nederlands 2 - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dllO3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: IncrediMail MediaBar Nederlands 2 Toolbar - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeO4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmdO4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exeO4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"O4 - HKLM\..\Run: [skytel] Skytel.exeO4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exeO4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exeO4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exeO4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exeO4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /cO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEO4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exeO8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dllO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exeO23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exeO23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exeO23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exeO23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exeO23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exeO23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exeO23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe--End of file - 9547 bytes======Scheduled tasks folder======C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /cC:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95324e44-4b0a-47a9-8f77-9c6415e51c29}]IncrediMail MediaBar Nederlands 2 Toolbar - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll [2014-09-23 423744][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-03 194504][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-10 1001936][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]{95324e44-4b0a-47a9-8f77-9c6415e51c29} - IncrediMail MediaBar Nederlands 2 Toolbar - C:\Users\Mark\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2\prxtbInc2.dll [2014-09-23 423744]{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-03 194504][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-07-27 1006264]"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]"eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-06-11 1286144]"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048]"SetPanel"=C:\Acer\APanel\APanel.cmd []"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-08-15 772616]"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2007-05-24 206952]"Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816]"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]"PLFSetL"=C:\Windows\PLFSetL.exe [2007-07-05 94208]"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-06-06 159744]"eRecoveryService"= []"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe []"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-03 13556256]"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-03 92704][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2012-06-29 1232896]"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2012-07-04 366536]"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-07-21 39408]C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartupEmpowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exeC:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartupOneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list][HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]"vidc.mrle"=msrle32.dll"vidc.msvc"=msvidc32.dll"msacm.imaadpcm"=imaadp32.acm"msacm.msg711"=msg711.acm"msacm.msgsm610"=msgsm32.acm"msacm.msadpcm"=msadp32.acm"midimapper"=midimap.dll"wavemapper"=msacm32.drv"VIDC.UYVY"=msyuv.dll"VIDC.YUY2"=msyuv.dll"VIDC.YVYU"=msyuv.dll"VIDC.IYUV"=iyuv_32.dll"vidc.i420"=iyuv_32.dll"VIDC.YVU9"=tsbyuv.dll"msacm.l3acm"=C:\Windows\System32\l3codeca.acm"vidc.cvid"=iccvid.dll"msacm.mkdmp3enc"=C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM"MSVideo8"=VfWWDM32.dll"wave"=wdmaud.drv"midi"=wdmaud.drv"mixer"=wdmaud.drv"aux"=wdmaud.drv======List of files/folders created in the last 1 month======2014-12-26 12:14:04 ----D---- C:\Program Files\trend micro2014-12-26 12:14:03 ----D---- C:\rsit======List of files/folders modified in the last 1 month======2014-12-26 12:14:06 ----D---- C:\Windows\Prefetch2014-12-26 12:14:04 ----RD---- C:\Program Files2014-12-26 12:13:56 ----D---- C:\Windows\Temp2014-12-26 12:11:06 ----D---- C:\Windows\System322014-12-26 12:11:06 ----A---- C:\Windows\system32\PerfStringBackup.INI2014-12-26 12:11:05 ----D---- C:\Windows\inf2014-12-25 12:15:09 ----SHD---- C:\System Volume Information2014-12-10 19:39:09 ----SHD---- C:\Windows\Installer2014-12-10 19:39:04 ----D---- C:\ProgramData\Microsoft Help2014-12-10 19:22:28 ----D---- C:\Windows\system32\MRT2014-12-10 19:21:42 ----A---- C:\Windows\system32\mrt.exe2014-12-10 19:19:23 ----D---- C:\Windows\system32\catroot22014-12-10 19:11:14 ----A---- C:\Windows\system32\FlashPlayerApp.exe======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 20776]R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16680]R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 60712]R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 13560]R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-05-17 12672]R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-05-17 8192]R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-14 154624]R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-06-18 737280]R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-05-16 32256]R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-05-17 985600]R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-05-17 207360]R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-18 1841312]R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-07-27 6144]R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-07-16 1062304]R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-03 7606688]R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-05-17 12032]R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-07-27 82432]R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-08-02 1749376]R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-05-17 659968]S1 MpKsl078a845b;MpKsl078a845b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{871E2A72-64E6-4878-9405-A533E77D5963}\MpKsl078a845b.sys []S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-04-23 24576]R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 135168]R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248]R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 24576]R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-03 203296]R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-23 266343]R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-14 167936]R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-05-17 386560]S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27 107912]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27 107912]S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-01 194032]S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]-----------------EOF-----------------Alvast bedankt en prettige feesten! -
======List of files/folders created in the last 1 month======
2013-10-16 13:08:33 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-10-14 18:26:33 ----D---- C:\rsit
2013-10-14 18:26:33 ----D---- C:\Program Files\trend micro
2013-10-13 11:15:27 ----SHD---- C:\Config.Msi
2013-10-13 11:11:27 ----A---- C:\Windows\system32\comctl32.dll
2013-10-13 11:11:26 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-13 11:11:20 ----A---- C:\Windows\system32\shell32.dll
2013-10-13 11:11:17 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-10-13 11:11:15 ----A---- C:\Windows\system32\twinui.dll
2013-10-13 11:11:14 ----A---- C:\Windows\SYSWOW64\twinui.dll
2013-10-13 11:11:14 ----A---- C:\Windows\SYSWOW64\msctf.dll
2013-10-13 11:11:14 ----A---- C:\Windows\system32\msctf.dll
2013-10-13 11:11:14 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-13 11:11:02 ----A---- C:\Windows\system32\SettingSync.dll
2013-10-13 11:11:02 ----A---- C:\Windows\system32\authui.dll
2013-10-13 11:11:01 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2013-10-13 11:11:01 ----A---- C:\Windows\SYSWOW64\mbsmsapi.dll
2013-10-13 11:11:01 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-10-13 11:11:01 ----A---- C:\Windows\system32\shdocvw.dll
2013-10-13 11:11:01 ----A---- C:\Windows\system32\mbsmsapi.dll
2013-10-13 11:11:00 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-10-13 11:11:00 ----A---- C:\Windows\system32\SettingSyncInfo.dll
2013-10-13 11:10:52 ----A---- C:\Windows\SYSWOW64\wvc.dll
2013-10-13 11:10:52 ----A---- C:\Windows\SYSWOW64\wdc.dll
2013-10-13 11:10:52 ----A---- C:\Windows\system32\wvc.dll
2013-10-13 11:10:52 ----A---- C:\Windows\system32\wdc.dll
2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-13 11:10:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-13 11:10:49 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-13 11:10:48 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-13 11:10:48 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-13 11:10:48 ----A---- C:\Windows\system32\UXInit.dll
2013-10-13 11:10:48 ----A---- C:\Windows\system32\urlmon.dll
2013-10-13 11:10:47 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-13 11:10:47 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-13 11:10:47 ----A---- C:\Windows\system32\iesetup.dll
2013-10-13 11:10:47 ----A---- C:\Windows\system32\iernonce.dll
2013-10-13 11:10:47 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-13 11:10:46 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-13 11:10:45 ----A---- C:\Windows\system32\uxtheme.dll
2013-10-13 11:10:45 ----A---- C:\Windows\system32\jscript.dll
2013-10-13 11:10:45 ----A---- C:\Windows\system32\ieframe.dll
2013-10-13 11:10:44 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-13 11:10:43 ----A---- C:\Windows\system32\wininet.dll
2013-10-13 11:10:43 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-13 11:10:40 ----A---- C:\Windows\system32\mshtml.dll
2013-10-13 11:10:33 ----A---- C:\Windows\system32\jscript9.dll
2013-10-13 11:10:31 ----A---- C:\Windows\system32\iertutil.dll
2013-10-13 11:10:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-13 11:10:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-13 11:10:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-13 11:10:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-13 11:10:01 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-10-13 11:10:01 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-13 11:10:00 ----A---- C:\Windows\system32\drivers\usbprint.sys
2013-10-13 11:10:00 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-13 11:10:00 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-13 11:09:52 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-13 11:09:52 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-13 11:09:52 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2013-10-13 11:09:50 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-13 11:09:50 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-13 11:09:50 ----A---- C:\Windows\system32\atmlib.dll
2013-10-13 11:09:50 ----A---- C:\Windows\system32\atmfd.dll
2013-10-13 11:09:49 ----A---- C:\Windows\system32\win32k.sys
2013-10-13 11:09:45 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-13 11:09:45 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-13 11:09:44 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-13 11:09:40 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 11:09:40 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 11:09:35 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2013-10-13 11:09:35 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2013-10-13 11:09:35 ----A---- C:\Windows\system32\drivers\UCX01000.SYS
2013-10-10 21:49:14 ----A---- C:\Windows\system32\bootdelete.exe
2013-10-10 21:04:04 ----D---- C:\ProgramData\HitmanPro
2013-10-10 21:03:23 ----D---- C:\Users\Kenny\AppData\Roaming\Malwarebytes
2013-10-10 21:03:06 ----D---- C:\ProgramData\Malwarebytes
2013-10-10 21:03:04 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-10-10 21:03:03 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-20 19:19:07 ----D---- C:\Program Files (x86)\GoldWave
2013-09-18 10:53:57 ----A---- C:\Windows\system32\tssdisai.dll
======List of files/folders modified in the last 1 month======
2013-10-16 15:11:22 ----D---- C:\Windows\Temp
2013-10-16 15:00:35 ----D---- C:\ProgramData\MOCP
2013-10-16 15:00:00 ----D---- C:\Windows\system32\sru
2013-10-16 14:35:47 ----D---- C:\Windows\system32\config
2013-10-16 14:33:44 ----D---- C:\Windows\Microsoft.NET
2013-10-16 14:25:03 ----D---- C:\Windows\Prefetch
2013-10-16 13:55:51 ----D---- C:\Windows\AUInstallAgent
2013-10-16 13:55:40 ----HD---- C:\Program Files\WindowsApps
2013-10-16 13:14:05 ----D---- C:\Windows\System32
2013-10-16 13:14:05 ----D---- C:\Windows\Inf
2013-10-16 13:14:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-16 13:11:44 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-15 19:27:08 ----RD---- C:\Windows\assembly
2013-10-15 19:22:09 ----D---- C:\Windows\system32\MRT
2013-10-15 19:18:21 ----A---- C:\Windows\system32\MRT.exe
2013-10-15 19:18:15 ----D---- C:\Windows\CbsTemp
2013-10-15 19:18:07 ----D---- C:\Windows\apppatch
2013-10-15 19:18:00 ----D---- C:\Windows\WinSxS
2013-10-14 18:26:33 ----RD---- C:\Program Files
2013-10-14 18:25:36 ----D---- C:\Program Files (x86)\AutocompletePro
2013-10-14 18:25:36 ----D---- C:\Program Files (x86)\Ask.com
2013-10-14 18:08:19 ----D---- C:\Windows\SysWOW64
2013-10-14 18:06:19 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-14 18:06:10 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-13 15:29:08 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-13 15:29:05 ----D---- C:\Program Files\Internet Explorer
2013-10-13 15:29:02 ----D---- C:\Windows\system32\Drivers
2013-10-13 15:28:52 ----RD---- C:\Windows\ToastData
2013-10-13 15:28:46 ----D---- C:\Windows\system32\DriverStore
2013-10-13 15:26:50 ----D---- C:\Users\Kenny\AppData\Roaming\uTorrent
2013-10-13 14:20:38 ----D---- C:\Users\Kenny\AppData\Roaming\vlc
2013-10-13 12:37:17 ----SHD---- C:\System Volume Information
2013-10-13 12:03:29 ----D---- C:\Windows\system32\catroot2
2013-10-13 11:21:11 ----SHD---- C:\Windows\Installer
2013-10-13 11:21:10 ----D---- C:\ProgramData\Microsoft Help
2013-10-10 22:57:54 ----D---- C:\Windows
2013-10-10 22:57:53 ----D---- C:\Windows\Tasks
2013-10-10 22:57:48 ----D---- C:\Windows\system32\Tasks
2013-10-10 22:57:44 ----D---- C:\Windows\system32\CodeIntegrity
2013-10-10 22:51:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-10 22:51:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-10 22:43:21 ----D---- C:\Windows\system32\wbem
2013-10-10 22:43:21 ----D---- C:\Windows\registration
2013-10-10 22:43:02 ----D---- C:\Users\Kenny\AppData\Roaming\Adobe
2013-10-10 22:41:45 ----D---- C:\ProgramData\Adobe
2013-10-10 22:41:07 ----RHD---- C:\MSOCache
2013-10-10 22:41:07 ----D---- C:\Program Files (x86)\Common Files
2013-10-10 22:41:07 ----D---- C:\Program Files (x86)\Adobe
2013-10-10 21:04:04 ----HD---- C:\ProgramData
2013-10-10 21:03:03 ----RD---- C:\Program Files (x86)
2013-10-10 21:00:26 ----D---- C:\Windows\Logs
2013-10-09 15:10:57 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-10-02 03:38:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-26 16:24:35 ----D---- C:\Program Files (x86)\McAfee
2013-09-26 08:43:27 ----D---- C:\Program Files\Common Files\mcafee
2013-09-19 16:39:25 ----D---- C:\Update
2013-09-18 16:22:48 ----D---- C:\ProgramData\Sony Corporation
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\Windows\System32\drivers\ACPI.sys [2012-09-20 425192]
R0 acpiex;Microsoft ACPIEx Driver; C:\Windows\System32\Drivers\acpiex.sys [2012-07-26 77040]
R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\Windows\System32\drivers\CLFS.sys [2012-07-26 361200]
R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2012-10-11 562392]
R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\Windows\System32\drivers\disk.sys [2012-07-26 102640]
R0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\Windows\System32\drivers\EhStorClass.sys [2012-07-26 81136]
R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\Windows\System32\drivers\fileinfo.sys [2012-07-26 71920]
R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\Windows\system32\drivers\fltmgr.sys [2012-07-26 374512]
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2012-09-20 465128]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-23 645952]
R0 KSecDD;KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [2012-09-20 100072]
R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2012-10-11 172264]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-08-08 776168]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-08-08 343568]
R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\Windows\System32\drivers\mountmgr.sys [2012-07-26 93936]
R0 msisadrv;msisadrv; C:\Windows\System32\drivers\msisadrv.sys [2012-07-26 17136]
R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\Windows\System32\Drivers\mup.sys [2012-07-26 83696]
R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\Windows\system32\drivers\ndis.sys [2013-06-17 997632]
R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\Windows\System32\drivers\partmgr.sys [2013-01-10 91880]
R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\Windows\System32\drivers\pci.sys [2012-07-26 234224]
R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2012-07-26 52464]
R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\Windows\system32\drivers\pdc.sys [2013-03-02 69864]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-07-26 217328]
R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\Windows\System32\drivers\spaceport.sys [2013-05-04 284416]
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\Windows\System32\drivers\tcpip.sys [2013-08-01 2233688]
R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\Windows\System32\drivers\vdrvroot.sys [2012-07-26 36080]
R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\Windows\System32\drivers\volmgr.sys [2012-07-26 83184]
R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\Windows\System32\drivers\volmgrx.sys [2012-07-26 378608]
R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\Windows\System32\drivers\volsnap.sys [2013-06-01 327936]
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\Windows\system32\drivers\afd.sys [2012-11-06 560640]
R1 BasicDisplay;BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [2012-07-26 48640]
R1 BasicRender;BasicRender; C:\Windows\System32\drivers\BasicRender.sys [2012-07-26 29696]
R1 Beep;Beep; C:\Windows\system32\drivers\Beep.sys [2012-07-26 7680]
R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\Windows\System32\drivers\cdrom.sys [2012-07-26 174080]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\Windows\System32\Drivers\dfsc.sys [2012-07-26 118784]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2012-07-26 50688]
R1 dtsoftbus01;@oem29.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2013-07-01 283200]
R1 Msfs;Msfs; C:\Windows\system32\drivers\Msfs.sys [2012-07-26 26112]
R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\Windows\System32\drivers\mssmbios.sys [2012-07-26 37616]
R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\Windows\system32\DRIVERS\netbios.sys [2012-07-26 46080]
R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\Windows\System32\DRIVERS\netbt.sys [2012-07-26 331776]
R1 Npfs;Npfs; C:\Windows\system32\drivers\Npfs.sys [2012-07-26 49152]
R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\Windows\System32\drivers\npsvctrig.sys [2012-07-26 23552]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2012-07-26 34304]
R1 Null;Null; C:\Windows\system32\drivers\Null.sys [2012-07-26 5632]
R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\Windows\system32\DRIVERS\pacer.sys [2012-07-26 145408]
R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\Windows\system32\DRIVERS\rdbss.sys [2013-05-04 427520]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2012-07-26 117248]
R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\Windows\system32\DRIVERS\lltdio.sys [2012-07-26 60416]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2012-07-26 134144]
R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\Windows\system32\DRIVERS\nwifi.sys [2012-07-26 427520]
R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\Windows\system32\drivers\Ndu.sys [2012-07-26 97792]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2013-04-09 805376]
R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\Windows\system32\DRIVERS\rspndr.sys [2012-07-26 78848]
R2 secdrv;Security Driver; C:\Windows\system32\drivers\secdrv.sys [2012-07-26 23040]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2012-07-26 45056]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-08-20 10280960]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-08-20 368640]
R3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\Windows\system32\DRIVERS\asyncmac.sys [2012-07-26 26624]
R3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-08-13 88728]
R3 athr;@oem24.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-08-20 3618304]
R3 AtiHDAudioService;@oem18.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW86.sys [2012-08-20 98472]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2012-07-26 101888]
R3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-08-13 344216]
R3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-08-13 114840]
R3 BTATH_BUS;@oem7.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2012-08-13 33944]
R3 BTATH_HCRP;@oem13.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2012-08-13 178840]
R3 BTATH_LWFLT;@oem14.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-08-13 76952]
R3 BTATH_RCP;@oem16.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2012-08-13 135832]
R3 BTATH_VDP;@oem17.inf,%BTATH_VDP.SvcDesc%;Bluetooth VDP Driver; C:\Windows\system32\drivers\btath_vdp.sys [2012-08-13 427416]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-08-13 567808]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\Windows\System32\drivers\CmBatt.sys [2012-07-26 25600]
R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\Windows\System32\drivers\CompositeBus.sys [2012-07-26 36352]
R3 condrv;Console Driver; C:\Windows\System32\drivers\condrv.sys [2012-07-26 33792]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2013-04-16 1455368]
R3 fastfat;FAT12/16/32 File System Driver; C:\Windows\system32\drivers\fastfat.sys [2012-07-26 210672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\System32\drivers\HDAudBus.sys [2012-09-20 71168]
R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\Windows\System32\drivers\hidusb.sys [2013-05-04 27648]
R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\Windows\system32\drivers\HTTP.sys [2013-03-15 861184]
R3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver; C:\Windows\System32\drivers\i8042prt.sys [2012-07-26 112640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-08-20 4102928]
R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\Windows\System32\drivers\intelppm.sys [2012-11-06 89088]
R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\Windows\System32\drivers\kbdclass.sys [2012-07-26 48368]
R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\Windows\system32\DRIVERS\kdnic.sys [2012-07-26 18432]
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [2012-07-26 21376]
R3 MEIx64;@oem19.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-08-08 179664]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-08-08 310224]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-08-08 519064]
R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver-service; C:\Windows\System32\drivers\monitor.sys [2013-03-01 30720]
R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\Windows\System32\drivers\mouclass.sys [2012-07-26 45808]
R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\Windows\System32\drivers\mouhid.sys [2013-03-02 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2012-10-11 74752]
R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\Windows\system32\DRIVERS\mrxsmb.sys [2013-02-06 370688]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 279552]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2013-02-06 215552]
R3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2012-07-26 8704]
R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\Windows\system32\DRIVERS\ndistapi.sys [2012-09-20 25088]
R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\Windows\system32\DRIVERS\ndisuio.sys [2012-07-26 58880]
R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
R3 NDProxy;NDIS Proxy; C:\Windows\system32\drivers\NDProxy.sys [2013-04-09 60416]
R3 Ntfs;Ntfs; C:\Windows\system32\drivers\Ntfs.sys [2013-02-02 1933544]
R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\Windows\system32\DRIVERS\raspptp.sys [2012-07-26 114176]
R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 68608]
R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\Windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 124928]
R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\Windows\system32\DRIVERS\raspppoe.sys [2012-07-26 81920]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2012-07-26 92672]
R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\Windows\System32\drivers\rdpbus.sys [2012-07-26 22528]
R3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\Windows\System32\drivers\rdpdr.sys [2012-07-26 179712]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-12 27880]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-07-30 683664]
R3 SensorsSimulatorDriver;@oem35.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
R3 SFEP;@oem4.inf,%SvcDesc%;Sony Firmware Extension Parser; C:\Windows\System32\drivers\SFEP.sys [2012-07-11 14336]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-21 43832]
R3 SOWS;@oem5.inf,%SOWS%;Sony Wireless State Device; C:\Windows\System32\drivers\sows.sys [2012-06-11 24280]
R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\Windows\System32\DRIVERS\srv.sys [2012-07-26 416768]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2013-04-09 623104]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2013-04-09 247808]
R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\Windows\System32\drivers\swenum.sys [2012-07-26 13680]
R3 SynTP;@oem22.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-08-21 447800]
R3 TPM;@tpm.inf,%TPM%;TPM; C:\Windows\system32\drivers\tpm.sys [2013-03-02 148712]
R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Stuurprogramma voor Microsoft IPv6 Tunnel-minipoortadapter; C:\Windows\system32\DRIVERS\tunnel.sys [2012-07-26 149504]
R3 UCX01000;USB Controller Extension; C:\Windows\System32\drivers\ucx01000.sys [2013-07-02 213336]
R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\Windows\System32\drivers\umbus.sys [2012-07-26 48128]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-06 121984]
R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\Windows\System32\drivers\usbccgp.sys [2013-06-29 120832]
R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\System32\drivers\usbehci.sys [2013-07-01 79192]
R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Stuurprogramma voor Microsoft USB Standaard-hub; C:\Windows\System32\drivers\usbhub.sys [2013-07-01 623448]
R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\Windows\System32\drivers\UsbHub3.sys [2013-07-02 447320]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-06 210560]
R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\Windows\System32\drivers\USBXHCI.SYS [2013-07-02 337752]
R4 cdfs;CD/DVD File System Reader; C:\Windows\system32\DRIVERS\cdfs.sys [2012-07-26 108544]
S0 3ware;3ware; C:\Windows\System32\drivers\3ware.sys [2012-07-26 106736]
S0 adp94xx;adp94xx; C:\Windows\System32\drivers\adp94xx.sys [2012-07-26 492272]
S0 adpahci;adpahci; C:\Windows\System32\drivers\adpahci.sys [2012-07-26 340720]
S0 adpu320;adpu320; C:\Windows\System32\drivers\adpu320.sys [2012-07-26 184048]
S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\Windows\System32\drivers\agp440.sys [2012-07-26 63216]
S0 amdsata;amdsata; C:\Windows\System32\drivers\amdsata.sys [2012-07-26 76016]
S0 amdsbs;amdsbs; C:\Windows\System32\drivers\amdsbs.sys [2012-07-26 258288]
S0 amdxata;amdxata; C:\Windows\System32\drivers\amdxata.sys [2012-07-26 26352]
S0 arc;arc; C:\Windows\System32\drivers\arc.sys [2012-07-26 104688]
S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\Windows\System32\drivers\arcsas.sys [2012-07-26 108272]
S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\Windows\System32\drivers\atapi.sys [2012-07-26 25840]
S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\Windows\System32\drivers\bxvbda.sys [2012-09-20 533224]
S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\System32\drivers\evbda.sys [2012-09-20 3265256]
S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\Windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 113904]
S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\System32\drivers\gagp30kx.sys [2012-07-26 66800]
S0 HpSAMD;HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [2012-07-26 64752]
S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2012-07-26 24816]
S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\Windows\System32\drivers\iaStorV.sys [2012-07-26 411888]
S0 iirsp;iirsp; C:\Windows\System32\drivers\iirsp.sys [2012-07-26 45296]
S0 intelide;intelide; C:\Windows\System32\drivers\intelide.sys [2012-07-26 18672]
S0 isapnp;isapnp; C:\Windows\System32\drivers\isapnp.sys [2012-07-26 22256]
S0 LSI_SAS;LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [2012-07-26 108784]
S0 LSI_SAS2;LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [2012-07-26 92400]
S0 LSI_SCSI;LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [2012-07-26 116976]
S0 LSI_SSS;LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [2012-07-26 81136]
S0 megasas;megasas; C:\Windows\System32\drivers\megasas.sys [2012-07-26 51952]
S0 MegaSR;MegaSR; C:\Windows\System32\drivers\MegaSR.sys [2012-07-26 353008]
S0 mvumis;mvumis; C:\Windows\System32\drivers\mvumis.sys [2012-07-26 64240]
S0 nfrd960;nfrd960; C:\Windows\System32\drivers\nfrd960.sys [2012-07-26 52464]
S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\Windows\System32\drivers\nv_agp.sys [2012-07-26 125168]
