Ga naar inhoud

hendrikd

Lid
  • Items

    38
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door hendrikd

  1. ik had online gezocht naar mogelijkheden om dit op te lossen. Oa dus hier gevonden "opstarten en shift toets ingedrukt houden" maar dit haalde niets uit. Na het opstarten via de usb-stick kreeg ik eerst de mogelijkheid om "probleem op te lossen". Dit geprobeerd maar hielp dus niet. Daarna de mogelijkheid geprobeerd om Windows opnieuw te installeren met behoud van bestanden enz. Daarop kwam de melding dat dit ook niet lukte waarna 'k gewoon W10 opnieuw geïnstalleerd heb. Maar na de installatie bleek dat alle documenten, afbeeldingen, ... bewaard gebleven zijn.
  2. Had in de bios blijkbaar het verkeerde usb-station bovenaan geplaatst. Nu met het andere station en de usb-stick W10 opnieuw kunnen installeren. Oef!
  3. met Mediacreationtool W10 op usb-stick geplaatst en proberen op te starten via die stick (na aanpassing bios) maar ook geen resultaat ...
  4. Laptop met Windows 10 en verjaardagsupdate. Systeemherstel geactiveerd. Gisterenavond systeemherstel willen uitvoeren, intussen met andere zaken bezig geweest en als 'k terug ging kijken, stond enkel de muisaanwijzer op 't scherm met een draaiend cirkeltje dat nu en dan versprong. Vanmorgen was de laptop vanzelf in slaapstand gegaan maar als 'k hem terug aanzette, nog altijd zelfde scherm. Uitgedaan, opnieuw opgestart: logo van Packard Bell en van Windows 10 verschijnen, daarna "Even