S0 nvraid;nvraid; C:\Windows\System32\drivers\nvraid.sys [2012-07-26 150256]
S0 nvstor;nvstor; C:\Windows\System32\drivers\nvstor.sys [2012-07-26 168176]
S0 pciide;pciide; C:\Windows\System32\drivers\pciide.sys [2012-07-26 14064]
S0 pcmcia;pcmcia; C:\Windows\System32\drivers\pcmcia.sys [2012-07-26 237808]
S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\Windows\System32\drivers\sbp2port.sys [2012-07-26 107760]
S0 SiSRaid2;SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [2012-07-26 44784]
S0 SiSRaid4;SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [2012-07-26 81648]
S0 stexstor;stexstor; C:\Windows\System32\drivers\stexstor.sys [2012-07-26 30960]
S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\Windows\System32\drivers\storahci.sys [2013-03-02 77544]
S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 45160]
S0 storvsc;storvsc; C:\Windows\System32\drivers\storvsc.sys [2012-07-26 37992]
S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\Windows\System32\drivers\uagp35.sys [2012-07-26 65776]
S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\Windows\System32\drivers\uliagpkx.sys [2012-07-26 66800]
S0 viaide;viaide; C:\Windows\System32\drivers\viaide.sys [2012-07-26 19184]
S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\System32\drivers\vmbus.sys [2012-07-26 137832]
S0 vsmraid;vsmraid; C:\Windows\System32\drivers\vsmraid.sys [2012-07-26 164080]
S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\Windows\System32\drivers\vstxraid.sys [2012-07-26 322800]
S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\Windows\system32\drivers\dam.sys [2013-08-16 58200]
S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\Windows\System32\drivers\1394ohci.sys [2012-07-26 226304]
S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\Windows\System32\drivers\acpipagr.sys [2012-07-26 10240]
S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\Windows\System32\drivers\acpipmi.sys [2012-07-26 12288]
S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\Windows\System32\drivers\acpitime.sys [2012-07-26 10752]
S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\Windows\System32\drivers\amdk8.sys [2012-11-06 90624]
S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\Windows\System32\drivers\amdppm.sys [2012-11-06 88064]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2012-07-26 79360]
S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632]
S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [2012-07-26 51200]
S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [2012-11-27 29952]
S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\Windows\System32\drivers\bthmodem.sys [2012-07-26 65536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\Windows\System32\drivers\circlass.sys [2012-07-26 45056]
S3 dg_ssudbus;@oem32.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 dmvsc;dmvsc; C:\Windows\System32\drivers\dmvsc.sys [2012-07-26 33280]
S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2012-10-11 5632]
S3 e1yexpress;@net1yx64.inf,%E1YExpress.Service.DispName%;Intel® Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2012-06-02 283136]
S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\Windows\System32\drivers\errdev.sys [2012-07-26 10240]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2012-07-26 194560]
S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\Windows\System32\drivers\fdc.sys [2012-07-26 30720]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2012-07-26 34816]
S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\Windows\System32\drivers\flpydisk.sys [2012-07-26 24576]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2012-07-26 57584]
S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\Windows\System32\drivers\fxppm.sys [2012-11-06 22528]
S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\Windows\System32\drivers\vmgencounter.sys [2012-07-26 12288]
S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\Windows\System32\Drivers\msgpioclx.sys [2013-07-09 120144]
S3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2013-06-26 341504]
S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\Windows\System32\drivers\HidBatt.sys [2012-07-26 27136]
S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\Windows\System32\drivers\hidbth.sys [2013-04-09 95744]
S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\Windows\System32\drivers\hidi2c.sys [2012-11-20 39936]
S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\Windows\System32\drivers\hidir.sys [2012-07-26 46080]
S3 hyperkbd;hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [2012-07-26 11776]
S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 24576]
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\Windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 89088]
S3 IPMIDRV;IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [2012-07-26 78336]
S3 IPNAT;IP Network Address Translator; C:\Windows\System32\drivers\ipnat.sys [2012-07-26 145920]
S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\Windows\system32\drivers\irenum.sys [2012-07-26 17920]
S3 iscFlash;iscFlash; \??\C:\ProgramData\Sony Corporation\Sony Packaging Manager\PackagingTemp\{39035736-5CDA-4D8E-B4CD-B41423B2C0A4}\iscflashx64.sys []
S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\Windows\System32\drivers\msiscsi.sys [2012-11-06 277736]
S3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\Windows\System32\drivers\kbdhid.sys [2012-07-26 29184]
S3 Modem;Modem; C:\Windows\system32\drivers\modem.sys [2012-07-26 40448]
S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\Windows\system32\drivers\mrxdav.sys [2012-07-26 141312]
S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2012-07-26 129536]
S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\Windows\System32\drivers\msgpiowin32.sys [2013-01-10 28904]
S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\Windows\System32\drivers\mshidumdf.sys [2012-07-26 10752]
S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2012-07-26 11008]
S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\Windows\system32\DRIVERS\mslldp.sys [2012-07-26 68608]
S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2012-07-26 7168]
S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2012-07-26 6912]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2012-07-26 390896]
S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2012-07-26 8192]
S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\Windows\System32\drivers\MTConfig.sys [2012-07-26 14848]
S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\Windows\system32\DRIVERS\ndiscap.sys [2012-07-26 46592]
S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 126464]
S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-06-28 13546344]
S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\Windows\System32\drivers\parport.sys [2012-07-26 105984]
S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\Windows\System32\drivers\processr.sys [2012-11-06 87552]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2012-07-26 46592]
S3 RasAcd;Remote Access Auto Connection Driver; C:\Windows\System32\DRIVERS\rasacd.sys [2012-07-26 16384]
S3 RDPWD;RDP Winstation Driver; C:\Windows\system32\drivers\RDPWD.sys [2012-07-26 208384]
S3 RSPCIESTOR;@oem20.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2012-08-07 339600]
S3 s3cap;s3cap; C:\Windows\System32\drivers\vms3cap.sys [2012-07-26 7168]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2012-07-26 36864]
S3 sdbus;sdbus; C:\Windows\System32\drivers\sdbus.sys [2013-06-29 195416]
S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\Windows\System32\drivers\sdstor.sys [2012-10-11 56552]
S3 SerCx;Serial UART Support Library; C:\Windows\system32\drivers\SerCx.sys [2012-07-26 62976]
S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\Windows\System32\drivers\serenum.sys [2012-07-26 23040]
S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\Windows\System32\drivers\serial.sys [2012-07-26 76800]
S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\Windows\System32\drivers\sermouse.sys [2012-07-26 27136]
S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\Windows\System32\drivers\sfloppy.sys [2012-07-26 16896]
S3 SpbCx;Simple Peripheral Bus Support Library; C:\Windows\system32\drivers\SpbCx.sys [2012-07-26 59392]
S3 ssudmdm;@oem34.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]
S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2013-08-01 2233688]
S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\Windows\System32\drivers\terminpt.sys [2012-07-26 36592]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-07-26 57344]
S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\Windows\System32\drivers\TsUsbGD.sys [2012-07-26 30208]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2013-01-15 21200]
S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\Windows\System32\drivers\uaspstor.sys [2012-07-26 97008]
S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass-stuurprogramma; C:\Windows\System32\drivers\umpass.sys [2012-07-26 11776]
S3 USBAAPL64;@oem27.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\Windows\System32\drivers\usbcir.sys [2013-07-06 99328]
S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\System32\drivers\usbohci.sys [2012-11-20 27136]
S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\Windows\System32\drivers\usbprint.sys [2013-07-02 25600]
S3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;Stuurprogramma voor USB-massaopslag; C:\Windows\System32\drivers\USBSTOR.SYS [2013-06-06 119040]
S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\System32\drivers\usbuhci.sys [2013-06-29 32256]
S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\Windows\system32\drivers\VerifierExt.sys [2012-07-26 106224]
S3 vhdmp;vhdmp; C:\Windows\System32\drivers\vhdmp.sys [2013-03-02 495336]
S3 VMBusHID;VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [2012-07-26 22144]
S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\Windows\System32\drivers\vpci.sys [2012-07-26 67824]
S3 VSPerfDrv110;Performance Tools Driver 11.0; \??\C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [2012-07-13 70264]
S4 udfs;udfs; C:\Windows\system32\DRIVERS\udfs.sys [2013-06-26 321536]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-08-20 239616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-13 211584]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 DcomLaunch;@combase.dll,-5012; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-08-07 2445968]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 McSchedulerSvc;McAfee PC Task Scheduler Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-08 219272]
R2 mfeicfcoreocp;McAfee Content Filter; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2013-08-08 2776256]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-08-08 182752]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-07-27 474208]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 RpcSs;@combase.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-08-06 156672]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe [2012-09-20 35840]
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe [2012-07-26 769024]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624]
R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-08-18 68776]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-15 641352]
R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2012-09-20 35840]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2012-10-12 54760]
R3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2013-06-01 680960]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [2013-08-01 1368624]
S2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S2 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2013-08-16 4917760]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe [2012-07-26 94208]
S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2012-07-26 10752]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2012-09-20 35840]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2012-07-26 669696]
S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-08-03 43616]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2012-09-20 35840]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe [2012-07-26 144384]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec.exe [2012-07-26 124416]
S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe [2012-09-20 35840]
S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 NetworkSupport;NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2012-08-18 623784]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2012-07-26 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe [2012-07-26 9728]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2012-07-26 14848]
S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-08-08 123616]
S3 SOHDms;VAIO Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-08-08 460512]
S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-08-08 78048]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2013-05-16 98304]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2012-07-26 40960]
S3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-07-19 476328]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-08-08 972000]
S3 Visual Studio Analyzer RPC bridge;Visual Studio Analyzer RPC bridge; C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [1998-06-06 34036]
S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\Windows\system32\vssvc.exe [2013-05-04 1483776]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696]
S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S4 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
-----------------EOF-----------------
-
Reageren lukt niet meer... de pagina blijft laden als ik een groot stuk tekst plak.
- - - Updated - - -
Logfile of random's system information tool 1.09 (written by random/random)
Run by Kenny at 2013-10-16 15:02:26
Microsoft Windows 8
System drive C: has 326 GB (48%) free of 677 GB
Total RAM: 6091 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:02:27, on 16/10/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Kenny.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\Portable\DAEMON Tools Pro Advanced v5.2.0.0348\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: McAfee Parental Controls.lnk = C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Content Filter (mfeicfcoreocp) - McAfee, Inc. - C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Unknown owner - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 13907 bytes
- - - Updated - - -
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-35c1aaba-ad33-489e-9b7e-dfbc7cbe8d37 -SystemEventPortName:HostProcess-c4626861-25dd-4136-a4f7-00852f45c7fe -IoCancelEventPortName:HostProcess-90a68f19-67e9-42e3-849f-f675d12cf9e3 -NonStateChangingEventPortName:HostProcess-bf635065-7057-40cc-80a0-1a25f610c110 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:81df414f-ecd8-4178-b6db-5fc00657d53c -DeviceGroupId:WudfDefaultDevicePool
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
dashost.exe {412a9321-4426-4bec-a8ca20dc827e044f}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
"C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe"
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe"
"C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
"C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe" /platui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=10000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1" "/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "&" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\%C3 & Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Sony\VAIO Update\VUAgent.exe"
C:\Windows\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files\Windows Defender\MsMpEng.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\Sony\VAIO Improvement\vim.exe" -System
"C:\Program Files\Sony\VAIO Improvement\vim.exe" -User
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
"C:\Windows\system32\wwahost.exe" -ServerName:SonyCorporation.VAIOMessageCenter.wwa
C:\Windows\System32\vds.exe
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:267521 /prefetch:2
"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:3806563 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7996 CREDAT:1316304 /prefetch:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1957883420-1083450386-1349748412-100130_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1957883420-1083450386-1349748412-100130 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 588 592 600 65536 596
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Kenny\Desktop\RSITx64.exe"
- - - Updated - - -
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default
prefs.js - "browser.startup.homepage" - "http://www.google.be/"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
yahoo.xml
C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default\extensions\
- - - Updated - - -
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-04 545264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-13 64640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-04 193520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-04 453104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{876d9f09-c6d6-4324-a2cc-04dd9a4de12f}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26 74888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-04 157680]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-20 1214608]
"BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-13 764032]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-13 127616]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\Portable\DAEMON Tools Pro Advanced v5.2.0.0348\DTAgent.exe -autorun []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2012-08-18 68776]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2012-07-27 724576]
"Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 38112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-06-25 152896]
"mcpltui_exe"=C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [2013-08-17 644656]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-15 152392]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup []
"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Parental Controls.lnk - C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=1
"NoActiveDesktop"=1
- - - Updated - - -
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
- - - Updated - - -
Telkens als ik op 'snel reageren' klik, komt er een melding 'Bent u zeker dat u deze pagina wilt verlaten?'
- - - Updated - - -
Telkens als ik op 'snel reageren' klik, komt er een melding 'Bent u zeker dat u deze pagina wilt verlaten?'
-
En tenslotte het logbestandje van HitmanPro
HitmanPro 3.7.7.205 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : KENNY Windows . . . . . . . : 6.2.0.9200.X64/4 User name . . . . . . : KENNY\Kenny UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (30 days left) Scan date . . . . . . : 2013-10-10 21:25:13 Scan mode . . . . . . : Normal Scan duration . . . . : 20m 18s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 290 Traces . . . . . . . : 759 Objects scanned . . . : 2 387 668 Files scanned . . . . : 91 536 Remnants scanned . . : 779 323 files / 1 516 809 keys Malware _____________________________________________________________________ C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G671ZG9B\UPnP[1].exe -> Deleted Size . . . . . . . : 75 264 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:53:09) Entropy . . . . . : 7.7 SHA-256 . . . . . : 23B62F46B7A4846FC16AD44D882D3724265AB100673FE67AA0000015F177AE69 Product . . . . . : WorkerFlower Description . . . : WorkerFlower Version . . . . . : 1.0.0.0 Copyright . . . . : Copyright © 2013 Source URL . . . . : hxxp://dl.dropbox.com/u/113991488/UPnP.exe > G Data . . . . . . : Trojan.Generic.KDZ.11447 > Ikarus . . . . . . : Trojan.SuspectCRC!IK > Kaspersky . . . . : HEUR:Trojan.Win32.Generic Fuzzy . . . . . . : 109.0 C:\Users\Kenny\AppData\Local\Temp\fzwkf-48.dll -> Deleted Size . . . . . . . : 7 168 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:31:22) Entropy . . . . . : 4.4 SHA-256 . . . . . : 08814FC6A3E3EACA020DF7478FD7031D5C730321244760C829D863C061F70DD8 Description . . . : Version . . . . . : 0.0.0.0 Copyright . . . . : > G Data . . . . . . : Gen:Variant.Kazy.156409 > Ikarus . . . . . . : Win32.SuspectCrc!IK Fuzzy . . . . . . : 106.0 C:\Users\Kenny\AppData\Local\Temp\hi8ylix1.dll -> Deleted Size . . . . . . . : 7 168 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:31:22) Entropy . . . . . : 4.4 SHA-256 . . . . . : D18ED29A473EEB40D4453BAC2FDF0C2D7B735FB75F65175AB30D71CD4172548D Description . . . : Version . . . . . : 0.0.0.0 Copyright . . . . : > G Data . . . . . . : Gen:Variant.Kazy.156409 > Ikarus . . . . . . : Win32.SuspectCrc!IK Fuzzy . . . . . . : 106.0 C:\Users\Kenny\AppData\Local\Temp\jar_cache6254978253509695947.tmp -> Quarantined Size . . . . . . . : 19 134 bytes Age . . . . . . . : 0.1 days (2013-10-10 19:31:56) Entropy . . . . . : 7.9 SHA-256 . . . . . : 5E814E032FF7890B4AF4BF2CBC14D297715C59DC77BAE69F9C65F584F76C2047 > Kaspersky . . . . : HEUR:Exploit.Java.CVE-2012-1723.gen Fuzzy . . . . . . : 102.0 Forensic Cluster -79.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -79.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -79.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1696-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1699-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1697-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1698-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1693-293x150[1].jpg -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Exclusive-293x150[1].png -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\DHM-Pack-210-293x150[1].png -79.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1462-293x150[1].jpg -78.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1690-293x150[1].jpg -78.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -78.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -77.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\box[1].htm -77.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -77.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -77.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\scroll[1].png -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\relay[2].swf -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\unsure[1].gif -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\wink[1].gif -76.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\smile[1].gif -76.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\trackingPixel[1].gif -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\likebox[1].htm -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bmw_4j_468x60b_nl[1].swf -76.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ddc[1].htm -76.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1076615_584660756_1376328851_q[1].jpg -76.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1082988_100002033288453_1211801668_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1118134_100002508052499_1514861849_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1117978_100000706820412_247958862_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\273736_100003301036925_592490609_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1119082_100004100688077_1189558660_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -76.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1117351_100001086747136_213797438_q[1].jpg -76.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1082989_1406569077_401231436_q[1].jpg -76.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1694-293x150[1].jpg -76.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\OUUEEY9P.txt -76.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\iframe3[1].htm -76.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\z_v3.7c_300x250[1].swf -75.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[2].htm -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[4].htm -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1117279_100003973435146_1786722666_q[1].jpg -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\161747_100000115314118_1423120803_q[1].jpg -75.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1118494_100006766599995_1693723620_q[1].jpg -75.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1115596_100000346344870_533842328_q[1].jpg -75.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[3].htm -75.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\371049_100001335441826_1273431978_q[1].jpg -75.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\ss_v3.7c_728x90[1].swf -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\bg_ms_300250[1].png -74.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\GN8QV23N.txt -74.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\r[2].gif -74.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -74.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -74.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZQ4TLMB.txt -74.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\thirdpartretargeting[3].gif -74.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YXV9I0KM.txt -74.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bga_728x90_ss_1[1].swf -74.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\72890_ss[1].jpg -74.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\6DMBDPP9.txt -74.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\r[1].gif -74.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\cta_1_ss[1].swf -74.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\JA222J06N-502@1.1[1].jpg -74.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\SE622J01B-513@1.1[1].jpg -72.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\SE622J00I-I00@1.1[1].jpg -69.6s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{B2564122-31D1-11E3-BEE3-083E8EB6BC90}.dat -69.6s C:\Users\Kenny\AppData\Local\Temp\Low\REGB167.tmp -68.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\__utm[4].gif -68.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1699-280x280[1].jpg -68.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1698-180x110[1].jpg -68.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\1691-180x110[1].jpg -68.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\Mixmash-Radio-180x110[1].jpg -67.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\sharethis_counter2[1].png -67.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\5092658564345193620[1].gif -67.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\T8OUGN58.txt -67.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\1CDOATKZ.txt -67.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y9DYCT5C.txt -66.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\z_v3.7c_728x90[1].swf -66.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\234a6140b599047b8686e87b1b2a1552_f[1].png -66.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\5-8201_PO_Continental_300x250_FR[1].swf -66.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\72890_n[1].jpg -65.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\KV644YXX.txt -65.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -65.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -58.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\pap[1].swf -31.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\__utm[5].gif -30.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\NVB34DU4.txt -30.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\blogo[1].jpg -30.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\download3[1].jpg -27.8s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{CB42C4BE-31D1-11E3-BEE3-083E8EB6BC90}.dat -27.7s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -27.7s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -25.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1694-180x110[1].jpg -25.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1693-180x110[1].jpg -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -25.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CL3AYT1P.txt -25.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\d3af36d8391aea778a3c50358b01a57b_f[1].png -24.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[2].htm -24.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\E8L1Q8T5.txt -24.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0I97ITVN.txt -24.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\4PCAK1Y6.txt -24.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -20.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\css[1].css -19.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\logo[1].png -19.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\2013[1].zip -19.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\impression[1].gif -19.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\EEQ9F00H.txt -19.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\tusfiles%20728x90[1].gif -19.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\set-action-cookie[1].gif -18.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\SQM2PNXW.txt -17.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\emily[1].htm -17.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0YQ0G6LZ.txt -17.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -17.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -17.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\PVB8CWTF.txt -17.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\__utm[1].gif -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\set-16[1].png -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\post-native[1].png -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -17.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -17.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\AKBUSA0S.txt -17.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CH96EZX1.txt -17.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\UFYOO4TN.txt -17.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\FECH0EO8.txt -17.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\TOX5Q922.txt -15.7s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -15.7s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -15.7s C:\Users\Kenny\AppData\Local\Temp\Low\REG8417.tmp -15.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VQ68MXJN.txt -15.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\O4MGBEJ1.txt -14.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\style[1].css -14.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\BJKK8OLF.txt -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -14.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -14.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -14.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q58KCYG9.txt -14.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\ms-partner[1].png -14.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img[1].jpg -13.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\DE3DW1W1.txt -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img2[1].jpg -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img3[1].jpg -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ep[1].png -13.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img4[1].jpg -13.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -13.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\cnet[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -13.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\waves[1].jpg -13.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -13.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -13.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5F9Z7X4D.txt -12.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\373AA1E44F5B933F81294FE7DF9AE44E -12.7s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\373AA1E44F5B933F81294FE7DF9AE44E -11.0s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -10.9s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -10.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\dot_clear[1].gif -8.9s C:\Users\Kenny\AppData\Local\Temp\Low\REG9E58.tmp -8.0s C:\Users\Kenny\AppData\Local\Temp\REGA20D.tmp 0.0s C:\Users\Kenny\AppData\Local\Temp\jar_cache6254978253509695947.tmp 0.9s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 0.9s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 1.4s C:\Windows\Prefetch\JP2LAUNCHER.EXE-8BC39A4D.pf 1.6s C:\Windows\Prefetch\JAVA.EXE-F26CFF01.pf 1.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 1.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 3.0s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 3.0s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 3.0s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 6.7s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\7613A2335EE754712DF5669B660851D0 9.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\922E2AB342E0D0C1180B322081FAAF27 11.8s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47.idx 11.9s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47 16.9s C:\Windows\Prefetch\REGSVR32.EXE-614DD671.pf 18.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{4BCD87B5-ED25-4569-810B-FE7C55E163ED} 26.8s C:\Windows\Prefetch\HBTAWQRVTGMHPNXTUCD.EXE-1597411A.pf 27.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1957883420-1083450386-1349748412-1001\7a723920be415a36e743df6c9728c362_6d3a7bb4-40b6-43a3-8088-81143c6d0db7 30.4s C:\Windows\Prefetch\SVCHOST.EXE-9332ECDC.pf 39.6s C:\Users\Kenny\AppData\Local\Temp\Low\zKEDYGOoOxl 40.4s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\bookmarkbackups\bookmarks-2013-10-10.json 40.7s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\localstore.rdf 43.3s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\Data\Tor\state C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp -> Quarantined Size . . . . . . . : 19 132 bytes Age . . . . . . . : 0.1 days (2013-10-10 19:31:57) Entropy . . . . . : 7.9 SHA-256 . . . . . : 57235D563B9B38C4745420FCAADFEDDD1FFBDB35A1E95D4137B89C53679E6257 > Kaspersky . . . . : HEUR:Exploit.Java.CVE-2012-1723.gen Fuzzy . . . . . . : 102.0 Forensic Cluster -80.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -80.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\__utm[5].gif -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1696-293x150[1].jpg -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1699-293x150[1].jpg -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1697-293x150[1].jpg -79.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\1698-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Diplo-–-Revolution-EP-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1693-293x150[1].jpg -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\Exclusive-293x150[1].png -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\DHM-Pack-210-293x150[1].png -79.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1462-293x150[1].jpg -79.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1690-293x150[1].jpg -79.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -79.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1691-293x150[1].jpg -78.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\box[1].htm -78.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -78.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B1AXYX3.txt -78.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\scroll[1].png -77.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\relay[2].swf -77.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\unsure[1].gif -77.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\wink[1].gif -77.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\smile[1].gif -77.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\trackingPixel[1].gif -77.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\likebox[1].htm -77.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bmw_4j_468x60b_nl[1].swf -77.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ddc[1].htm -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1076615_584660756_1376328851_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1082988_100002033288453_1211801668_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1118134_100002508052499_1514861849_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1117978_100000706820412_247958862_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\273736_100003301036925_592490609_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\1119082_100004100688077_1189558660_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -77.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\1118240_100004099417798_1230510486_q[1].jpg -77.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1117351_100001086747136_213797438_q[1].jpg -77.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1082989_1406569077_401231436_q[1].jpg -77.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1694-293x150[1].jpg -77.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\OUUEEY9P.txt -77.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\iframe3[1].htm -76.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\z_v3.7c_300x250[1].swf -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[2].htm -76.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\likebox[4].htm -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1117279_100003973435146_1786722666_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\161747_100000115314118_1423120803_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\1118494_100006766599995_1693723620_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1115596_100000346344870_533842328_q[1].jpg -76.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[3].htm -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\371049_100001335441826_1273431978_q[1].jpg -76.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\ss_v3.7c_728x90[1].swf -76.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\bg_ms_300250[1].png -75.5s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\GN8QV23N.txt -75.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\r[2].gif -75.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -75.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXJKF30B.txt -75.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZQ4TLMB.txt -75.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\thirdpartretargeting[3].gif -75.3s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\YXV9I0KM.txt -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\bga_728x90_ss_1[1].swf -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\72890_ss[1].jpg -75.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\6DMBDPP9.txt -75.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\r[1].gif -75.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\cta_1_ss[1].swf -74.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\JA222J06N-502@1.1[1].jpg -74.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\SE622J01B-513@1.1[1].jpg -73.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\SE622J00I-I00@1.1[1].jpg -70.5s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{B2564122-31D1-11E3-BEE3-083E8EB6BC90}.dat -70.4s C:\Users\Kenny\AppData\Local\Temp\Low\REGB167.tmp -69.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\__utm[4].gif -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1699-280x280[1].jpg -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\1698-180x110[1].jpg -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\1691-180x110[1].jpg -69.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\Mixmash-Radio-180x110[1].jpg -68.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\sharethis_counter2[1].png -68.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\5092658564345193620[1].gif -68.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\T8OUGN58.txt -67.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\1CDOATKZ.txt -67.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y9DYCT5C.txt -67.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\z_v3.7c_728x90[1].swf -67.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\234a6140b599047b8686e87b1b2a1552_f[1].png -67.4s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4K5N9IJ0\5-8201_PO_Continental_300x250_FR[1].swf -67.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\72890_n[1].jpg -66.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\KV644YXX.txt -66.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -66.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\2NA21J02D-701@1.1[1].jpg -59.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\pap[1].swf -32.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\__utm[5].gif -31.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\NVB34DU4.txt -31.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\blogo[1].jpg -31.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\download3[1].jpg -28.7s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{CB42C4BE-31D1-11E3-BEE3-083E8EB6BC90}.dat -28.5s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -28.5s C:\Users\Kenny\AppData\Local\Temp\Low\REG5535.tmp -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G6TRH8D0\__utm[8].gif -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1697-280x280[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\1696-180x110[1].jpg -26.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\1694-180x110[1].jpg -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\1693-180x110[1].jpg -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\embed[1].htm -26.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CL3AYT1P.txt -25.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\d3af36d8391aea778a3c50358b01a57b_f[1].png -25.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BCFI1YLI\likebox[2].htm -25.6s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\E8L1Q8T5.txt -25.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0I97ITVN.txt -25.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\4PCAK1Y6.txt -24.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -24.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\3068018[1].swf -21.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MZ33TWS\css[1].css -20.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\logo[1].png -20.3s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EV0XIRNT\2013[1].zip -20.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AIJYPX92\impression[1].gif -19.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\EEQ9F00H.txt -19.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\tusfiles%20728x90[1].gif -19.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\set-action-cookie[1].gif -19.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\SQM2PNXW.txt -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\emily[1].htm -18.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\0YQ0G6LZ.txt -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\5969[1].gif -18.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\PVB8CWTF.txt -18.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\__utm[1].gif -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\set-16[1].png -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\post-native[1].png -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -18.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0F837RJ\ra1-icoset[1].png -18.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\AKBUSA0S.txt -18.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\CH96EZX1.txt -18.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\UFYOO4TN.txt -17.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\FECH0EO8.txt -17.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\TOX5Q922.txt -16.6s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -16.6s C:\Users\Kenny\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D278D7CF-31D1-11E3-BEE3-083E8EB6BC90}.dat -16.6s C:\Users\Kenny\AppData\Local\Temp\Low\REG8417.tmp -16.4s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\VQ68MXJN.txt -16.2s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\O4MGBEJ1.txt -15.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7724JA5Y\style[1].css -15.1s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\BJKK8OLF.txt -15.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -15.1s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\responsive[1].css -15.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -15.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LL851NQ7\award-badge[1].png -14.9s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q58KCYG9.txt -14.9s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N5HWHJOE\ms-partner[1].png -14.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img[1].jpg -14.8s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\DE3DW1W1.txt -14.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img2[1].jpg -14.8s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img3[1].jpg -14.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ep[1].png -14.7s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H0WSBXPT\ASP_img4[1].jpg -14.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -14.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\OYCY346U\inamprotector[1].xml -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\cnet[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.5s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LMV2K0W3\3k[1].png -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\waves[1].jpg -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -14.2s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1LXNFAB\smarticon[1].gif -14.0s C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\Low\5F9Z7X4D.txt -13.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\373AA1E44F5B933F81294FE7DF9AE44E -13.6s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\373AA1E44F5B933F81294FE7DF9AE44E -11.9s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -11.8s C:\Users\Kenny\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1F15462BC5A6655F7F25415F98A0571C_07FE58E1AD4B940705C707893239FEF7 -11.6s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FQGOTLI\dot_clear[1].gif -9.8s C:\Users\Kenny\AppData\Local\Temp\Low\REG9E58.tmp -8.9s C:\Users\Kenny\AppData\Local\Temp\REGA20D.tmp -0.9s C:\Users\Kenny\AppData\Local\Temp\jar_cache6254978253509695947.tmp 0.0s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 0.0s C:\Users\Kenny\AppData\Local\Temp\jar_cache7102579126457241020.tmp 0.5s C:\Windows\Prefetch\JP2LAUNCHER.EXE-8BC39A4D.pf 0.7s C:\Windows\Prefetch\JAVA.EXE-F26CFF01.pf 1.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 1.0s C:\Users\Kenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GSDEJIK\21256312[1].gif 2.2s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 2.2s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 2.2s C:\Users\Kenny\Music\House\2013-10\Donna Summer - MacArthur Park (Laidback Luke Remix).mp3.qdf4c23.partial 5.8s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\7613A2335EE754712DF5669B660851D0 8.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\922E2AB342E0D0C1180B322081FAAF27 11.0s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47.idx 11.0s C:\Users\Kenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\389e7432-699b7c47 16.1s C:\Windows\Prefetch\REGSVR32.EXE-614DD671.pf 17.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{4BCD87B5-ED25-4569-810B-FE7C55E163ED} 25.9s C:\Windows\Prefetch\HBTAWQRVTGMHPNXTUCD.EXE-1597411A.pf 26.7s C:\Users\Kenny\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1957883420-1083450386-1349748412-1001\7a723920be415a36e743df6c9728c362_6d3a7bb4-40b6-43a3-8088-81143c6d0db7 29.6s C:\Windows\Prefetch\SVCHOST.EXE-9332ECDC.pf 38.8s C:\Users\Kenny\AppData\Local\Temp\Low\zKEDYGOoOxl 39.6s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\bookmarkbackups\bookmarks-2013-10-10.json 39.8s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\FirefoxPortable\Data\profile\localstore.rdf 42.4s C:\Users\Kenny\Desktop\Pirate Browser\PirateBrowser 0.6b\Data\Tor\state C:\Users\Kenny\AppData\Local\Temp\tmp.exe -> Deleted Size . . . . . . . : 75 264 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:53:09) Entropy . . . . . : 7.7 SHA-256 . . . . . : 23B62F46B7A4846FC16AD44D882D3724265AB100673FE67AA0000015F177AE69 Product . . . . . : WorkerFlower Description . . . : WorkerFlower Version . . . . . : 1.0.0.0 Copyright . . . . : Copyright © 2013 Source URL . . . . : hxxp://dl.dropbox.com/u/113991488/UPnP.exe > G Data . . . . . . : Trojan.Generic.KDZ.11447 > Ikarus . . . . . . : Trojan.SuspectCRC!IK > Kaspersky . . . . : HEUR:Trojan.Win32.Generic Fuzzy . . . . . . : 112.0 C:\Users\Kenny\AppData\Local\Temp\tmp5C91.tmp.exe -> Deleted Size . . . . . . . : 75 264 bytes Age . . . . . . . : 201.4 days (2013-03-23 12:53:09) Entropy . . . . . : 7.7 SHA-256 . . . . . : 23B62F46B7A4846FC16AD44D882D3724265AB100673FE67AA0000015F177AE69 Product . . . . . : WorkerFlower Description . . . : WorkerFlower Version . . . . . : 1.0.0.0 Copyright . . . . : Copyright © 2013 Source URL . . . . : hxxp://dl.dropbox.com/u/113991488/UPnP.exe > G Data . . . . . . : Trojan.Generic.KDZ.11447 > Ikarus . . . . . . : Trojan.SuspectCRC!IK > Kaspersky . . . . : HEUR:Trojan.Win32.Generic Fuzzy . . . . . . : 117.0 C:\Users\Kenny\Downloads\Mixed In Key v2.5 (Full)\Mixed-In-Key v2.5.exe -> Deleted Size . . . . . . . : 1 851 034 bytes Age . . . . . . . : 102.2 days (2013-06-30 17:31:14) Entropy . . . . . : 8.0 SHA-256 . . . . . : D3E063EB2DA91A6A0A274334B608FA035A3FE833D508009C81310C28FB7AEDBE Product . . . . . : Mixed In Key Publisher . . . . : Mixed In Key LLC > G Data . . . . . . : MemScan:Trojan.Generic.2203227 > Ikarus . . . . . . : Trojan.Win32.Comame!IK > Kaspersky . . . . : Trojan.Win32.Chifrax.d Fuzzy . . . . . . : 111.0 C:\Users\Kenny\Downloads\Wondershare QuizCreator 4.2.1.1 Software\Keygen\keygen.exe -> Quarantined Size . . . . . . . : 59 392 bytes Age . . . . . . . : 172.5 days (2013-04-21 10:34:37) Entropy . . . . . : 7.9 SHA-256 . . . . . : 81231F6696A2AAB86B079628197AEEDC00C155DF563D7F41760B6917C5889429 > Ikarus . . . . . . : possible-Threat.Keygen.Core!IK Fuzzy . . . . . . : 118.0 C:\Users\Kenny\Downloads\Xilisoft.Video.Converter.Ultimate.v7.7.2.20130217.Incl.Keygen-BRD\Keygen\Keygen.exe -> Quarantined Size . . . . . . . : 78 848 bytes Age . . . . . . . : 47.2 days (2013-08-24 16:47:26) Entropy . . . . . : 7.8 SHA-256 . . . . . : 78058079D249AD132C0FF56BEDBFB2616B3D0315839916054E52446AC472AB5C > Ikarus . . . . . . : Backdoor.Win32.Hupigon!IK Fuzzy . . . . . . : 114.0 Suspicious files ____________________________________________________________ C:\Users\Kenny\Desktop\Ine\vb5\TOOLS\MSIE\MSIE301.EXE Size . . . . . . . : 5 585 256 bytes Age . . . . . . . : 55.5 days (2013-08-16 10:02:49) Entropy . . . . . : 8.0 SHA-256 . . . . . : 3E19AFC892335BBB4D4784A2D07793C3D9E374D18131D6CB6D853ECB889F311D Product . . . . . : Microsoft Internet Explorer 3.0 Publisher . . . . : Microsoft Corporation Description . . . : Microsoft Internet Explorer 3.0 Version . . . . . : 4.70.0.1215 Copyright . . . . : Copyright © Microsoft Corp. 1995-1996 RSA Key Size . . . : 1024 Authenticode . . . : Invalid Fuzzy . . . . . . : 23.0 Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Potential Unwanted Programs _________________________________________________ C:\Program Files (x86)\Ask.com\ (AskBar) C:\Program Files (x86)\Ask.com\cobrand.ico (AskBar) C:\Program Files (x86)\Ask.com\config.xml (AskBar) C:\Program Files (x86)\Ask.com\favicon.ico (AskBar) C:\Program Files (x86)\Ask.com\mupcfg.xml (AskBar) C:\Users\Kenny\Local Settings\Temp\AskSearch\ (AskBar) C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar) C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1043.MST (AskBar) C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe (AskBar) Size . . . . . . . : 102 400 bytes Age . . . . . . . : 39.2 days (2013-09-01 16:02:02) Entropy . . . . . : 6.1 SHA-256 . . . . . : EA345C1A9C45D94F6D1A71FBBBEEF52F68054DEA36B93B1285B0207261DEF846 Product . . . . . : InstallShield Publisher . . . . : Acresso Software Inc. Description . . . : InstallShield Version . . . . . : 15.0.498 Copyright . . . . : Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved. Fuzzy . . . . . . : 0.0 HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1\ (AskBar) HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\ (AskBar) HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E\ (AskBar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF\ (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\AppDataLow\AskToolbarInfo\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Ask.com\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\AskTB5.6 (AskBar) HKU\S-1-5-21-1957883420-1083450386-1349748412-1001\Software\Softonic\ (Softonic) Cookies _____________________________________________________________________ C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\IHVD8U7W.txt C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\PXTEMPEB.txt C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Cookies\YE2JCXEC.txt C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default\cookies.sqlite:atdmt.com C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\vq5ut246.default\cookies.sqlite:serving-sys.com -
Hier volgt het logje van Malwarebytes...
Malwarebytes Anti-Malware 1.75.0.1300
Databaseversie: v2013.10.10.06
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16688
Kenny :: KENNY [administrator]
10/10/2013 21:03:57
mbam-log-2013-10-10 (21-03-57).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 228619
Verstreken tijd: 13 minuut/minuten, 45 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Adober.exe (Backdoor.Agent.TMPGen) -> Data: "C:\Users\Kenny\AppData\Local\Temp\tmp5C92.tmp.exe" -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 1
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Slecht: ("regedit.exe" "%1") Goed: (regedit.exe "%1") -> Succesvol in quarantaine geplaatst en gerepareerd.
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 17
C:\Users\Kenny\AppData\Local\Temp\9JEIww0E.exe.part (PUP.Optional.Topmedia) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\arzHg8pM.exe.part (PUP.BundleInstaller.DW) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\Ax+apxD6.exe.part (PUP.Optional.Topmedia) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\hsXBk_Le.exe.part (PUP.Optional.Installrex) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\k5_tzJUB.exe.part (PUP.Optional.Solimba) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\LyricsPal_1060-8101_v116.exe (PUP.Optional.LyricsAd) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\nsd8F3F.tmp (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\nswBDF0.tmp (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\rwxaeosnmc.exe (Trojan.Dropper.MS) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\SofHGz_D.exe.part (PUP.BundleInstaller.DW) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\z8wCCqIc.exe.part (PUP.Optional.Installex) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\Downloads\AKVIS Coloriage v. 7.5 By Adrian Dennis.rar (Trojan.Bumat) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\Local Settings\Temporary Internet Files\Content.IE5\DQA6GF03\bi_downloader[1].exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\AppLaunch\Service.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\AppLaunch\msnmsgr.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Kenny\AppData\Local\Temp\tmp5C92.tmp.exe (Backdoor.Agent.TMPGen) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
-
Ik heb ondertussen toch een systeemherstel kunnen uitvoeren waarbij het virus verdwenen is. Vervolgens heb ik malwarebytes en hitmanpro geïnstalleerd. Deze zijn momenteel aan het scannen. Dan heb ik ook maar een HJT-logje gemaakt. Kan iemand dit even nakijken?
Het logje van Malwarebytes zal ik dadelijk posten.
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:07:53, on 10/10/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16688)
FIREFOX: 23.0.1 (nl)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\mdm.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Kenny\Downloads\HijackThis.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Adober.exe] "C:\Users\Kenny\AppData\Local\Temp\tmp5C92.tmp.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\Portable\DAEMON Tools Pro Advanced v5.2.0.0348\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: McAfee Parental Controls.lnk = C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Content Filter (mfeicfcoreocp) - McAfee, Inc. - C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Unknown owner - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 14521 bytes
-
Beste
Na het opstarten van mijn laptop krijg ik het venster van het politievirus. Omdat ik over Windows 8 beschik kan ik nu ook niet meer in veilige modus opstarten. Kan iemand mij helpen om dit te verwijderen?
bedankt.
-
Heel erg bedankt!
-
ComboFix 13-06-22.01 - mediamarkt 23/06/2013 10:18:11.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.1514 [GMT 2:00]
Gestart vanuit: c:\users\mediamarkt\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\mediamarkt\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-05-23 to 2013-06-23 ))))))))))))))))))))))))))))))
.
.
2013-06-23 08:43 . 2013-06-23 08:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-22 13:34 . 2013-06-22 13:34 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-06-22 13:33 . 2013-06-22 13:33 -------- d-----w- c:\program files\Microsoft Sync Framework
2013-06-22 13:33 . 2013-06-22 13:33 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-06-22 13:31 . 2013-06-22 13:31 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2013-06-22 13:29 . 2013-06-22 13:29 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-06-22 11:06 . 2013-06-22 11:06 338 ----a-w- c:\windows\DeleteOnReboot.bat
2013-06-22 09:03 . 2013-05-28 13:05 163328 ------w- c:\windows\system32\FlashPlayerUpdateService.exe
2013-06-18 18:32 . 2013-06-18 18:32 -------- d-----w- c:\program files\CCleaner
2013-06-12 20:17 . 2013-06-12 20:17 -------- d-----w- c:\programdata\WindowsSearch
2013-06-12 15:27 . 2013-06-23 08:04 -------- d-----r- c:\users\mediamarkt\Dropbox
2013-06-12 15:25 . 2013-06-12 15:25 -------- d-----w- c:\program files\Dropbox
2013-06-12 15:22 . 2013-06-23 08:04 -------- d-----w- c:\users\mediamarkt\AppData\Roaming\Dropbox
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-07 18:25 . 2013-05-07 18:25 723230 ----a-w- c:\windows\unins000.exe
2013-04-21 19:57 . 2013-04-21 19:57 71048 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-21 19:57 . 2013-04-21 19:57 691592 ------w- c:\windows\system32\FlashPlayerApp.exe
2013-04-11 01:18 . 2013-04-11 01:18 302368 ------w- c:\windows\system32\drivers\avgtdix.sys
2007-03-12 17:59 . 2007-03-12 17:59 299008 ----a-w- c:\program files\navigram_register.exe
2013-05-21 20:01 . 2011-08-27 14:04 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-10 10:42 . 2011-09-25 20:27 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-01-12 39408]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-12-05 270336]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"Facebook Update"="c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-07 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-16 6266880]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-19 1348904]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-10 30192]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2007-01-12 24576]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2010-02-05 2056192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Skytel"="Skytel.exe" [2008-09-16 1826816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-05 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-05 92704]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-06-28 75048]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2012-06-27 86016]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\users\mediamarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
Facebook Messenger.lnk - c:\users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-10-14 776744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-05 17:32 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2010-06-21 35712]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-18 18:29 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-06-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3560193050-1199720700-1633096986-1000Core.job
- c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 15:40]
.
2013-06-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3560193050-1199720700-1633096986-1000UA.job
- c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 15:40]
.
2013-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-12 15:24]
.
2013-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-12 15:24]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=hp&installDate=07/05/2013
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\program files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: plantyn.com\interactief
TCP: DhcpNameServer = 195.130.130.3 195.130.131.3
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab
FF - ProfilePath - c:\users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\
FF - ExtSQL: 2013-05-07 20:25; lrcsTube@hansanddeta.com; c:\program files\LyricsTube\FF
FF - ExtSQL: 2013-05-08 15:33; {a1cf6028-cc2f-4808-a0b4-e18f341316bc}; c:\users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\{a1cf6028-cc2f-4808-a0b4-e18f341316bc}
FF - ExtSQL: !HIDDEN! 2009-09-02 19:19; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2013-06-23 10:43
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000007b
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'Explorer.exe'(1712)
c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
c:\windows\system32\btmmhook.dll
.
Voltooingstijd: 2013-06-23 10:47:24
ComboFix-quarantined-files.txt 2013-06-23 08:47
ComboFix2.txt 2013-06-22 15:41
.
Pre-Run: 186.395.828.224 bytes beschikbaar
Post-Run: 185.087.369.216 bytes beschikbaar
.
- - End Of File - - C6FE6F093CB00F197883532DBFACCFFC
5C616939100B85E558DA92B899A0FC36
Dat is ook weer gebeurd.
-
ComboFix 13-06-22.01 - mediamarkt 22/06/2013 17:25:59.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.1798 [GMT 2:00]
Gestart vanuit: c:\users\mediamarkt\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\mediamarkt\AppData\Roaming\.#
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1024@1C52908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1024@1C52938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1024@1C52968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1080@6F2908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1080@6F2938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1080@6F2968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1160@1E12908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1160@1E12938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1160@1E12968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@118C@3E2908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@118C@3E2938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@118C@3E2968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@11CC@1762908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@11CC@1762938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@11CC@1762968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@11E4@1CA2908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@11E4@1CA2938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@11E4@1CA2968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1210@1E32908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1210@1E32938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1210@1E32968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@122C@AD2908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@122C@AD2938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@122C@AD2968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1234@1DA2908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1234@1DA2938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1234@1DA2968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@123C@392908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@123C@392938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@123C@392968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1298@242908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1298@242938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1298@242968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@12AC@1D22908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@12AC@1D22938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@12AC@1D22968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@12D0@1722908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@12D0@1722938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@12D0@1722968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1374@1D12908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1374@1D12938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1374@1D12968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@172908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@172938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@172968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@1C92908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@1C92938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13CC@1C92968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13E8@1DD2908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13E8@1DD2938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13E8@1DD2968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13F4@1CD2908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13F4@1CD2938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@13F4@1CD2968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@14F8@3C2908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@14F8@3C2938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@14F8@3C2968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1668@3B2908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1668@3B2938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@1668@3B2968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@5E0@1872908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@5E0@1872938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@5E0@1872968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@9CC@1762908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@9CC@1762938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@9CC@1762968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@B28@A92908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@B28@A92938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@B28@A92968.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@DF8@1AB2908.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@DF8@1AB2938.###
c:\users\mediamarkt\AppData\Roaming\.#\MBX@DF8@1AB2968.###
c:\users\mediamarkt\AppData\Roaming\Adobe\plugs
c:\users\mediamarkt\AppData\Roaming\Adobe\plugs\mmc104.exe
c:\users\mediamarkt\AppData\Roaming\Adobe\plugs\mmc2796442.txt
c:\users\mediamarkt\AppData\Roaming\Adobe\plugs\mmc37.exe
c:\users\mediamarkt\AppData\Roaming\Adobe\shed
c:\users\mediamarkt\AppData\Roaming\Adobe\shed\thr1.chm
c:\windows\iun6002.exe
c:\windows\security\Database\tmp.edb
c:\windows\system32\DEBUG.log
c:\windows\wininit.ini
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-05-22 to 2013-06-22 ))))))))))))))))))))))))))))))
.
.
2013-06-22 15:38 . 2013-06-22 15:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-22 13:34 . 2013-06-22 13:34 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-06-22 13:33 . 2013-06-22 13:33 -------- d-----w- c:\program files\Microsoft Sync Framework
2013-06-22 13:33 . 2013-06-22 13:33 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-06-22 13:31 . 2013-06-22 13:31 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2013-06-22 13:29 . 2013-06-22 13:29 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-06-22 11:06 . 2013-06-22 11:06 338 ----a-w- c:\windows\DeleteOnReboot.bat
2013-06-22 09:03 . 2013-05-28 13:05 163328 ------w- c:\windows\system32\FlashPlayerUpdateService.exe
2013-06-18 18:32 . 2013-06-18 18:32 -------- d-----w- c:\program files\CCleaner
2013-06-12 20:17 . 2013-06-12 20:17 -------- d-----w- c:\programdata\WindowsSearch
2013-06-12 15:27 . 2013-06-22 14:28 -------- d-----r- c:\users\mediamarkt\Dropbox
2013-06-12 15:25 . 2013-06-12 15:25 -------- d-----w- c:\program files\Dropbox
2013-06-12 15:22 . 2013-06-22 14:28 -------- d-----w- c:\users\mediamarkt\AppData\Roaming\Dropbox
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-07 18:25 . 2013-05-07 18:25 723230 ----a-w- c:\windows\unins000.exe
2013-04-21 19:57 . 2013-04-21 19:57 71048 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-21 19:57 . 2013-04-21 19:57 691592 ------w- c:\windows\system32\FlashPlayerApp.exe
2013-04-11 01:18 . 2013-04-11 01:18 302368 ------w- c:\windows\system32\drivers\avgtdix.sys
2007-03-12 17:59 . 2007-03-12 17:59 299008 ----a-w- c:\program files\navigram_register.exe
2013-05-21 20:01 . 2011-08-27 14:04 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-10 10:42 . 2011-09-25 20:27 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-01-12 39408]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-12-05 270336]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-09-26 17353352]
"Facebook Update"="c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-07 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-16 6266880]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-19 1348904]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-10 30192]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2007-01-12 24576]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2010-02-05 2056192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Skytel"="Skytel.exe" [2008-09-16 1826816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-05 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-05 92704]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-06-28 75048]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2012-06-27 86016]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\users\mediamarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
Facebook Messenger.lnk - c:\users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-10-14 776744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-05 17:32 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2010-06-21 35712]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-18 18:29 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-06-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3560193050-1199720700-1633096986-1000Core.job
- c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 15:40]
.
2013-06-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3560193050-1199720700-1633096986-1000UA.job
- c:\users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 15:40]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-12 15:24]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-12 15:24]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=hp&installDate=07/05/2013
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\program files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Toevoegen aan bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: plantyn.com\interactief
TCP: DhcpNameServer = 195.130.130.3 195.130.131.3
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab
FF - ProfilePath - c:\users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\
FF - ExtSQL: 2013-05-07 20:25; lrcsTube@hansanddeta.com; c:\program files\LyricsTube\FF
FF - ExtSQL: 2013-05-08 15:33; {a1cf6028-cc2f-4808-a0b4-e18f341316bc}; c:\users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\{a1cf6028-cc2f-4808-a0b4-e18f341316bc}
FF - ExtSQL: !HIDDEN! 2009-09-02 19:19; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2013-06-22 17:38
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000007b
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2013-06-22 17:41:22
ComboFix-quarantined-files.txt 2013-06-22 15:41
.
Pre-Run: 185.489.076.224 bytes beschikbaar
Post-Run: 186.649.395.200 bytes beschikbaar
.
- - End Of File - - BC92DC1CCE15E79BD234511F5BB50A9B
5C616939100B85E558DA92B899A0FC36
Webbrowser opent nu wel vlot!
-
Dat is ook weer opgekuist... De reactietijd bij het openen van een webbrowser is nogal traag naar mijn mening, voor de rest lijkt alles vlotjes te draaien. Bedankt al!
-
# AdwCleaner v2.303 - Verslag gemaakt op 22/06/2013 om 13:05:28
# Geactualiseerd op 08/06/2013 door Xplode
# Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits)
# Gebruiker : mediamarkt - PC_VAN_MEDIAMAR
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\mediamarkt\Desktop\adwcleaner.exe
# Optie [Verwijderen]
***** [Diensten] *****
***** [Files / Mappen] *****
File Verwijderd : C:\user.js
File Verwijderd : C:\Users\MEDIAM~1\AppData\Local\Temp\Uninstall.exe
File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\BabMaint.exe
File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\bProtector_extensions.rdf
File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\plugin@yontoo.com.xpi
File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\searchplugins\Babylon.xml
File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\searchplugins\BrowserProtect.xml
File Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\searchplugins\Web Search.xml
File Verwijderd : C:\Users\mediamarkt\Documents\eBay.lnk
File Verwijderd : C:\Windows\system32\conduitEngine.tmp
Map Verwijderd : C:\Program Files\Common Files\AVG Secure Search
Map Verwijderd : C:\Program Files\Conduit
Map Verwijderd : C:\Program Files\ConduitEngine
Map Verwijderd : C:\Program Files\DealPly
Map Verwijderd : C:\Program Files\Freecorder
Map Verwijderd : C:\Program Files\Freecorder extension
Map Verwijderd : C:\Program Files\Funmoods
Map Verwijderd : C:\Program Files\Ilivid
Map Verwijderd : C:\Program Files\Searchqu Toolbar
Map Verwijderd : C:\Program Files\Yontoo
Map Verwijderd : C:\ProgramData\AVG Security Toolbar
Map Verwijderd : C:\ProgramData\Babylon
Map Verwijderd : C:\ProgramData\boost_interprocess
Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Map Verwijderd : C:\ProgramData\Tarma Installer
Map Verwijderd : C:\Users\MEDIAM~1\AppData\Local\Temp\Smartbar
Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Conduit
Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki
Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Map Verwijderd : C:\Users\mediamarkt\AppData\Local\Smartbar
Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\BabylonToolbar
Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\Conduit
Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\ConduitEngine
Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\Delta
Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\Freecorder
Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\Funmoods
Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\PriceGong
Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\searchquband
Map Verwijderd : C:\Users\mediamarkt\AppData\LocalLow\Searchqutoolbar
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\BabSolution
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Babylon
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\DealPly
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\dvdvideosoftiehelpers
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\file scout
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Funmoods
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freecorder
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\ffxtlbr@babylon.com
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\ffxtlbr@funmoods.com
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\plugin@yontoo.com
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\staged
Map Verwijderd : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\Searchqutoolbar
Map Verwijderd : C:\Windows\Freecorder
Verwijderd bij het opstarten : C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Verwijderd bij het opstarten : C:\ProgramData\BrowserProtect
Verwijderd bij het opstarten : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}
***** [Register] *****
Sleutel Verwijderd : HKCU\Software\a53de8ae03ae541
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\conduitEngine
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Freecorder
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\searchqutoolbar
Sleutel Verwijderd : HKCU\Software\AppDataLow\Toolbar
Sleutel Verwijderd : HKCU\Software\Ask&Record
Sleutel Verwijderd : HKCU\Software\BabylonChromeExtension
Sleutel Verwijderd : HKCU\Software\BrowserMngr
Sleutel Verwijderd : HKCU\Software\Conduit
Sleutel Verwijderd : HKCU\Software\DataMngr
Sleutel Verwijderd : HKCU\Software\DataMngr_Toolbar
Sleutel Verwijderd : HKCU\Software\DealPly
Sleutel Verwijderd : HKCU\Software\delta LTD
Sleutel Verwijderd : HKCU\Software\Freecorder
Sleutel Verwijderd : HKCU\Software\Funmoods
Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Sleutel Verwijderd : HKCU\Software\InstallCore
Sleutel Verwijderd : HKCU\Software\Microsoft\Babylon
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freecorder extension
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freecorder Toolbar
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu Toolbar
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{73908CE2-9FA3-4744-BD90-A4EBE8187D59}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Sleutel Verwijderd : HKCU\Software\SmartBar
Sleutel Verwijderd : HKCU\Software\SmartbarBackup
Sleutel Verwijderd : HKCU\Software\SmartbarLog
Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar
Sleutel Verwijderd : HKLM\SOFTWARE\a53de8ae03ae541
Sleutel Verwijderd : HKLM\Software\Babylon
Sleutel Verwijderd : HKLM\Software\BrowserMngr
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42ae-A51E-B5750F160BFB}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{73908CE2-9FA3-4744-BD90-A4EBE8187D59}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47bb-86A6-23F4F4F67342}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Conduit.Engine
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\f
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Sleutel Verwijderd : HKLM\Software\Conduit
Sleutel Verwijderd : HKLM\Software\conduitEngine
Sleutel Verwijderd : HKLM\Software\DataMngr
Sleutel Verwijderd : HKLM\Software\DealPly
Sleutel Verwijderd : HKLM\Software\Freecorder
Sleutel Verwijderd : HKLM\Software\Funmoods
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{168BC93F-06BA-4D83-B975-59214CA2CF03}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC389546-5B8A-40A4-BE2A-DBEA6EC8C369}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBB8B7EF-42A9-4816-BB8E-DB48F4D6D7D0}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{73908CE2-9FA3-4744-BD90-A4EBE8187D59}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder Toolbar
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Sleutel Verwijderd : HKLM\Software\SearchquMediabarTb
Sleutel Verwijderd : HKLM\Software\Tarma Installer
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Main [browserMngr Start Page]
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [browserMngrDefaultScope]
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
***** [browsers] *****
-\\ Internet Explorer v8.0.6001.19088
Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www2.delta-search.com/?affID=119520&tt=gc_&babsrc=NT_ss&mntrId=AE0C0022FB03225C --> hxxp://www.google.com
-\\ Mozilla Firefox v6.0 (nl)
File : C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\prefs.js
C:\Users\mediamarkt\AppData\Roaming\Mozilla\Firefox\Profiles\x2l92bi4.default\user.js ... Verwijderd !
Verwijderd : user_pref("extensions.BabylonToolbar.admin", false);
Verwijderd : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Verwijderd : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Verwijderd : user_pref("extensions.BabylonToolbar.babExt", "");
Verwijderd : user_pref("extensions.BabylonToolbar.babTrack", "affID=110819&tt=120812_bandext_3312_5");
Verwijderd : user_pref("extensions.BabylonToolbar.babext", "babExt");
Verwijderd : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Verwijderd : user_pref("extensions.BabylonToolbar.bbdpng", 0);
Verwijderd : user_pref("extensions.BabylonToolbar.cntry", "BE");
Verwijderd : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Verwijderd : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
Verwijderd : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Verwijderd : user_pref("extensions.BabylonToolbar.excTlbr", false);
Verwijderd : user_pref("extensions.BabylonToolbar.hdrMd5", "A2D4B3011FA4648303ED7D7D902CA956");
Verwijderd : user_pref("extensions.BabylonToolbar.hmpg", true);
Verwijderd : user_pref("extensions.BabylonToolbar.hrdid", "ae0cd6900000000000000022fb03225c");
Verwijderd : user_pref("extensions.BabylonToolbar.id", "ae0cd6900000000000000022fb03225c");
Verwijderd : user_pref("extensions.BabylonToolbar.instlday", "15566");
Verwijderd : user_pref("extensions.BabylonToolbar.instlref", "sst");
Verwijderd : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
Verwijderd : user_pref("extensions.BabylonToolbar.keywordurl", "");
Verwijderd : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.4.613:55:06");
Verwijderd : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.0");
Verwijderd : user_pref("extensions.BabylonToolbar.newTab", false);
Verwijderd : user_pref("extensions.BabylonToolbar.newtab", "false");
Verwijderd : user_pref("extensions.BabylonToolbar.newtaburl", "");
Verwijderd : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Verwijderd : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Verwijderd : user_pref("extensions.BabylonToolbar.sg", "tzb");
Verwijderd : user_pref("extensions.BabylonToolbar.smplGrp", "tzb");
Verwijderd : user_pref("extensions.BabylonToolbar.smplgrp", "tzb");
Verwijderd : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Verwijderd : user_pref("extensions.BabylonToolbar.srcext", "ss");
Verwijderd : user_pref("extensions.BabylonToolbar.srch", "");
Verwijderd : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Verwijderd : user_pref("extensions.BabylonToolbar.tlbrid", "tb9");
Verwijderd : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
Verwijderd : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
Verwijderd : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.4.613:55:06");
Verwijderd : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
Verwijderd : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.4.613:55:06");
Verwijderd : user_pref("extensions.BabylonToolbar_i.babExt", "");
Verwijderd : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=120812_bandext_3312_5");
Verwijderd : user_pref("extensions.BabylonToolbar_i.newTab", false);
Verwijderd : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Verwijderd : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Verwijderd : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.613:55:06");
Verwijderd : user_pref("extensions.delta.admin", false);
Verwijderd : user_pref("extensions.delta.aflt", "babsst");
Verwijderd : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Verwijderd : user_pref("extensions.delta.autoRvrt", "false");
Verwijderd : user_pref("extensions.delta.babTrack", "affID=110819&tt=120812_bandext_3312_5");
Verwijderd : user_pref("extensions.delta.bbDpng", "22");
Verwijderd : user_pref("extensions.delta.cntry", "BE");
Verwijderd : user_pref("extensions.delta.dfltLng", "en");
Verwijderd : user_pref("extensions.delta.dfltSrch", false);
Verwijderd : user_pref("extensions.delta.excTlbr", false);
Verwijderd : user_pref("extensions.delta.ffxUnstlRst", true);
Verwijderd : user_pref("extensions.delta.hdrMd5", "86CECF391770A2166772CA7ED5BA47A8");
Verwijderd : user_pref("extensions.delta.hmpg", false);
Verwijderd : user_pref("extensions.delta.id", "ae0cd6900000000000000022fb03225c");
Verwijderd : user_pref("extensions.delta.instlDay", "15832");
Verwijderd : user_pref("extensions.delta.instlRef", "sst");
Verwijderd : user_pref("extensions.delta.lastVrsnTs", "");
Verwijderd : user_pref("extensions.delta.newTab", false);
Verwijderd : user_pref("extensions.delta.noFFXTlbr", false);
Verwijderd : user_pref("extensions.delta.prdct", "delta");
Verwijderd : user_pref("extensions.delta.prtnrId", "delta");
Verwijderd : user_pref("extensions.delta.rvrt", "false");
Verwijderd : user_pref("extensions.delta.sg", "czb");
Verwijderd : user_pref("extensions.delta.smplGrp", "none");
Verwijderd : user_pref("extensions.delta.tlbrId", "base");
Verwijderd : user_pref("extensions.delta.tlbrSrchUrl", "");
Verwijderd : user_pref("extensions.delta.vrsn", "1.8.16.16");
Verwijderd : user_pref("extensions.delta.vrsnTs", "1.8.16.1620:26:42");
Verwijderd : user_pref("extensions.delta.vrsni", "1.8.16.16");
Verwijderd : user_pref("extensions.enabledAddons", "addon@freecorder.com:7.0.0.13,ffxtlbr@funmoods.com:1.5.0,plug[...]
Verwijderd : user_pref("extensions.funmoods.aflt", "orgnl");
Verwijderd : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Verwijderd : user_pref("extensions.funmoods.cntry", "BE");
Verwijderd : user_pref("extensions.funmoods.cv", "cv5");
Verwijderd : user_pref("extensions.funmoods.dfltlng", "en");
Verwijderd : user_pref("extensions.funmoods.dfltsrch", "false");
Verwijderd : user_pref("extensions.funmoods.hdrMd5", "");
Verwijderd : user_pref("extensions.funmoods.hmpg", true);
Verwijderd : user_pref("extensions.funmoods.hrdid", "0");
Verwijderd : user_pref("extensions.funmoods.id", "");
Verwijderd : user_pref("extensions.funmoods.instlday", "");
Verwijderd : user_pref("extensions.funmoods.instlref", "");
Verwijderd : user_pref("extensions.funmoods.isDcmntCmplt", false);
Verwijderd : user_pref("extensions.funmoods.keywordurl", "");
Verwijderd : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.117:04:41");
Verwijderd : user_pref("extensions.funmoods.newTab", true);
Verwijderd : user_pref("extensions.funmoods.newtab", true);
Verwijderd : user_pref("extensions.funmoods.newtaburl", "");
Verwijderd : user_pref("extensions.funmoods.prdct", "");
Verwijderd : user_pref("extensions.funmoods.prtnrid", "");
Verwijderd : user_pref("extensions.funmoods.sg", "none");
Verwijderd : user_pref("extensions.funmoods.smplGrp", "none");
Verwijderd : user_pref("extensions.funmoods.smplgrp", "none");
Verwijderd : user_pref("extensions.funmoods.srch", "");
Verwijderd : user_pref("extensions.funmoods.srchprvdr", "");
Verwijderd : user_pref("extensions.funmoods.tlbrid", "base");
Verwijderd : user_pref("extensions.funmoods.tlbrsrchurl", "");
Verwijderd : user_pref("extensions.funmoods.vrsn", "");
Verwijderd : user_pref("extensions.funmoods.vrsnTs", "1.5.11.117:04:41");
Verwijderd : user_pref("extensions.funmoods.vrsnts", "1.5.11.117:04:41");
Verwijderd : user_pref("extensions.funmoods_i.aflt", "ironto");
Verwijderd : user_pref("extensions.funmoods_i.dfltLng", "");
Verwijderd : user_pref("extensions.funmoods_i.dfltSrch", true);
Verwijderd : user_pref("extensions.funmoods_i.dnsErr", true);
Verwijderd : user_pref("extensions.funmoods_i.excTlbr", false);
Verwijderd : user_pref("extensions.funmoods_i.hmpg", true);
Verwijderd : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=ironto");
Verwijderd : user_pref("extensions.funmoods_i.id", "ae0cd6900000000000000022fb03225c");
Verwijderd : user_pref("extensions.funmoods_i.instlDay", "15354");
Verwijderd : user_pref("extensions.funmoods_i.instlRef", "");
Verwijderd : user_pref("extensions.funmoods_i.newTab", true);
Verwijderd : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=ironto");
Verwijderd : user_pref("extensions.funmoods_i.prdct", "funmoods");
Verwijderd : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Verwijderd : user_pref("extensions.funmoods_i.smplGrp", "none");
Verwijderd : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Verwijderd : user_pref("extensions.funmoods_i.tlbrId", "base");
Verwijderd : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=ironto&q[...]
Verwijderd : user_pref("extensions.funmoods_i.vrsn", "1.5.11.1");
Verwijderd : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.117:04:41");
Verwijderd : user_pref("extensions.funmoods_i.vrsni", "1.5.11.1");
Verwijderd : user_pref("extensions.helperbar.SmartbarDisabled", false);
Verwijderd : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Verwijderd : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Verwijderd : user_pref("extentions.y2layers.installId", "cf67d401-b963-43f9-91c7-4418b0ae44aa");
-\\ Google Chrome v27.0.1453.116
File : C:\Users\mediamarkt\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner[s1].txt - [41001 octets] - [22/06/2013 13:05:28]
########## EOF - C:\AdwCleaner[s1].txt - [41062 octets] ##########
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 13:14:34, on 22/06/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
FIREFOX: 6.0 (nl)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\sony\Marketing Tools\MarketingTools.exe
C:\Program Files\Belgium Identity Card\beid35gui.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\sony\Network Utility\LANUtil.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Users\mediamarkt\Downloads\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v1120/Navigram.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 15921 bytes
Dit zijn de logjes... er is vooruitgang merkbaar
-
Ik zou graag een laptop opschonen. Ik denk dat er heel wat malware verscholen zit. Wie kan mij hier mee helpen? Hier is alvast een HJT-logje. Bedankt!
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:31:43, on 22/06/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
FIREFOX: 6.0 (nl)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\sony\Marketing Tools\MarketingTools.exe
C:\Program Files\Belgium Identity Card\beid35gui.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\sony\Network Utility\LANUtil.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\mediamarkt\AppData\Local\Smartbar\Application\QuickShare.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\mediamarkt\Downloads\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=ds&q={searchTerms}&installDate=07/05/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=ds&q={searchTerms}&installDate=07/05/2013
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=ds&q={searchTerms}&installDate=07/05/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=BE&userid=a1cf6028-cc2f-4808-a0b4-e18f341316bc&searchtype=ds&q={searchTerms}&installDate=07/05/2013
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ae0cd6900000000000000022fb03225c&tlver=1.4.19.19&affID=18606
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\funmoods\1.5.11.1\bh\funmoods.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL
O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll
O2 - BHO: Freecorder extension - {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files\Freecorder extension\ScriptHost.dll
O2 - BHO: LyricsTube - {B399EDE8-1525-458C-8DD9-31EADF632D06} - C:\Program Files\LyricsTube\lrcstube.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\funmoods\1.5.11.1\funmoodsTlbr.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\mediamarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Users\mediamarkt\AppData\Local\Smartbar\Application\QuickShare.exe startup
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\mediamarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\mediamarkt\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v1120/Navigram.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 20078 bytes
-
Is gebeurd. Tot nu toe geen problemen meer gehad.
-
Ik heb ondertussen al 15 GB kunnen kopiëren naar een externe harde schijf zonder enig probleem. Windows verkenner reageert ook al wat vlugger. Ik denk dat de grootste problemen opgelost zijn. Heel erg bedankt!
-
TDSSKiller heeft 2 maal een scan gedaan. De eerste keer waren er 3 threats. Dus ik post beide logjes.
17:00:49.0949 1524 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:00:50.0142 1524 ============================================================
17:00:50.0143 1524 Current date / time: 2013/01/15 17:00:50.0142
17:00:50.0143 1524 SystemInfo:
17:00:50.0143 1524
17:00:50.0143 1524 OS Version: 6.0.6001 ServicePack: 1.0
17:00:50.0143 1524 Product type: Workstation
17:00:50.0143 1524 ComputerName: PC_VAN_SONY
17:00:50.0144 1524 UserName: Sony
17:00:50.0144 1524 Windows directory: C:\Windows
17:00:50.0144 1524 System windows directory: C:\Windows
17:00:50.0144 1524 Processor architecture: Intel x86
17:00:50.0144 1524 Number of processors: 2
17:00:50.0144 1524 Page size: 0x1000
17:00:50.0144 1524 Boot type: Normal boot
17:00:50.0144 1524 ============================================================
17:00:51.0163 1524 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:00:51.0170 1524 ============================================================
17:00:51.0170 1524 \Device\Harddisk0\DR0:
17:00:51.0187 1524 MBR partitions:
17:00:51.0187 1524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B54800, BlocksNum 0x1CD6682F
17:00:51.0187 1524 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E8BB800, BlocksNum 0x1BACA000
17:00:51.0187 1524 ============================================================
17:00:51.0251 1524 C: <-> \Device\Harddisk0\DR0\Partition1
17:00:51.0328 1524 D: <-> \Device\Harddisk0\DR0\Partition2
17:00:51.0329 1524 ============================================================
17:00:51.0329 1524 Initialize success
17:00:51.0329 1524 ============================================================
17:01:10.0291 5484 ============================================================
17:01:10.0292 5484 Scan started
17:01:10.0292 5484 Mode: Manual;
17:01:10.0292 5484 ============================================================
17:01:12.0374 5484 ================ Scan system memory ========================
17:01:12.0375 5484 System memory - ok
17:01:12.0375 5484 ================ Scan services =============================
17:01:12.0735 5484 [ 35F57598F0589FEB3C3ABC1621BF329F ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:01:12.0744 5484 ACDaemon - ok
17:01:13.0320 5484 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
17:01:13.0354 5484 ACPI - ok
17:01:13.0446 5484 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
17:01:13.0476 5484 AdobeActiveFileMonitor6.0 - ok
17:01:13.0567 5484 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:01:13.0571 5484 AdobeARMservice - ok
17:01:13.0710 5484 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:01:13.0754 5484 AdobeFlashPlayerUpdateSvc - ok
17:01:13.0841 5484 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:01:13.0855 5484 adp94xx - ok
17:01:13.0910 5484 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:01:13.0921 5484 adpahci - ok
17:01:13.0954 5484 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:01:13.0976 5484 adpu160m - ok
17:01:14.0009 5484 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:01:14.0016 5484 adpu320 - ok
17:01:14.0058 5484 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:01:14.0060 5484 AeLookupSvc - ok
17:01:14.0122 5484 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
17:01:14.0172 5484 AFD - ok
17:01:14.0231 5484 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:01:14.0254 5484 agp440 - ok
17:01:14.0309 5484 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:01:14.0315 5484 aic78xx - ok
17:01:14.0333 5484 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
17:01:14.0339 5484 ALG - ok
17:01:14.0365 5484 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
17:01:14.0369 5484 aliide - ok
17:01:14.0392 5484 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:01:14.0397 5484 amdagp - ok
17:01:14.0415 5484 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
17:01:14.0420 5484 amdide - ok
17:01:14.0456 5484 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:01:14.0461 5484 AmdK7 - ok
17:01:14.0475 5484 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:01:14.0497 5484 AmdK8 - ok
17:01:14.0552 5484 [ 9325E49D555D8F12CE1735227DBB3D80 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
17:01:14.0559 5484 ApfiltrService - ok
17:01:14.0616 5484 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
17:01:14.0621 5484 Appinfo - ok
17:01:14.0769 5484 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:01:14.0785 5484 Apple Mobile Device - ok
17:01:14.0814 5484 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
17:01:14.0819 5484 arc - ok
17:01:14.0867 5484 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:01:14.0872 5484 arcsas - ok
17:01:14.0909 5484 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
17:01:14.0913 5484 ArcSoftKsUFilter - ok
17:01:15.0020 5484 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:01:15.0024 5484 aspnet_state - ok
17:01:15.0073 5484 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:01:15.0078 5484 AsyncMac - ok
17:01:15.0122 5484 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
17:01:15.0127 5484 atapi - ok
17:01:15.0216 5484 [ 6455100A6CDB1DEDC551E12FD41BC519 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
17:01:15.0240 5484 Ati External Event Utility - ok
17:01:15.0423 5484 [ 9F66D1BA97911731133E46212539A08D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:01:15.0557 5484 atikmdag - ok
17:01:15.0640 5484 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:01:15.0667 5484 AudioEndpointBuilder - ok
17:01:15.0681 5484 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:01:15.0687 5484 Audiosrv - ok
17:01:15.0808 5484 [ C4D15594DB5BE042D3346EA58DF87D89 ] avg9wd C:\Program Files\AVG\AVG9\avgwdsvc.exe
17:01:15.0814 5484 avg9wd - ok
17:01:15.0858 5484 [ A9F4D19DE72C738759330D10D35C4398 ] AvgLdx86 C:\Windows\System32\Drivers\avgldx86.sys
17:01:15.0867 5484 AvgLdx86 - ok
17:01:15.0908 5484 [ 80FF2B1B7EEDA966394F0BAA895BBF4B ] AvgMfx86 C:\Windows\System32\Drivers\avgmfx86.sys
17:01:15.0912 5484 AvgMfx86 - ok
17:01:15.0993 5484 [ 9A7A93388F503A34E7339AE7F9997449 ] AvgTdiX C:\Windows\System32\Drivers\avgtdix.sys
17:01:16.0016 5484 AvgTdiX - ok
17:01:16.0063 5484 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
17:01:16.0067 5484 Beep - ok
17:01:16.0134 5484 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
17:01:16.0164 5484 BFE - ok
17:01:16.0227 5484 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
17:01:16.0286 5484 BITS - ok
17:01:16.0326 5484 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:01:16.0332 5484 blbdrive - ok
17:01:16.0496 5484 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:01:16.0509 5484 Bonjour Service - ok
17:01:16.0563 5484 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:01:16.0570 5484 bowser - ok
17:01:16.0628 5484 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:01:16.0633 5484 BrFiltLo - ok
17:01:16.0657 5484 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:01:16.0661 5484 BrFiltUp - ok
17:01:16.0711 5484 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
17:01:16.0717 5484 Browser - ok
17:01:16.0745 5484 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:01:16.0752 5484 Brserid - ok
17:01:16.0779 5484 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:01:16.0784 5484 BrSerWdm - ok
17:01:16.0803 5484 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:01:16.0808 5484 BrUsbMdm - ok
17:01:16.0831 5484 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:01:16.0836 5484 BrUsbSer - ok
17:01:16.0912 5484 [ AE19CFBBBA41800F3D5343E21D2CA09F ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:01:16.0928 5484 BthEnum - ok
17:01:16.0971 5484 [ 5FFA6988FF9597986FF2ADA736CC90C0 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:01:16.0976 5484 BTHMODEM - ok
17:01:16.0998 5484 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:01:17.0004 5484 BthPan - ok
17:01:17.0154 5484 [ 75F19DF0BC62992D05FDD8A32D968531 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:01:17.0183 5484 BTHPORT - ok
17:01:17.0226 5484 [ FC930B47A83F5F61DFADC64A0719DE43 ] BthServ C:\Windows\System32\bthserv.dll
17:01:17.0232 5484 BthServ - ok
17:01:17.0265 5484 [ 4CE2A25C5936BC515357D60FEE73F221 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:01:17.0270 5484 BTHUSB - ok
17:01:17.0328 5484 [ 14164C0CFD9D5A2704FDAB93A9688630 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:01:17.0343 5484 btwaudio - ok
17:01:17.0386 5484 [ 94DC6E5F3F532C5054F078D845714129 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
17:01:17.0423 5484 btwavdt - ok
17:01:17.0526 5484 [ C832A3622A35CA7C595EA8CA385BA813 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
17:01:17.0555 5484 btwdins - ok
17:01:17.0578 5484 [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
17:01:17.0607 5484 btwl2cap - ok
17:01:17.0643 5484 [ 61E29BA977B972C9BAA847CC11D48C3D ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:01:17.0647 5484 btwrchid - ok
17:01:17.0691 5484 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:01:17.0696 5484 cdfs - ok
17:01:17.0744 5484 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:01:17.0764 5484 cdrom - ok
17:01:17.0805 5484 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
17:01:17.0822 5484 CertPropSvc - ok
17:01:17.0863 5484 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
17:01:17.0868 5484 circlass - ok
17:01:17.0899 5484 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
17:01:17.0925 5484 CLFS - ok
17:01:17.0959 5484 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:01:17.0965 5484 clr_optimization_v2.0.50727_32 - ok
17:01:18.0108 5484 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:01:18.0152 5484 clr_optimization_v4.0.30319_32 - ok
17:01:18.0243 5484 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:01:18.0248 5484 CmBatt - ok
17:01:18.0265 5484 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:01:18.0270 5484 cmdide - ok
17:01:18.0296 5484 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:01:18.0325 5484 Compbatt - ok
17:01:18.0335 5484 COMSysApp - ok
17:01:18.0348 5484 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:01:18.0354 5484 crcdisk - ok
17:01:18.0380 5484 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:01:18.0384 5484 Crusoe - ok
17:01:18.0434 5484 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:01:18.0439 5484 CryptSvc - ok
17:01:18.0514 5484 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:01:18.0546 5484 DcomLaunch - ok
17:01:18.0598 5484 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:01:18.0624 5484 DfsC - ok
17:01:18.0792 5484 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
17:01:18.0908 5484 DFSR - ok
17:01:18.0989 5484 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:01:18.0995 5484 dg_ssudbus - ok
17:01:19.0056 5484 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:01:19.0069 5484 Dhcp - ok
17:01:19.0123 5484 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
17:01:19.0156 5484 disk - ok
17:01:19.0201 5484 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
17:01:19.0205 5484 DMICall - ok
17:01:19.0251 5484 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:01:19.0258 5484 Dnscache - ok
17:01:19.0287 5484 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
17:01:19.0296 5484 dot3svc - ok
17:01:19.0330 5484 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
17:01:19.0351 5484 DPS - ok
17:01:19.0431 5484 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:01:19.0435 5484 drmkaud - ok
17:01:19.0479 5484 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:01:19.0565 5484 DXGKrnl - ok
17:01:19.0583 5484 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:01:19.0591 5484 E1G60 - ok
17:01:19.0621 5484 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
17:01:19.0628 5484 EapHost - ok
17:01:19.0688 5484 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
17:01:19.0695 5484 Ecache - ok
17:01:19.0801 5484 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:01:19.0813 5484 ehRecvr - ok
17:01:19.0840 5484 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
17:01:19.0847 5484 ehSched - ok
17:01:19.0861 5484 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
17:01:19.0866 5484 ehstart - ok
17:01:19.0947 5484 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:01:19.0960 5484 elxstor - ok
17:01:20.0053 5484 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:01:20.0066 5484 EMDMgmt - ok
17:01:20.0093 5484 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:01:20.0098 5484 ErrDev - ok
17:01:20.0179 5484 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
17:01:20.0200 5484 EventSystem - ok
17:01:20.0365 5484 [ BA6063E3375F9BC11A9C8450A7F61E70 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:01:20.0591 5484 EvtEng - ok
17:01:20.0627 5484 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
17:01:20.0634 5484 exfat - ok
17:01:20.0654 5484 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:01:20.0662 5484 fastfat - ok
17:01:20.0688 5484 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:01:20.0693 5484 fdc - ok
17:01:20.0733 5484 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
17:01:20.0759 5484 fdPHost - ok
17:01:20.0785 5484 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
17:01:20.0792 5484 FDResPub - ok
17:01:20.0812 5484 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:01:20.0817 5484 FileInfo - ok
17:01:20.0831 5484 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:01:20.0837 5484 Filetrace - ok
17:01:20.0918 5484 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:01:21.0021 5484 FLEXnet Licensing Service - ok
17:01:21.0071 5484 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:01:21.0076 5484 flpydisk - ok
17:01:21.0139 5484 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:01:21.0167 5484 FltMgr - ok
17:01:21.0234 5484 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:01:21.0237 5484 FontCache3.0.0.0 - ok
17:01:21.0255 5484 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:01:21.0259 5484 Fs_Rec - ok
17:01:21.0284 5484 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:01:21.0299 5484 gagp30kx - ok
17:01:21.0337 5484 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
17:01:21.0360 5484 GEARAspiWDM - ok
17:01:21.0462 5484 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
17:01:21.0477 5484 GoogleDesktopManager-051210-111108 - ok
17:01:21.0524 5484 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
17:01:21.0553 5484 gpsvc - ok
17:01:21.0615 5484 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:01:21.0640 5484 gupdate - ok
17:01:21.0649 5484 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:01:21.0652 5484 gupdatem - ok
17:01:21.0725 5484 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:01:21.0733 5484 gusvc - ok
17:01:21.0769 5484 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:01:21.0779 5484 HdAudAddService - ok
17:01:21.0803 5484 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:01:21.0808 5484 HDAudBus - ok
17:01:21.0827 5484 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:01:21.0831 5484 HidBth - ok
17:01:21.0846 5484 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
17:01:21.0850 5484 HidIr - ok
17:01:21.0895 5484 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
17:01:21.0919 5484 hidserv - ok
17:01:21.0956 5484 [ E2B5BD48AFCC0F0974FB44641B223250 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:01:21.0961 5484 HidUsb - ok
17:01:21.0988 5484 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:01:21.0996 5484 hkmsvc - ok
17:01:22.0042 5484 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:01:22.0054 5484 HpCISSs - ok
17:01:22.0076 5484 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:01:22.0086 5484 HSFHWAZL - ok
17:01:22.0157 5484 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
17:01:22.0215 5484 HSF_DPV - ok
17:01:22.0238 5484 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
17:01:22.0263 5484 HSXHWAZL - ok
17:01:22.0323 5484 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:01:22.0346 5484 HTTP - ok
17:01:22.0384 5484 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:01:22.0388 5484 i2omp - ok
17:01:22.0431 5484 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:01:22.0436 5484 i8042prt - ok
17:01:22.0514 5484 [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:01:22.0519 5484 iaStor - ok
17:01:22.0573 5484 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:01:22.0597 5484 iaStorV - ok
17:01:22.0679 5484 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:01:22.0801 5484 IDriverT - ok
17:01:22.0967 5484 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:01:23.0023 5484 idsvc - ok
17:01:23.0082 5484 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:01:23.0087 5484 iirsp - ok
17:01:23.0148 5484 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
17:01:23.0181 5484 IKEEXT - ok
17:01:23.0413 5484 [ 4A0F260DF9A5333C07F4AB40CA9D4F4B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:01:23.0711 5484 IntcAzAudAddService - ok
17:01:23.0754 5484 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
17:01:23.0764 5484 intelide - ok
17:01:23.0812 5484 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:01:23.0817 5484 intelppm - ok
17:01:23.0854 5484 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:01:23.0866 5484 IPBusEnum - ok
17:01:23.0886 5484 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:01:23.0910 5484 IpFilterDriver - ok
17:01:23.0964 5484 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:01:23.0997 5484 iphlpsvc - ok
17:01:24.0007 5484 IpInIp - ok
17:01:24.0043 5484 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:01:24.0059 5484 IPMIDRV - ok
17:01:24.0080 5484 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:01:24.0087 5484 IPNAT - ok
17:01:24.0181 5484 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:01:24.0267 5484 iPod Service - ok
17:01:24.0284 5484 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:01:24.0289 5484 IRENUM - ok
17:01:24.0321 5484 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:01:24.0337 5484 isapnp - ok
17:01:24.0380 5484 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:01:24.0388 5484 iScsiPrt - ok
17:01:24.0419 5484 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:01:24.0424 5484 iteatapi - ok
17:01:24.0442 5484 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:01:24.0446 5484 iteraid - ok
17:01:24.0475 5484 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
17:01:24.0493 5484 IviRegMgr - ok
17:01:24.0527 5484 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:01:24.0534 5484 kbdclass - ok
17:01:24.0570 5484 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:01:24.0576 5484 kbdhid - ok
17:01:24.0625 5484 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
17:01:24.0654 5484 KeyIso - ok
17:01:24.0700 5484 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:01:24.0744 5484 KSecDD - ok
17:01:24.0845 5484 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:01:24.0888 5484 KtmRm - ok
17:01:24.0953 5484 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:01:25.0008 5484 LanmanServer - ok
17:01:25.0057 5484 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:01:25.0072 5484 LanmanWorkstation - ok
17:01:25.0173 5484 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
17:01:25.0396 5484 LinksysUpdater - ok
17:01:25.0452 5484 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:01:25.0469 5484 lltdio - ok
17:01:25.0510 5484 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:01:25.0537 5484 lltdsvc - ok
17:01:25.0572 5484 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:01:25.0580 5484 lmhosts - ok
17:01:25.0609 5484 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:01:25.0630 5484 LSI_FC - ok
17:01:25.0652 5484 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:01:25.0658 5484 LSI_SAS - ok
17:01:25.0672 5484 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:01:25.0679 5484 LSI_SCSI - ok
17:01:25.0714 5484 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
17:01:25.0741 5484 luafv - ok
17:01:25.0808 5484 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:01:25.0821 5484 Mcx2Svc - ok
17:01:25.0864 5484 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:01:25.0868 5484 mdmxsdk - ok
17:01:25.0934 5484 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
17:01:25.0939 5484 megasas - ok
17:01:25.0986 5484 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
17:01:26.0007 5484 MegaSR - ok
17:01:26.0045 5484 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
17:01:26.0062 5484 MMCSS - ok
17:01:26.0108 5484 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
17:01:26.0128 5484 Modem - ok
17:01:26.0163 5484 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:01:26.0169 5484 monitor - ok
17:01:26.0192 5484 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:01:26.0196 5484 mouclass - ok
17:01:26.0216 5484 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:01:26.0220 5484 mouhid - ok
17:01:26.0246 5484 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:01:26.0251 5484 MountMgr - ok
17:01:26.0349 5484 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:01:26.0356 5484 MozillaMaintenance - ok
17:01:26.0399 5484 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
17:01:26.0413 5484 mpio - ok
17:01:26.0435 5484 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:01:26.0440 5484 mpsdrv - ok
17:01:26.0514 5484 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
17:01:26.0536 5484 MpsSvc - ok
17:01:26.0550 5484 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:01:26.0554 5484 Mraid35x - ok
17:01:26.0583 5484 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:01:26.0590 5484 MRxDAV - ok
17:01:26.0638 5484 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:01:26.0683 5484 mrxsmb - ok
17:01:26.0763 5484 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:01:26.0777 5484 mrxsmb10 - ok
17:01:26.0825 5484 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:01:26.0841 5484 mrxsmb20 - ok
17:01:26.0881 5484 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
17:01:26.0886 5484 msahci - ok
17:01:26.0989 5484 [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
17:01:27.0091 5484 MSCSPTISRV - ok
17:01:27.0135 5484 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:01:27.0161 5484 msdsm - ok
17:01:27.0197 5484 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
17:01:27.0229 5484 MSDTC - ok
17:01:27.0277 5484 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:01:27.0285 5484 Msfs - ok
17:01:27.0310 5484 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:01:27.0315 5484 msisadrv - ok
17:01:27.0357 5484 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:01:27.0380 5484 MSiSCSI - ok
17:01:27.0391 5484 msiserver - ok
17:01:27.0466 5484 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:01:27.0470 5484 MSKSSRV - ok
17:01:27.0485 5484 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:01:27.0490 5484 MSPCLOCK - ok
17:01:27.0512 5484 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:01:27.0516 5484 MSPQM - ok
17:01:27.0547 5484 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:01:27.0555 5484 MsRPC - ok
17:01:27.0588 5484 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:01:27.0611 5484 mssmbios - ok
17:01:27.0621 5484 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:01:27.0627 5484 MSTEE - ok
17:01:27.0664 5484 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
17:01:27.0669 5484 Mup - ok
17:01:27.0712 5484 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
17:01:27.0729 5484 napagent - ok
17:01:27.0816 5484 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:01:27.0824 5484 NativeWifiP - ok
17:01:27.0871 5484 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:01:27.0900 5484 NDIS - ok
17:01:27.0924 5484 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:01:27.0928 5484 NdisTapi - ok
17:01:27.0941 5484 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:01:27.0946 5484 Ndisuio - ok
17:01:28.0002 5484 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:01:28.0009 5484 NdisWan - ok
17:01:28.0021 5484 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:01:28.0027 5484 NDProxy - ok
17:01:28.0049 5484 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:01:28.0054 5484 NetBIOS - ok
17:01:28.0073 5484 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:01:28.0082 5484 netbt - ok
17:01:28.0096 5484 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
17:01:28.0101 5484 Netlogon - ok
17:01:28.0173 5484 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
17:01:28.0203 5484 Netman - ok
17:01:28.0221 5484 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
17:01:28.0235 5484 netprofm - ok
17:01:28.0284 5484 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:01:28.0306 5484 NetTcpPortSharing - ok
17:01:28.0538 5484 [ BA420E8EBFCAD35581FE8E4C64F71469 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
17:01:28.0698 5484 NETw5v32 - ok
17:01:28.0740 5484 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:01:28.0761 5484 nfrd960 - ok
17:01:28.0791 5484 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:01:28.0798 5484 NlaSvc - ok
17:01:28.0855 5484 [ BF9E505065040D05F35F551A72100EF5 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
17:01:28.0873 5484 nlsX86cc - ok
17:01:28.0972 5484 [ 82C5A813E8EA7E94DC1AFA24CD803B80 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
17:01:29.0001 5484 nmservice - ok
17:01:29.0018 5484 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:01:29.0023 5484 Npfs - ok
17:01:29.0040 5484 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
17:01:29.0048 5484 nsi - ok
17:01:29.0085 5484 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:01:29.0111 5484 nsiproxy - ok
17:01:29.0228 5484 [ B30F5C423B45A6668EADAD883678E2D0 ] NSUService C:\Program Files\sony\Network Utility\NSUService.exe
17:01:29.0403 5484 NSUService - ok
17:01:29.0475 5484 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:01:29.0519 5484 Ntfs - ok
17:01:29.0539 5484 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:01:29.0543 5484 ntrigdigi - ok
17:01:29.0559 5484 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
17:01:29.0564 5484 Null - ok
17:01:29.0583 5484 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:01:29.0590 5484 nvraid - ok
17:01:29.0617 5484 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:01:29.0623 5484 nvstor - ok
17:01:29.0637 5484 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:01:29.0689 5484 nv_agp - ok
17:01:29.0697 5484 NwlnkFlt - ok
17:01:29.0708 5484 NwlnkFwd - ok
17:01:29.0811 5484 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:01:29.0867 5484 odserv - ok
17:01:29.0910 5484 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:01:29.0915 5484 ohci1394 - ok
17:01:30.0025 5484 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:01:30.0045 5484 ose - ok
17:01:30.0115 5484 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:01:30.0144 5484 p2pimsvc - ok
17:01:30.0173 5484 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
17:01:30.0188 5484 p2psvc - ok
17:01:30.0230 5484 [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
17:01:30.0288 5484 PACSPTISVR - ok
17:01:30.0330 5484 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
17:01:30.0336 5484 Parport - ok
17:01:30.0357 5484 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:01:30.0362 5484 partmgr - ok
17:01:30.0381 5484 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:01:30.0408 5484 Parvdm - ok
17:01:30.0476 5484 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
17:01:30.0484 5484 PcaSvc - ok
17:01:30.0509 5484 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
17:01:30.0517 5484 pci - ok
17:01:30.0533 5484 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
17:01:30.0537 5484 pciide - ok
17:01:30.0563 5484 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:01:30.0571 5484 pcmcia - ok
17:01:30.0623 5484 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
17:01:30.0629 5484 pcouffin - ok
17:01:30.0680 5484 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:01:30.0723 5484 PEAUTH - ok
17:01:30.0869 5484 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
17:01:30.0935 5484 pla - ok
17:01:31.0008 5484 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:01:31.0031 5484 PlugPlay - ok
17:01:31.0064 5484 [ B63A3AE87ED0AC525B3AA88B39608BFC ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
17:01:31.0068 5484 pnarp - ok
17:01:31.0100 5484 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:01:31.0116 5484 PNRPAutoReg - ok
17:01:31.0158 5484 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:01:31.0172 5484 PNRPsvc - ok
17:01:31.0213 5484 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:01:31.0234 5484 PolicyAgent - ok
17:01:31.0264 5484 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:01:31.0269 5484 PptpMiniport - ok
17:01:31.0295 5484 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
17:01:31.0301 5484 Processor - ok
17:01:31.0335 5484 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
17:01:31.0347 5484 ProfSvc - ok
17:01:31.0368 5484 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:01:31.0372 5484 ProtectedStorage - ok
17:01:31.0409 5484 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:01:31.0414 5484 PSched - ok
17:01:31.0439 5484 [ 633CC728D6493C4263368A86928B0BFD ] purendis C:\Windows\system32\DRIVERS\purendis.sys
17:01:31.0443 5484 purendis - ok
17:01:31.0479 5484 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
17:01:31.0485 5484 PxHelp20 - ok
17:01:31.0627 5484 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:01:31.0671 5484 ql2300 - ok
17:01:31.0697 5484 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:01:31.0714 5484 ql40xx - ok
17:01:31.0787 5484 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
17:01:31.0816 5484 QWAVE - ok
17:01:31.0831 5484 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:01:31.0836 5484 QWAVEdrv - ok
17:01:31.0870 5484 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:01:31.0880 5484 RasAcd - ok
17:01:31.0900 5484 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
17:01:31.0911 5484 RasAuto - ok
17:01:31.0942 5484 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:01:31.0948 5484 Rasl2tp - ok
17:01:31.0999 5484 [ AFB474438762F0418060653F7294D92C ] RasMan C:\Windows\System32\rasmans.dll
17:01:32.0014 5484 RasMan - ok
17:01:32.0042 5484 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:01:32.0047 5484 RasPppoe - ok
17:01:32.0061 5484 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:01:32.0067 5484 RasSstp - ok
17:01:32.0097 5484 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:01:32.0112 5484 rdbss - ok
17:01:32.0149 5484 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:01:32.0154 5484 RDPCDD - ok
17:01:32.0193 5484 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:01:32.0223 5484 rdpdr - ok
17:01:32.0232 5484 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:01:32.0238 5484 RDPENCDD - ok
17:01:32.0279 5484 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:01:32.0300 5484 RDPWD - ok
17:01:32.0348 5484 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
17:01:32.0352 5484 regi - ok
17:01:32.0451 5484 [ 7EEEEC28A34516E66137F355DCC15BDB ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:01:32.0667 5484 RegSrvc - ok
17:01:32.0709 5484 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:01:32.0718 5484 RemoteAccess - ok
17:01:32.0757 5484 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:01:32.0778 5484 RemoteRegistry - ok
17:01:32.0807 5484 [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:01:32.0816 5484 RFCOMM - ok
17:01:32.0838 5484 [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
17:01:32.0846 5484 rimsptsk - ok
17:01:32.0861 5484 [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys
17:01:32.0867 5484 risdptsk - ok
17:01:32.0900 5484 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
17:01:32.0908 5484 RpcLocator - ok
17:01:32.0947 5484 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
17:01:32.0960 5484 RpcSs - ok
17:01:32.0984 5484 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:01:32.0989 5484 rspndr - ok
17:01:33.0051 5484 [ 065A51298212455584F1811B033B617E ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
17:01:33.0122 5484 RTHDMIAzAudService - ok
17:01:33.0158 5484 [ DF1970AB067B4BA4221F0AD0AB9EBB30 ] RtkAudioService C:\Windows\RtkAudioService.exe
17:01:33.0240 5484 RtkAudioService - ok
17:01:33.0282 5484 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
17:01:33.0288 5484 SamSs - ok
17:01:33.0326 5484 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:01:33.0339 5484 sbp2port - ok
17:01:33.0398 5484 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:01:33.0409 5484 SCardSvr - ok
17:01:33.0503 5484 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
17:01:33.0525 5484 Schedule - ok
17:01:33.0558 5484 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
17:01:33.0561 5484 SCPolicySvc - ok
17:01:33.0615 5484 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:01:33.0621 5484 sdbus - ok
17:01:33.0638 5484 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:01:33.0660 5484 SDRSVC - ok
17:01:33.0676 5484 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:01:33.0681 5484 secdrv - ok
17:01:33.0713 5484 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
17:01:33.0722 5484 seclogon - ok
17:01:33.0756 5484 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
17:01:33.0765 5484 SENS - ok
17:01:33.0786 5484 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:01:33.0791 5484 Serenum - ok
17:01:33.0812 5484 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
17:01:33.0818 5484 Serial - ok
17:01:33.0854 5484 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:01:33.0868 5484 sermouse - ok
17:01:33.0916 5484 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
17:01:33.0940 5484 SessionEnv - ok
17:01:33.0976 5484 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
17:01:33.0991 5484 SFEP - ok
17:01:34.0011 5484 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:01:34.0016 5484 sffdisk - ok
17:01:34.0034 5484 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:01:34.0039 5484 sffp_mmc - ok
17:01:34.0061 5484 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:01:34.0066 5484 sffp_sd - ok
17:01:34.0092 5484 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:01:34.0103 5484 sfloppy - ok
17:01:34.0194 5484 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:01:34.0208 5484 SharedAccess - ok
17:01:34.0245 5484 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:01:34.0270 5484 ShellHWDetection - ok
17:01:34.0293 5484 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:01:34.0299 5484 sisagp - ok
17:01:34.0314 5484 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:01:34.0318 5484 SiSRaid2 - ok
17:01:34.0358 5484 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:01:34.0381 5484 SiSRaid4 - ok
17:01:34.0425 5484 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:01:34.0433 5484 SkypeUpdate - ok
17:01:34.0574 5484 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
17:01:34.0672 5484 slsvc - ok
17:01:34.0704 5484 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:01:34.0714 5484 SLUINotify - ok
17:01:34.0740 5484 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:01:34.0752 5484 Smb - ok
17:01:34.0808 5484 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:01:34.0817 5484 SNMPTRAP - ok
17:01:34.0854 5484 [ 1A9DD46C547646A54CDB4065C1996A07 ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
17:01:34.0860 5484 SOHCImp - ok
17:01:34.0921 5484 [ 2E1B0D8278BB616148DDCA13DAE87544 ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
17:01:34.0933 5484 SOHDms - ok
17:01:34.0956 5484 [ 892529EE03211C35AEA7132E119F4862 ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
17:01:34.0959 5484 SOHDs - ok
17:01:34.0993 5484 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
17:01:35.0010 5484 spldr - ok
17:01:35.0091 5484 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
17:01:35.0154 5484 Spooler - ok
17:01:35.0255 5484 [ D15DA1BA189770D93EEA2D7E18F95AF9 ] sptd C:\Windows\system32\Drivers\sptd.sys
17:01:35.0338 5484 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: D15DA1BA189770D93EEA2D7E18F95AF9
17:01:35.0341 5484 sptd ( LockedFile.Multi.Generic ) - warning
17:01:35.0341 5484 sptd - detected LockedFile.Multi.Generic (1)
17:01:35.0402 5484 [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
17:01:35.0516 5484 SPTISRV - ok
17:01:35.0569 5484 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:01:35.0595 5484 srv - ok
17:01:35.0651 5484 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:01:35.0681 5484 srv2 - ok
17:01:35.0705 5484 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:01:35.0713 5484 srvnet - ok
17:01:35.0770 5484 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:01:35.0787 5484 SSDPSRV - ok
17:01:35.0823 5484 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:01:35.0835 5484 SstpSvc - ok
17:01:35.0900 5484 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:01:35.0909 5484 ssudmdm - ok
17:01:35.0951 5484 [ 84F8C797F357D1A53794A12B7CD36AC4 ] ssudobex C:\Windows\system32\DRIVERS\ssudobex.sys
17:01:35.0959 5484 ssudobex - ok
17:01:36.0020 5484 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
17:01:36.0049 5484 stisvc - ok
17:01:36.0281 5484 [ 9A97B7024E2CA4D42046BF272997E14C ] SupportSoft RemoteAssist C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
17:01:36.0337 5484 SupportSoft RemoteAssist - ok
17:01:36.0402 5484 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:01:36.0416 5484 swenum - ok
17:01:36.0483 5484 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
17:01:36.0554 5484 swprv - ok
17:01:36.0572 5484 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:01:36.0577 5484 Symc8xx - ok
17:01:36.0618 5484 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:01:36.0623 5484 Sym_hi - ok
17:01:36.0637 5484 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:01:36.0645 5484 Sym_u3 - ok
17:01:36.0707 5484 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
17:01:36.0744 5484 SysMain - ok
17:01:36.0769 5484 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:01:36.0781 5484 TabletInputService - ok
17:01:36.0807 5484 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:01:36.0838 5484 TapiSrv - ok
17:01:36.0860 5484 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
17:01:36.0885 5484 TBS - ok
17:01:37.0040 5484 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:01:37.0083 5484 Tcpip - ok
17:01:37.0241 5484 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:01:37.0254 5484 Tcpip6 - ok
17:01:37.0304 5484 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:01:37.0309 5484 tcpipreg - ok
17:01:37.0331 5484 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:01:37.0336 5484 TDPIPE - ok
17:01:37.0360 5484 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:01:37.0375 5484 TDTCP - ok
17:01:37.0395 5484 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:01:37.0401 5484 tdx - ok
17:01:37.0414 5484 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:01:37.0419 5484 TermDD - ok
17:01:37.0482 5484 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
17:01:37.0511 5484 TermService - ok
17:01:37.0538 5484 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
17:01:37.0548 5484 Themes - ok
17:01:37.0574 5484 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
17:01:37.0578 5484 THREADORDER - ok
17:01:37.0686 5484 [ EFEF22B9577E5051057FDE1AE381B50C ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
17:01:37.0700 5484 TomTomHOMEService - ok
17:01:37.0729 5484 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
17:01:37.0747 5484 TrkWks - ok
17:01:37.0813 5484 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:01:37.0834 5484 TrustedInstaller - ok
17:01:37.0878 5484 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:01:37.0884 5484 tssecsrv - ok
17:01:37.0900 5484 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:01:37.0904 5484 tunmp - ok
17:01:37.0926 5484 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:01:37.0936 5484 tunnel - ok
17:01:37.0975 5484 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:01:37.0980 5484 uagp35 - ok
17:01:38.0036 5484 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
17:01:38.0042 5484 uCamMonitor - ok
17:01:38.0075 5484 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:01:38.0084 5484 udfs - ok
17:01:38.0116 5484 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:01:38.0136 5484 UI0Detect - ok
17:01:38.0146 5484 UIUSys - ok
17:01:38.0175 5484 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:01:38.0205 5484 uliagpkx - ok
17:01:38.0263 5484 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:01:38.0306 5484 uliahci - ok
17:01:38.0329 5484 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:01:38.0335 5484 UlSata - ok
17:01:38.0360 5484 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:01:38.0404 5484 ulsata2 - ok
17:01:38.0440 5484 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:01:38.0461 5484 umbus - ok
17:01:38.0499 5484 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
17:01:38.0522 5484 upnphost - ok
17:01:38.0568 5484 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:01:38.0589 5484 USBAAPL - ok
17:01:38.0649 5484 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:01:38.0657 5484 usbaudio - ok
17:01:38.0716 5484 [ A7CD5B4ADEA26765CAB06BDAB7B07B13 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:01:38.0723 5484 usbccgp - ok
17:01:38.0793 5484 [ 2825E0E294686A26506690059E1F437A ] USBCCID C:\Windows\system32\DRIVERS\usbccid.sys
17:01:38.0835 5484 USBCCID - ok
17:01:38.0861 5484 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:01:38.0882 5484 usbcir - ok
17:01:38.0916 5484 [ 686D4188AE36254C3008B71FEDACADF3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:01:38.0932 5484 usbehci - ok
17:01:38.0991 5484 [ 4E42F665A658F08D153F7FFFE7C83806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:01:39.0000 5484 usbhub - ok
17:01:39.0017 5484 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:01:39.0022 5484 usbohci - ok
17:01:39.0054 5484 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:01:39.0059 5484 usbprint - ok
17:01:39.0088 5484 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:01:39.0093 5484 usbscan - ok
17:01:39.0163 5484 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:01:39.0169 5484 USBSTOR - ok
17:01:39.0215 5484 [ 40F95A3D6D50D82F947F1D167C2EC39D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:01:39.0233 5484 usbuhci - ok
17:01:39.0272 5484 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:01:39.0280 5484 usbvideo - ok
17:01:39.0300 5484 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
17:01:39.0310 5484 UxSms - ok
17:01:39.0375 5484 [ 2C3DBB9B671AB95245DED1EFC5276CE9 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe
17:01:39.0384 5484 VAIO Event Service - ok
17:01:39.0485 5484 [ C1ED0F71D3B9EA8D774FC7C4CBF7EE7F ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
17:01:39.0552 5484 VAIO Power Management - ok
17:01:39.0632 5484 [ 7773EB681E99217FD92E5E8A5A199AE5 ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
17:01:39.0800 5484 VCFw - ok
17:01:39.0858 5484 [ 2686B87EDC54ED215CE479AC9B7675DE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
17:01:39.0871 5484 VcmIAlzMgr - ok
17:01:39.0914 5484 [ BB5781ED436D3E121F85617C3BBB7AD5 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
17:01:39.0920 5484 VcmXmlIfHelper - ok
17:01:39.0956 5484 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
17:01:39.0983 5484 vds - ok
17:01:40.0052 5484 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:01:40.0076 5484 vga - ok
17:01:40.0154 5484 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
17:01:40.0165 5484 VgaSave - ok
17:01:40.0207 5484 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:01:40.0212 5484 viaagp - ok
17:01:40.0259 5484 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:01:40.0265 5484 ViaC7 - ok
17:01:40.0312 5484 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
17:01:40.0316 5484 viaide - ok
17:01:40.0373 5484 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:01:40.0379 5484 volmgr - ok
17:01:40.0450 5484 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:01:40.0462 5484 volmgrx - ok
17:01:40.0524 5484 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:01:40.0553 5484 volsnap - ok
17:01:40.0585 5484 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:01:40.0592 5484 vsmraid - ok
17:01:40.0690 5484 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
17:01:40.0733 5484 VSS - ok
17:01:40.0850 5484 [ 416F115DC1003BB624D03E019C3D563D ] VUAgent C:\Program Files\sony\VAIO Update\VUAgent.exe
17:01:41.0064 5484 VUAgent - ok
17:01:41.0160 5484 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
17:01:41.0212 5484 W32Time - ok
17:01:41.0238 5484 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:01:41.0243 5484 WacomPen - ok
17:01:41.0261 5484 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:01:41.0267 5484 Wanarp - ok
17:01:41.0275 5484 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:01:41.0281 5484 Wanarpv6 - ok
17:01:41.0326 5484 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:01:41.0396 5484 wcncsvc - ok
17:01:41.0422 5484 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:01:41.0449 5484 WcsPlugInService - ok
17:01:41.0468 5484 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
17:01:41.0473 5484 Wd - ok
17:01:41.0503 5484 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:01:41.0547 5484 Wdf01000 - ok
17:01:41.0588 5484 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:01:41.0597 5484 WdiServiceHost - ok
17:01:41.0605 5484 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:01:41.0613 5484 WdiSystemHost - ok
17:01:41.0671 5484 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
17:01:41.0693 5484 WebClient - ok
17:01:41.0769 5484 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:01:41.0784 5484 Wecsvc - ok
17:01:41.0813 5484 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:01:41.0838 5484 wercplsupport - ok
17:01:41.0882 5484 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
17:01:41.0907 5484 WerSvc - ok
17:01:41.0965 5484 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
17:01:41.0973 5484 WimFltr - ok
17:01:42.0013 5484 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
17:01:42.0042 5484 winachsf - ok
17:01:42.0151 5484 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:01:42.0192 5484 WinDefend - ok
17:01:42.0206 5484 WinHttpAutoProxySvc - ok
17:01:42.0296 5484 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:01:42.0303 5484 Winmgmt - ok
17:01:42.0415 5484 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
17:01:42.0474 5484 WinRM - ok
17:01:42.0549 5484 [ F03110711B17AD31271CB2BAF0DBB2B1 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
17:01:42.0624 5484 WinUSB - ok
17:01:42.0687 5484 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:01:42.0732 5484 Wlansvc - ok
17:01:42.0882 5484 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:01:42.0953 5484 wlidsvc - ok
17:01:43.0031 5484 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:01:43.0036 5484 WmiAcpi - ok
17:01:43.0080 5484 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:01:43.0089 5484 wmiApSrv - ok
17:01:43.0255 5484 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:01:43.0285 5484 WMPNetworkSvc - ok
17:01:43.0333 5484 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:01:43.0347 5484 WPCSvc - ok
17:01:43.0380 5484 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:01:43.0401 5484 WPDBusEnum - ok
17:01:43.0477 5484 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:01:43.0498 5484 WpdUsb - ok
17:01:43.0749 5484 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:01:43.0771 5484 WPFFontCache_v0400 - ok
17:01:43.0801 5484 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:01:43.0815 5484 ws2ifsl - ok
17:01:43.0849 5484 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
17:01:43.0856 5484 wscsvc - ok
17:01:43.0865 5484 WSearch - ok
17:01:43.0966 5484 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
17:01:44.0051 5484 wuauserv - ok
17:01:44.0072 5484 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:01:44.0092 5484 WUDFRd - ok
17:01:44.0157 5484 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:01:44.0169 5484 wudfsvc - ok
17:01:44.0208 5484 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
17:01:44.0213 5484 XAudio - ok
17:01:44.0243 5484 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
17:01:44.0256 5484 XAudioService - ok
17:01:44.0304 5484 [ 67E3D2AF24C3873E6A0CAC89DE78D63B ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
17:01:44.0317 5484 yukonwlh - ok
17:01:44.0334 5484 ================ Scan global ===============================
17:01:44.0388 5484 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
17:01:44.0458 5484 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
17:01:44.0544 5484 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
17:01:44.0600 5484 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
17:01:44.0610 5484 [Global] - ok
17:01:44.0611 5484 ================ Scan MBR ==================================
17:01:44.0631 5484 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:01:45.0147 5484 \Device\Harddisk0\DR0 - ok
17:01:45.0148 5484 ================ Scan VBR ==================================
17:01:45.0160 5484 [ 1A3AA288306F95FEB2E7805ED918330D ] \Device\Harddisk0\DR0\Partition1
17:01:45.0164 5484 \Device\Harddisk0\DR0\Partition1 - ok
17:01:45.0186 5484 [ B49B14357609F57B5C894195D663F0BF ] \Device\Harddisk0\DR0\Partition2
17:01:45.0225 5484 \Device\Harddisk0\DR0\Partition2 - ok
17:01:45.0226 5484 ============================================================
17:01:45.0226 5484 Scan finished
17:01:45.0226 5484 ============================================================
17:01:45.0247 6848 Detected object count: 1
17:01:45.0247 6848 Actual detected object count: 1
17:03:59.0824 6848 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
17:03:59.0825 6848 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
17:03:59.0871 6848 HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted on reboot
17:03:59.0909 6848 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
17:03:59.0909 6848 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
17:04:09.0508 0940 Deinitialize success
17:12:03.0062 4288 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:12:03.0374 4288 ============================================================
17:12:03.0374 4288 Current date / time: 2013/01/15 17:12:03.0374
17:12:03.0374 4288 SystemInfo:
17:12:03.0374 4288
17:12:03.0374 4288 OS Version: 6.0.6001 ServicePack: 1.0
17:12:03.0374 4288 Product type: Workstation
17:12:03.0374 4288 ComputerName: PC_VAN_SONY
17:12:03.0374 4288 UserName: Sony
17:12:03.0374 4288 Windows directory: C:\Windows
17:12:03.0374 4288 System windows directory: C:\Windows
17:12:03.0374 4288 Processor architecture: Intel x86
17:12:03.0374 4288 Number of processors: 2
17:12:03.0374 4288 Page size: 0x1000
17:12:03.0374 4288 Boot type: Normal boot
17:12:03.0374 4288 ============================================================
17:12:10.0693 4288 BG loaded
17:12:12.0316 4288 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:12:12.0331 4288 ============================================================
17:12:12.0331 4288 \Device\Harddisk0\DR0:
17:12:12.0347 4288 MBR partitions:
17:12:12.0347 4288 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B54800, BlocksNum 0x1CD6682F
17:12:12.0347 4288 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E8BB800, BlocksNum 0x1BACA000
17:12:12.0347 4288 ============================================================
17:12:12.0440 4288 C: <-> \Device\Harddisk0\DR0\Partition1
17:12:12.0487 4288 D: <-> \Device\Harddisk0\DR0\Partition2
17:12:12.0487 4288 ============================================================
17:12:12.0487 4288 Initialize success
17:12:12.0487 4288 ============================================================
17:12:19.0882 4832 ============================================================
17:12:19.0882 4832 Scan started
17:12:19.0882 4832 Mode: Manual;
17:12:19.0882 4832 ============================================================
17:12:26.0237 4832 ================ Scan system memory ========================
17:12:26.0237 4832 System memory - ok
17:12:26.0237 4832 ================ Scan services =============================
17:12:26.0877 4832 [ 35F57598F0589FEB3C3ABC1621BF329F ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:12:26.0955 4832 ACDaemon - ok
17:12:27.0610 4832 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
17:12:27.0610 4832 ACPI - ok
17:12:27.0938 4832 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
17:12:27.0938 4832 AdobeActiveFileMonitor6.0 - ok
17:12:28.0140 4832 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:12:53.0288 4832 AdobeARMservice - ok
17:12:53.0802 4832 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:12:53.0927 4832 AdobeFlashPlayerUpdateSvc - ok
17:12:54.0099 4832 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:12:54.0302 4832 adp94xx - ok
17:12:54.0489 4832 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:12:54.0614 4832 adpahci - ok
17:12:54.0645 4832 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:12:54.0707 4832 adpu160m - ok
17:12:54.0738 4832 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:12:54.0770 4832 adpu320 - ok
17:12:54.0848 4832 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:12:58.0436 4832 AeLookupSvc - ok
17:12:59.0091 4832 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
17:12:59.0138 4832 AFD - ok
17:12:59.0231 4832 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:12:59.0356 4832 agp440 - ok
17:12:59.0730 4832 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:12:59.0871 4832 aic78xx - ok
17:12:59.0918 4832 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
17:12:59.0933 4832 ALG - ok
17:13:00.0011 4832 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
17:13:00.0058 4832 aliide - ok
17:13:00.0152 4832 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:13:00.0183 4832 amdagp - ok
17:13:00.0292 4832 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
17:13:00.0495 4832 amdide - ok
17:13:00.0651 4832 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:13:00.0807 4832 AmdK7 - ok
17:13:01.0056 4832 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:13:01.0259 4832 AmdK8 - ok
17:13:01.0540 4832 [ 9325E49D555D8F12CE1735227DBB3D80 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
17:13:01.0540 4832 ApfiltrService - ok
17:13:01.0649 4832 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
17:13:01.0649 4832 Appinfo - ok
17:13:01.0836 4832 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:13:01.0899 4832 Apple Mobile Device - ok
17:13:01.0946 4832 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
17:13:01.0961 4832 arc - ok
17:13:02.0055 4832 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:13:02.0148 4832 arcsas - ok
17:13:02.0195 4832 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
17:13:02.0211 4832 ArcSoftKsUFilter - ok
17:13:02.0616 4832 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:13:02.0632 4832 aspnet_state - ok
17:13:02.0694 4832 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:13:02.0726 4832 AsyncMac - ok
17:13:02.0772 4832 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
17:13:02.0866 4832 atapi - ok
17:13:03.0194 4832 [ 6455100A6CDB1DEDC551E12FD41BC519 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
17:13:03.0209 4832 Ati External Event Utility - ok
17:13:04.0348 4832 [ 9F66D1BA97911731133E46212539A08D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:13:04.0426 4832 atikmdag - ok
17:13:04.0722 4832 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:13:04.0722 4832 AudioEndpointBuilder - ok
17:13:04.0754 4832 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:13:04.0754 4832 Audiosrv - ok
17:13:04.0988 4832 [ C4D15594DB5BE042D3346EA58DF87D89 ] avg9wd C:\Program Files\AVG\AVG9\avgwdsvc.exe
17:13:04.0988 4832 avg9wd - ok
17:13:05.0081 4832 [ A9F4D19DE72C738759330D10D35C4398 ] AvgLdx86 C:\Windows\System32\Drivers\avgldx86.sys
17:13:05.0081 4832 AvgLdx86 - ok
17:13:05.0159 4832 [ 80FF2B1B7EEDA966394F0BAA895BBF4B ] AvgMfx86 C:\Windows\System32\Drivers\avgmfx86.sys
17:13:05.0159 4832 AvgMfx86 - ok
17:13:05.0237 4832 [ 9A7A93388F503A34E7339AE7F9997449 ] AvgTdiX C:\Windows\System32\Drivers\avgtdix.sys
17:13:05.0237 4832 AvgTdiX - ok
17:13:05.0346 4832 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
17:13:05.0362 4832 Beep - ok
17:13:05.0487 4832 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
17:13:05.0487 4832 BFE - ok
17:13:05.0612 4832 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
17:13:05.0627 4832 BITS - ok
17:13:05.0674 4832 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:13:05.0690 4832 blbdrive - ok
17:13:05.0846 4832 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:13:05.0846 4832 Bonjour Service - ok
17:13:05.0924 4832 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:13:05.0924 4832 bowser - ok
17:13:06.0017 4832 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:13:06.0033 4832 BrFiltLo - ok
17:13:06.0095 4832 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:13:06.0111 4832 BrFiltUp - ok
17:13:06.0158 4832 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
17:13:06.0158 4832 Browser - ok
17:13:06.0236 4832 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:13:06.0267 4832 Brserid - ok
17:13:06.0314 4832 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:13:06.0329 4832 BrSerWdm - ok
17:13:06.0392 4832 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:13:06.0407 4832 BrUsbMdm - ok
17:13:06.0454 4832 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:13:06.0470 4832 BrUsbSer - ok
17:13:06.0548 4832 [ AE19CFBBBA41800F3D5343E21D2CA09F ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:13:06.0579 4832 BthEnum - ok
17:13:06.0657 4832 [ 5FFA6988FF9597986FF2ADA736CC90C0 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:13:06.0688 4832 BTHMODEM - ok
17:13:06.0750 4832 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:13:06.0766 4832 BthPan - ok
17:13:06.0984 4832 [ 75F19DF0BC62992D05FDD8A32D968531 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:13:07.0125 4832 BTHPORT - ok
17:13:07.0296 4832 [ FC930B47A83F5F61DFADC64A0719DE43 ] BthServ C:\Windows\System32\bthserv.dll
17:13:07.0296 4832 BthServ - ok
17:13:07.0374 4832 [ 4CE2A25C5936BC515357D60FEE73F221 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:13:07.0374 4832 BTHUSB - ok
17:13:07.0562 4832 [ 14164C0CFD9D5A2704FDAB93A9688630 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:13:07.0608 4832 btwaudio - ok
17:13:07.0702 4832 [ 94DC6E5F3F532C5054F078D845714129 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
17:13:07.0733 4832 btwavdt - ok
17:13:08.0045 4832 [ C832A3622A35CA7C595EA8CA385BA813 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
17:13:08.0061 4832 btwdins - ok
17:13:08.0123 4832 [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
17:13:08.0123 4832 btwl2cap - ok
17:13:08.0248 4832 [ 61E29BA977B972C9BAA847CC11D48C3D ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:13:08.0248 4832 btwrchid - ok
17:13:08.0310 4832 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:13:08.0310 4832 cdfs - ok
17:13:08.0357 4832 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:13:08.0357 4832 cdrom - ok
17:13:08.0435 4832 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
17:13:08.0435 4832 CertPropSvc - ok
17:13:08.0466 4832 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
17:13:08.0498 4832 circlass - ok
17:13:08.0560 4832 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
17:13:08.0560 4832 CLFS - ok
17:13:08.0607 4832 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:13:08.0685 4832 clr_optimization_v2.0.50727_32 - ok
17:13:09.0075 4832 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:13:09.0262 4832 clr_optimization_v4.0.30319_32 - ok
17:13:09.0402 4832 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:13:09.0402 4832 CmBatt - ok
17:13:09.0449 4832 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:13:09.0449 4832 cmdide - ok
17:13:09.0512 4832 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:13:09.0543 4832 Compbatt - ok
17:13:09.0558 4832 COMSysApp - ok
17:13:09.0574 4832 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:13:09.0590 4832 crcdisk - ok
17:13:09.0621 4832 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:13:09.0636 4832 Crusoe - ok
17:13:09.0714 4832 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:13:09.0714 4832 CryptSvc - ok
17:13:09.0792 4832 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:13:09.0808 4832 DcomLaunch - ok
17:13:09.0855 4832 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:13:09.0855 4832 DfsC - ok
17:13:10.0058 4832 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
17:13:10.0276 4832 DFSR - ok
17:13:10.0354 4832 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:13:10.0354 4832 dg_ssudbus - ok
17:13:10.0448 4832 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:13:10.0448 4832 Dhcp - ok
17:13:10.0541 4832 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
17:13:10.0541 4832 disk - ok
17:13:10.0604 4832 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
17:13:10.0604 4832 DMICall - ok
17:13:10.0666 4832 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:13:10.0682 4832 Dnscache - ok
17:13:10.0775 4832 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
17:13:10.0791 4832 dot3svc - ok
17:13:10.0884 4832 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
17:13:10.0900 4832 DPS - ok
17:13:10.0962 4832 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:13:10.0978 4832 drmkaud - ok
17:13:11.0118 4832 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:13:11.0118 4832 DXGKrnl - ok
17:13:11.0196 4832 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:13:11.0274 4832 E1G60 - ok
17:13:11.0321 4832 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
17:13:11.0337 4832 EapHost - ok
17:13:11.0477 4832 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
17:13:11.0524 4832 Ecache - ok
17:13:11.0789 4832 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:13:11.0805 4832 ehRecvr - ok
17:13:11.0867 4832 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
17:13:11.0867 4832 ehSched - ok
17:13:11.0914 4832 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
17:13:11.0914 4832 ehstart - ok
17:13:12.0008 4832 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:13:12.0179 4832 elxstor - ok
17:13:12.0288 4832 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:13:12.0288 4832 EMDMgmt - ok
17:13:12.0351 4832 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:13:12.0398 4832 ErrDev - ok
17:13:12.0507 4832 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
17:13:12.0507 4832 EventSystem - ok
17:13:12.0710 4832 [ BA6063E3375F9BC11A9C8450A7F61E70 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:13:12.0725 4832 EvtEng - ok
17:13:12.0788 4832 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
17:13:12.0819 4832 exfat - ok
17:13:12.0866 4832 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:13:12.0881 4832 fastfat - ok
17:13:12.0959 4832 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:13:12.0975 4832 fdc - ok
17:13:13.0006 4832 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
17:13:13.0006 4832 fdPHost - ok
17:13:13.0023 4832 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
17:13:13.0023 4832 FDResPub - ok
17:13:13.0085 4832 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:13:13.0101 4832 FileInfo - ok
17:13:13.0132 4832 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:13:13.0147 4832 Filetrace - ok
17:13:13.0288 4832 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:13:13.0537 4832 FLEXnet Licensing Service - ok
17:13:13.0584 4832 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:13:13.0584 4832 flpydisk - ok
17:13:13.0647 4832 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:13:13.0647 4832 FltMgr - ok
17:13:13.0740 4832 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:13:13.0740 4832 FontCache3.0.0.0 - ok
17:13:13.0771 4832 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:13:13.0771 4832 Fs_Rec - ok
17:13:13.0849 4832 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:13:13.0881 4832 gagp30kx - ok
17:13:13.0927 4832 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
17:13:13.0927 4832 GEARAspiWDM - ok
17:13:14.0099 4832 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
17:13:14.0099 4832 GoogleDesktopManager-051210-111108 - ok
17:13:14.0177 4832 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
17:13:14.0193 4832 gpsvc - ok
17:13:14.0271 4832 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:13:14.0271 4832 gupdate - ok
17:13:14.0286 4832 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:13:14.0302 4832 gupdatem - ok
17:13:14.0411 4832 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:13:14.0458 4832 gusvc - ok
17:13:14.0598 4832 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:13:14.0645 4832 HdAudAddService - ok
17:13:14.0692 4832 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:13:14.0692 4832 HDAudBus - ok
17:13:14.0723 4832 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:13:14.0739 4832 HidBth - ok
17:13:14.0801 4832 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
17:13:14.0801 4832 HidIr - ok
17:13:14.0879 4832 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
17:13:14.0879 4832 hidserv - ok
17:13:14.0926 4832 [ E2B5BD48AFCC0F0974FB44641B223250 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:13:14.0926 4832 HidUsb - ok
17:13:14.0973 4832 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:13:14.0988 4832 hkmsvc - ok
17:13:15.0097 4832 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:13:15.0113 4832 HpCISSs - ok
17:13:15.0160 4832 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:13:15.0175 4832 HSFHWAZL - ok
17:13:15.0316 4832 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
17:13:15.0331 4832 HSF_DPV - ok
17:13:15.0394 4832 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
17:13:15.0394 4832 HSXHWAZL - ok
17:13:15.0487 4832 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:13:15.0487 4832 HTTP - ok
17:13:15.0534 4832 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:13:15.0550 4832 i2omp - ok
17:13:15.0643 4832 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:13:15.0659 4832 i8042prt - ok
17:13:15.0753 4832 [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:13:15.0753 4832 iaStor - ok
17:13:15.0784 4832 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:13:15.0877 4832 iaStorV - ok
17:13:16.0033 4832 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:13:16.0080 4832 IDriverT - ok
17:13:16.0189 4832 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:13:16.0314 4832 idsvc - ok
17:13:16.0361 4832 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:13:16.0361 4832 iirsp - ok
17:13:16.0455 4832 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
17:13:16.0470 4832 IKEEXT - ok
17:13:16.0689 4832 [ 4A0F260DF9A5333C07F4AB40CA9D4F4B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:13:16.0767 4832 IntcAzAudAddService - ok
17:13:16.0829 4832 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
17:13:16.0829 4832 intelide - ok
17:13:16.0891 4832 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:13:16.0891 4832 intelppm - ok
17:13:16.0938 4832 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:13:16.0954 4832 IPBusEnum - ok
17:13:17.0063 4832 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:13:17.0079 4832 IpFilterDriver - ok
17:13:17.0157 4832 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:13:17.0157 4832 iphlpsvc - ok
17:13:17.0172 4832 IpInIp - ok
17:13:17.0203 4832 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:13:17.0219 4832 IPMIDRV - ok
17:13:17.0250 4832 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:13:17.0266 4832 IPNAT - ok
17:13:17.0391 4832 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:13:17.0453 4832 iPod Service - ok
17:13:17.0469 4832 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:13:17.0484 4832 IRENUM - ok
17:13:17.0515 4832 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:13:17.0531 4832 isapnp - ok
17:13:17.0593 4832 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:13:17.0609 4832 iScsiPrt - ok
17:13:17.0640 4832 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:13:17.0640 4832 iteatapi - ok
17:13:17.0703 4832 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:13:17.0718 4832 iteraid - ok
17:13:17.0749 4832 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
17:13:17.0749 4832 IviRegMgr - ok
17:13:17.0812 4832 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:13:17.0827 4832 kbdclass - ok
17:13:17.0859 4832 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:13:17.0859 4832 kbdhid - ok
17:13:17.0921 4832 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
17:13:17.0921 4832 KeyIso - ok
17:13:17.0968 4832 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:13:18.0030 4832 KSecDD - ok
17:13:18.0093 4832 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:13:18.0155 4832 KtmRm - ok
17:13:18.0217 4832 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:13:18.0217 4832 LanmanServer - ok
17:13:18.0311 4832 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:13:18.0311 4832 LanmanWorkstation - ok
17:13:19.0153 4832 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
17:13:19.0153 4832 LinksysUpdater - ok
17:13:19.0372 4832 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:13:19.0372 4832 lltdio - ok
17:13:20.0994 4832 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:13:21.0057 4832 lltdsvc - ok
17:13:22.0882 4832 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:13:22.0882 4832 lmhosts - ok
17:13:24.0692 4832 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:13:24.0817 4832 LSI_FC - ok
17:13:29.0653 4832 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:13:29.0700 4832 LSI_SAS - ok
17:13:31.0447 4832 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:13:31.0510 4832 LSI_SCSI - ok
17:13:33.0210 4832 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
17:13:33.0210 4832 luafv - ok
17:13:34.0146 4832 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:13:34.0224 4832 Mcx2Svc - ok
17:13:34.0895 4832 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:13:34.0895 4832 mdmxsdk - ok
17:13:35.0316 4832 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
17:13:35.0316 4832 megasas - ok
17:13:35.0581 4832 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
17:13:35.0659 4832 MegaSR - ok
17:13:35.0831 4832 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
17:13:35.0831 4832 MMCSS - ok
17:13:36.0174 4832 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
17:13:36.0174 4832 Modem - ok
17:13:36.0408 4832 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:13:36.0408 4832 monitor - ok
17:13:36.0580 4832 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:13:36.0595 4832 mouclass - ok
17:13:36.0782 4832 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:13:36.0798 4832 mouhid - ok
17:13:36.0985 4832 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:13:36.0985 4832 MountMgr - ok
17:13:37.0328 4832 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:13:37.0360 4832 MozillaMaintenance - ok
17:13:37.0625 4832 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
17:13:37.0640 4832 mpio - ok
17:13:38.0717 4832 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:13:38.0717 4832 mpsdrv - ok
17:13:40.0152 4832 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
17:13:40.0168 4832 MpsSvc - ok
17:13:41.0540 4832 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:13:41.0603 4832 Mraid35x - ok
17:13:41.0650 4832 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:13:41.0650 4832 MRxDAV - ok
17:13:41.0728 4832 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:13:41.0728 4832 mrxsmb - ok
17:13:41.0806 4832 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:13:41.0806 4832 mrxsmb10 - ok
17:13:42.0040 4832 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:13:42.0040 4832 mrxsmb20 - ok
17:13:42.0164 4832 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
17:13:42.0242 4832 msahci - ok
17:13:42.0648 4832 [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
17:13:42.0788 4832 MSCSPTISRV - ok
17:13:42.0835 4832 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:13:42.0898 4832 msdsm - ok
17:13:42.0960 4832 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
17:13:43.0085 4832 MSDTC - ok
17:13:43.0506 4832 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:13:43.0506 4832 Msfs - ok
17:13:43.0568 4832 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:13:43.0646 4832 msisadrv - ok
17:13:43.0771 4832 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:13:43.0849 4832 MSiSCSI - ok
17:13:43.0880 4832 msiserver - ok
17:13:44.0068 4832 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:13:44.0099 4832 MSKSSRV - ok
17:13:44.0270 4832 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:13:44.0395 4832 MSPCLOCK - ok
17:13:44.0816 4832 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:13:44.0863 4832 MSPQM - ok
17:13:44.0910 4832 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:13:45.0206 4832 MsRPC - ok
17:13:45.0238 4832 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:13:45.0238 4832 mssmbios - ok
17:13:45.0284 4832 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:13:45.0331 4832 MSTEE - ok
17:13:45.0362 4832 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
17:13:45.0362 4832 Mup - ok
17:13:45.0487 4832 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
17:13:45.0487 4832 napagent - ok
17:13:45.0550 4832 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:13:45.0550 4832 NativeWifiP - ok
17:13:45.0690 4832 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:13:45.0908 4832 NDIS - ok
17:13:45.0940 4832 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:13:45.0955 4832 NdisTapi - ok
17:13:46.0018 4832 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:13:46.0018 4832 Ndisuio - ok
17:13:46.0080 4832 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:13:46.0080 4832 NdisWan - ok
17:13:46.0111 4832 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:13:46.0111 4832 NDProxy - ok
17:13:46.0205 4832 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:13:46.0205 4832 NetBIOS - ok
17:13:46.0267 4832 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:13:46.0283 4832 netbt - ok
17:13:46.0314 4832 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
17:13:46.0314 4832 Netlogon - ok
17:13:46.0408 4832 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
17:13:46.0423 4832 Netman - ok
17:13:46.0501 4832 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
17:13:46.0517 4832 netprofm - ok
17:13:46.0564 4832 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:13:46.0610 4832 NetTcpPortSharing - ok
17:13:47.0000 4832 [ BA420E8EBFCAD35581FE8E4C64F71469 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
17:13:47.0110 4832 NETw5v32 - ok
17:13:47.0203 4832 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:13:47.0203 4832 nfrd960 - ok
17:13:47.0406 4832 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:13:47.0406 4832 NlaSvc - ok
17:13:47.0484 4832 [ BF9E505065040D05F35F551A72100EF5 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
17:13:47.0500 4832 nlsX86cc - ok
17:13:47.0702 4832 [ 82C5A813E8EA7E94DC1AFA24CD803B80 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
17:13:47.0718 4832 nmservice - ok
17:13:47.0749 4832 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:13:47.0765 4832 Npfs - ok
17:13:47.0812 4832 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
17:13:47.0827 4832 nsi - ok
17:13:47.0843 4832 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:13:47.0858 4832 nsiproxy - ok
17:13:48.0030 4832 [ B30F5C423B45A6668EADAD883678E2D0 ] NSUService C:\Program Files\sony\Network Utility\NSUService.exe
17:13:48.0030 4832 NSUService - ok
17:13:48.0264 4832 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:13:48.0701 4832 Ntfs - ok
17:13:48.0779 4832 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:13:48.0779 4832 ntrigdigi - ok
17:13:48.0841 4832 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
17:13:48.0841 4832 Null - ok
17:13:48.0966 4832 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:13:48.0997 4832 nvraid - ok
17:13:49.0091 4832 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:13:49.0169 4832 nvstor - ok
17:13:49.0216 4832 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:13:49.0231 4832 nv_agp - ok
17:13:49.0278 4832 NwlnkFlt - ok
17:13:49.0294 4832 NwlnkFwd - ok
17:13:49.0496 4832 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:13:49.0652 4832 odserv - ok
17:13:49.0684 4832 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:13:49.0684 4832 ohci1394 - ok
17:13:49.0949 4832 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:13:50.0027 4832 ose - ok
17:13:50.0245 4832 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:13:50.0261 4832 p2pimsvc - ok
17:13:50.0666 4832 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
17:13:50.0682 4832 p2psvc - ok
17:13:50.0807 4832 [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
17:13:50.0838 4832 PACSPTISVR - ok
17:13:50.0916 4832 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
17:13:50.0916 4832 Parport - ok
17:13:50.0963 4832 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:13:50.0995 4832 partmgr - ok
17:13:51.0026 4832 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:13:51.0057 4832 Parvdm - ok
17:13:51.0182 4832 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
17:13:51.0182 4832 PcaSvc - ok
17:13:51.0245 4832 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
17:13:51.0245 4832 pci - ok
17:13:51.0291 4832 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
17:13:51.0307 4832 pciide - ok
17:13:51.0338 4832 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:13:51.0494 4832 pcmcia - ok
17:13:51.0541 4832 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
17:13:51.0666 4832 pcouffin - ok
17:13:51.0822 4832 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:13:51.0837 4832 PEAUTH - ok
17:13:52.0165 4832 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
17:13:52.0212 4832 pla - ok
17:13:52.0290 4832 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:13:52.0305 4832 PlugPlay - ok
17:13:52.0383 4832 [ B63A3AE87ED0AC525B3AA88B39608BFC ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
17:13:52.0383 4832 pnarp - ok
17:13:52.0586 4832 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:13:52.0602 4832 PNRPAutoReg - ok
17:13:52.0758 4832 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:13:52.0758 4832 PNRPsvc - ok
17:13:52.0851 4832 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:13:52.0851 4832 PolicyAgent - ok
17:13:52.0992 4832 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:13:52.0992 4832 PptpMiniport - ok
17:13:53.0039 4832 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
17:13:53.0070 4832 Processor - ok
17:13:53.0132 4832 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
17:13:53.0148 4832 ProfSvc - ok
17:13:53.0210 4832 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:13:53.0226 4832 ProtectedStorage - ok
17:13:53.0257 4832 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:13:53.0257 4832 PSched - ok
17:13:53.0319 4832 [ 633CC728D6493C4263368A86928B0BFD ] purendis C:\Windows\system32\DRIVERS\purendis.sys
17:13:53.0319 4832 purendis - ok
17:13:53.0382 4832 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
17:13:53.0413 4832 PxHelp20 - ok
17:13:53.0585 4832 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:13:53.0756 4832 ql2300 - ok
17:13:53.0834 4832 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:13:53.0850 4832 ql40xx - ok
17:13:53.0990 4832 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
17:13:54.0006 4832 QWAVE - ok
17:13:54.0053 4832 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:13:54.0053 4832 QWAVEdrv - ok
17:13:54.0100 4832 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:13:54.0116 4832 RasAcd - ok
17:13:54.0163 4832 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
17:13:54.0178 4832 RasAuto - ok
17:13:54.0210 4832 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:13:54.0210 4832 Rasl2tp - ok
17:13:54.0319 4832 [ AFB474438762F0418060653F7294D92C ] RasMan C:\Windows\System32\rasmans.dll
17:13:54.0319 4832 RasMan - ok
17:13:54.0366 4832 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:13:54.0490 4832 RasPppoe - ok
17:13:54.0537 4832 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:13:54.0553 4832 RasSstp - ok
17:13:54.0631 4832 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:13:54.0646 4832 rdbss - ok
17:13:54.0678 4832 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:13:54.0693 4832 RDPCDD - ok
17:13:54.0771 4832 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:13:54.0834 4832 rdpdr - ok
17:13:54.0865 4832 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:13:54.0865 4832 RDPENCDD - ok
17:13:55.0036 4832 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:13:55.0224 4832 RDPWD - ok
17:13:55.0458 4832 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
17:13:55.0458 4832 regi - ok
17:13:56.0331 4832 [ 7EEEEC28A34516E66137F355DCC15BDB ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:13:56.0331 4832 RegSrvc - ok
17:13:56.0440 4832 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:13:56.0456 4832 RemoteAccess - ok
17:13:56.0518 4832 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:13:56.0534 4832 RemoteRegistry - ok
17:13:56.0690 4832 [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:13:56.0955 4832 RFCOMM - ok
17:13:57.0033 4832 [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
17:13:57.0986 4832 rimsptsk - ok
17:13:58.0048 4832 [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys
17:13:58.0064 4832 risdptsk - ok
17:13:58.0126 4832 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
17:13:58.0126 4832 RpcLocator - ok
17:13:58.0298 4832 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
17:13:58.0313 4832 RpcSs - ok
17:13:58.0423 4832 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:13:58.0423 4832 rspndr - ok
17:13:58.0657 4832 [ 065A51298212455584F1811B033B617E ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
17:13:58.0703 4832 RTHDMIAzAudService - ok
17:13:58.0828 4832 [ DF1970AB067B4BA4221F0AD0AB9EBB30 ] RtkAudioService C:\Windows\RtkAudioService.exe
17:13:58.0828 4832 RtkAudioService - ok
17:13:58.0906 4832 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
17:13:58.0906 4832 SamSs - ok
17:13:59.0015 4832 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:13:59.0078 4832 sbp2port - ok
17:13:59.0218 4832 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:13:59.0234 4832 SCardSvr - ok
17:13:59.0437 4832 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
17:13:59.0452 4832 Schedule - ok
17:13:59.0515 4832 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
17:13:59.0515 4832 SCPolicySvc - ok
17:13:59.0686 4832 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:13:59.0764 4832 sdbus - ok
17:13:59.0811 4832 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:13:59.0827 4832 SDRSVC - ok
17:14:00.0014 4832 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:14:00.0014 4832 secdrv - ok
17:14:00.0123 4832 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
17:14:00.0123 4832 seclogon - ok
17:14:00.0154 4832 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
17:14:00.0154 4832 SENS - ok
17:14:00.0201 4832 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:14:00.0232 4832 Serenum - ok
17:14:00.0295 4832 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
17:14:00.0310 4832 Serial - ok
17:14:00.0373 4832 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:14:00.0404 4832 sermouse - ok
17:14:00.0513 4832 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
17:14:00.0513 4832 SessionEnv - ok
17:14:00.0638 4832 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
17:14:00.0685 4832 SFEP - ok
17:14:00.0747 4832 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:14:00.0778 4832 sffdisk - ok
17:14:00.0903 4832 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:14:00.0934 4832 sffp_mmc - ok
17:14:00.0965 4832 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:14:01.0043 4832 sffp_sd - ok
17:14:01.0059 4832 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:14:01.0199 4832 sfloppy - ok
17:14:01.0309 4832 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:14:01.0340 4832 SharedAccess - ok
17:14:01.0496 4832 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:14:01.0511 4832 ShellHWDetection - ok
17:14:01.0558 4832 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:14:01.0621 4832 sisagp - ok
17:14:01.0667 4832 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:14:01.0667 4832 SiSRaid2 - ok
17:14:01.0714 4832 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:14:01.0730 4832 SiSRaid4 - ok
17:14:01.0855 4832 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:14:01.0855 4832 SkypeUpdate - ok
17:14:02.0057 4832 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
17:14:02.0104 4832 slsvc - ok
17:14:02.0151 4832 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:14:02.0167 4832 SLUINotify - ok
17:14:02.0182 4832 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:14:02.0198 4832 Smb - ok
17:14:02.0229 4832 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:14:02.0229 4832 SNMPTRAP - ok
17:14:02.0276 4832 [ 1A9DD46C547646A54CDB4065C1996A07 ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
17:14:02.0276 4832 SOHCImp - ok
17:14:02.0338 4832 [ 2E1B0D8278BB616148DDCA13DAE87544 ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
17:14:02.0354 4832 SOHDms - ok
17:14:02.0369 4832 [ 892529EE03211C35AEA7132E119F4862 ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
17:14:02.0369 4832 SOHDs - ok
17:14:02.0401 4832 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
17:14:02.0416 4832 spldr - ok
17:14:02.0479 4832 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
17:14:02.0494 4832 Spooler - ok
17:14:02.0572 4832 [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
17:14:02.0650 4832 SPTISRV - ok
17:14:02.0853 4832 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:14:02.0853 4832 srv - ok
17:14:03.0025 4832 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:14:03.0025 4832 srv2 - ok
17:14:03.0227 4832 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:14:03.0227 4832 srvnet - ok
17:14:03.0305 4832 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:14:03.0321 4832 SSDPSRV - ok
17:14:03.0368 4832 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:14:03.0383 4832 SstpSvc - ok
17:14:03.0477 4832 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:14:03.0524 4832 ssudmdm - ok
17:14:03.0649 4832 [ 84F8C797F357D1A53794A12B7CD36AC4 ] ssudobex C:\Windows\system32\DRIVERS\ssudobex.sys
17:14:03.0976 4832 ssudobex - ok
17:14:04.0117 4832 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
17:14:04.0132 4832 stisvc - ok
17:14:04.0663 4832 [ 9A97B7024E2CA4D42046BF272997E14C ] SupportSoft RemoteAssist C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
17:14:04.0663 4832 SupportSoft RemoteAssist - ok
17:14:04.0709 4832 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:14:04.0709 4832 swenum - ok
17:14:04.0756 4832 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
17:14:04.0772 4832 swprv - ok
17:14:04.0803 4832 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:14:04.0819 4832 Symc8xx - ok
17:14:04.0865 4832 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:14:04.0881 4832 Sym_hi - ok
17:14:04.0928 4832 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:14:04.0959 4832 Sym_u3 - ok
17:14:05.0006 4832 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
17:14:05.0021 4832 SysMain - ok
17:14:05.0084 4832 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:14:05.0084 4832 TabletInputService - ok
17:14:05.0146 4832 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:14:05.0146 4832 TapiSrv - ok
17:14:05.0209 4832 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
17:14:05.0224 4832 TBS - ok
17:14:05.0411 4832 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:14:05.0427 4832 Tcpip - ok
17:14:05.0567 4832 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:14:05.0583 4832 Tcpip6 - ok
17:14:05.0630 4832 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:14:05.0630 4832 tcpipreg - ok
17:14:05.0661 4832 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:14:05.0661 4832 TDPIPE - ok
17:14:05.0708 4832 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:14:05.0739 4832 TDTCP - ok
17:14:05.0770 4832 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:14:05.0770 4832 tdx - ok
17:14:05.0926 4832 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:14:05.0957 4832 TermDD - ok
17:14:06.0067 4832 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
17:14:06.0067 4832 TermService - ok
17:14:06.0129 4832 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
17:14:06.0129 4832 Themes - ok
17:14:06.0301 4832 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
17:14:06.0301 4832 THREADORDER - ok
17:14:06.0441 4832 [ EFEF22B9577E5051057FDE1AE381B50C ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
17:14:06.0441 4832 TomTomHOMEService - ok
17:14:06.0503 4832 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
17:14:06.0519 4832 TrkWks - ok
17:14:06.0628 4832 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:14:06.0628 4832 TrustedInstaller - ok
17:14:06.0691 4832 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:14:06.0722 4832 tssecsrv - ok
17:14:06.0753 4832 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:14:06.0753 4832 tunmp - ok
17:14:06.0784 4832 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:14:06.0831 4832 tunnel - ok
17:14:06.0878 4832 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:14:06.0925 4832 uagp35 - ok
17:14:07.0003 4832 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
17:14:07.0003 4832 uCamMonitor - ok
17:14:07.0143 4832 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:14:07.0315 4832 udfs - ok
17:14:07.0377 4832 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:14:07.0393 4832 UI0Detect - ok
17:14:07.0408 4832 UIUSys - ok
17:14:07.0455 4832 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:14:07.0471 4832 uliagpkx - ok
17:14:07.0533 4832 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:14:07.0580 4832 uliahci - ok
17:14:07.0627 4832 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:14:07.0658 4832 UlSata - ok
17:14:07.0689 4832 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:14:07.0720 4832 ulsata2 - ok
17:14:07.0767 4832 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:14:07.0767 4832 umbus - ok
17:14:07.0814 4832 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
17:14:07.0829 4832 upnphost - ok
17:14:07.0954 4832 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:14:07.0954 4832 USBAAPL - ok
17:14:08.0063 4832 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:14:08.0079 4832 usbaudio - ok
17:14:08.0126 4832 [ A7CD5B4ADEA26765CAB06BDAB7B07B13 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:14:08.0126 4832 usbccgp - ok
17:14:08.0204 4832 [ 2825E0E294686A26506690059E1F437A ] USBCCID C:\Windows\system32\DRIVERS\usbccid.sys
17:14:08.0282 4832 USBCCID - ok
17:14:08.0329 4832 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:14:08.0329 4832 usbcir - ok
17:14:08.0375 4832 [ 686D4188AE36254C3008B71FEDACADF3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:14:08.0391 4832 usbehci - ok
17:14:08.0453 4832 [ 4E42F665A658F08D153F7FFFE7C83806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:14:08.0453 4832 usbhub - ok
17:14:08.0485 4832 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:14:08.0500 4832 usbohci - ok
17:14:08.0547 4832 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:14:08.0563 4832 usbprint - ok
17:14:08.0625 4832 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:14:08.0656 4832 usbscan - ok
17:14:08.0719 4832 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:14:08.0719 4832 USBSTOR - ok
17:14:08.0765 4832 [ 40F95A3D6D50D82F947F1D167C2EC39D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:14:08.0765 4832 usbuhci - ok
17:14:08.0812 4832 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:14:08.0812 4832 usbvideo - ok
17:14:08.0843 4832 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
17:14:08.0859 4832 UxSms - ok
17:14:08.0906 4832 [ 2C3DBB9B671AB95245DED1EFC5276CE9 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe
17:14:08.0921 4832 VAIO Event Service - ok
17:14:08.0999 4832 [ C1ED0F71D3B9EA8D774FC7C4CBF7EE7F ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
17:14:09.0031 4832 VAIO Power Management - ok
17:14:09.0140 4832 [ 7773EB681E99217FD92E5E8A5A199AE5 ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
17:14:09.0140 4832 VCFw - ok
17:14:09.0202 4832 [ 2686B87EDC54ED215CE479AC9B7675DE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
17:14:09.0218 4832 VcmIAlzMgr - ok
17:14:09.0265 4832 [ BB5781ED436D3E121F85617C3BBB7AD5 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
17:14:09.0280 4832 VcmXmlIfHelper - ok
17:14:09.0343 4832 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
17:14:09.0343 4832 vds - ok
17:14:09.0389 4832 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:14:09.0405 4832 vga - ok
17:14:09.0452 4832 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
17:14:09.0452 4832 VgaSave - ok
17:14:09.0467 4832 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:14:09.0483 4832 viaagp - ok
17:14:09.0514 4832 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:14:09.0545 4832 ViaC7 - ok
17:14:09.0577 4832 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
17:14:09.0592 4832 viaide - ok
17:14:09.0608 4832 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:14:09.0623 4832 volmgr - ok
17:14:09.0670 4832 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:14:09.0701 4832 volmgrx - ok
17:14:09.0779 4832 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:14:09.0795 4832 volsnap - ok
17:14:09.0842 4832 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:14:09.0857 4832 vsmraid - ok
17:14:09.0967 4832 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
17:14:09.0998 4832 VSS - ok
17:14:10.0247 4832 [ 416F115DC1003BB624D03E019C3D563D ] VUAgent C:\Program Files\sony\VAIO Update\VUAgent.exe
17:14:10.0263 4832 VUAgent - ok
17:14:10.0372 4832 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
17:14:10.0372 4832 W32Time - ok
17:14:10.0419 4832 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:14:10.0497 4832 WacomPen - ok
17:14:10.0544 4832 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:14:10.0544 4832 Wanarp - ok
17:14:10.0559 4832 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:14:10.0559 4832 Wanarpv6 - ok
17:14:10.0622 4832 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:14:10.0637 4832 wcncsvc - ok
17:14:10.0653 4832 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:14:10.0669 4832 WcsPlugInService - ok
17:14:10.0700 4832 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
17:14:10.0715 4832 Wd - ok
17:14:10.0762 4832 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:14:10.0809 4832 Wdf01000 - ok
17:14:10.0856 4832 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:14:10.0871 4832 WdiServiceHost - ok
17:14:10.0887 4832 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:14:10.0887 4832 WdiSystemHost - ok
17:14:11.0199 4832 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
17:14:11.0199 4832 WebClient - ok
17:14:11.0386 4832 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:14:11.0386 4832 Wecsvc - ok
17:14:11.0542 4832 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:14:11.0542 4832 wercplsupport - ok
17:14:11.0620 4832 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
17:14:11.0636 4832 WerSvc - ok
17:14:11.0729 4832 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
17:14:11.0792 4832 WimFltr - ok
17:14:12.0041 4832 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
17:14:12.0057 4832 winachsf - ok
17:14:12.0509 4832 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:14:12.0525 4832 WinDefend - ok
17:14:12.0525 4832 WinHttpAutoProxySvc - ok
17:14:13.0102 4832 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:14:13.0102 4832 Winmgmt - ok
17:14:13.0601 4832 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
17:14:13.0633 4832 WinRM - ok
17:14:13.0757 4832 [ F03110711B17AD31271CB2BAF0DBB2B1 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
17:14:13.0789 4832 WinUSB - ok
17:14:14.0023 4832 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:14:14.0038 4832 Wlansvc - ok
17:14:14.0771 4832 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:14:14.0787 4832 wlidsvc - ok
17:14:14.0912 4832 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:14:14.0912 4832 WmiAcpi - ok
17:14:15.0099 4832 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:14:15.0161 4832 wmiApSrv - ok
17:14:15.0692 4832 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:14:15.0707 4832 WMPNetworkSvc - ok
17:14:15.0832 4832 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:14:15.0848 4832 WPCSvc - ok
17:14:15.0988 4832 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:14:15.0988 4832 WPDBusEnum - ok
17:14:16.0269 4832 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:14:16.0348 4832 WpdUsb - ok
17:14:16.0722 4832 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:14:16.0738 4832 WPFFontCache_v0400 - ok
17:14:16.0800 4832 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:14:16.0832 4832 ws2ifsl - ok
17:14:16.0910 4832 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
17:14:16.0925 4832 wscsvc - ok
17:14:16.0925 4832 WSearch - ok
17:14:17.0378 4832 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
17:14:17.0409 4832 wuauserv - ok
17:14:17.0502 4832 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:14:17.0502 4832 WUDFRd - ok
17:14:17.0580 4832 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:14:17.0580 4832 wudfsvc - ok
17:14:17.0658 4832 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
17:14:17.0658 4832 XAudio - ok
17:14:17.0768 4832 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
17:14:17.0768 4832 XAudioService - ok
17:14:17.0970 4832 [ 67E3D2AF24C3873E6A0CAC89DE78D63B ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
17:14:17.0970 4832 yukonwlh - ok
17:14:18.0017 4832 ================ Scan global ===============================
17:14:18.0111 4832 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
17:14:18.0282 4832 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
17:14:18.0360 4832 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
17:14:18.0579 4832 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
17:14:18.0594 4832 [Global] - ok
17:14:18.0594 4832 ================ Scan MBR ==================================
17:14:18.0657 4832 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:14:20.0811 4832 \Device\Harddisk0\DR0 - ok
17:14:20.0826 4832 ================ Scan VBR ==================================
17:14:20.0873 4832 [ 1A3AA288306F95FEB2E7805ED918330D ] \Device\Harddisk0\DR0\Partition1
17:14:20.0873 4832 \Device\Harddisk0\DR0\Partition1 - ok
17:14:20.0904 4832 [ B49B14357609F57B5C894195D663F0BF ] \Device\Harddisk0\DR0\Partition2
17:14:20.0951 4832 \Device\Harddisk0\DR0\Partition2 - ok
17:14:20.0951 4832 ============================================================
17:14:20.0951 4832 Scan finished
17:14:20.0951 4832 ============================================================
17:14:20.0967 4756 Detected object count: 0
17:14:20.0967 4756 Actual detected object count: 0
17:20:13.0193 3244 Deinitialize success
-
Sorry voor de late reactie maar het was een heel avontuur om de voorgaande instructies uit te voeren. Deze laptop heeft na iedere muisklik 5 minuten nodig om te reageren. Maar er is al heel wat opgeruimd, hier zijn de logjes:
Malwarebytes Anti-Malware 1.70.0.1100
Malwarebytes : Free anti-malware download
Databaseversie: v2013.01.14.09
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
Sony :: PC_VAN_SONY [administrator]
14/01/2013 19:40:55
mbam-log-2013-01-14 (19-40-55).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 238266
Verstreken tijd: 22 minuut/minuten, 40 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 9
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 16
C:\Users\Sony\AppData\Local\Temp\~TM47FA.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\~TM48A6.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\~TM517C.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\~TM6C0.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\~TM7486.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\~TM94B3.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\~TMA511.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\~TMB68.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\~TMC1D5.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\~TMECCA.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\~TMF652.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\Temp1_WAV.MP3.Converter.v3.9.zip\rEdpAtChEr.exe (PUP.Hacktool.Patcher) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\Temp2_WAV.MP3.Converter.v3.9.zip\rEdpAtChEr.exe (PUP.Hacktool.Patcher) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\Temp3_WAV.MP3.Converter.v3.9.zip\rEdpAtChEr.exe (PUP.Hacktool.Patcher) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Local\Temp\Temp4_WAV.MP3.Converter.v3.9.zip\rEdpAtChEr.exe (PUP.Hacktool.Patcher) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Sony\AppData\Roaming\igxpgd32.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:16, on 14/01/2013
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\sony\Marketing Tools\MarketingTools.exe
C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\sony\VAIO Media plus\VMpTtray.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\sony\Network Utility\LANUtil.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\KiesAirMessage.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\System32\wsqmcons.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sony: Community: Welcome to the Sony Community for Computing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sony: Community: Welcome to the Sony Community for Computing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [startCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized
O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe InitApp
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [VMpTtray.exe] C:\Program Files\sony\VAIO Media plus\VMpTtray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Audio Filter.lnk = C:\Program Files\sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - User Startup: Dropbox.lnk = Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - User Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\Users\Sony\DOCUME~1\School\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\sony\VAIO Update\VUAgent.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 16723 bytes
Laptop opschonen
in Archief Bestrijding malware & virussen
Geplaatst:
Ja ik heb 2 geheugenstickjes gekocht. Ik ga er mij komend weekend mee bezighouden.
Bedankt voor de hulp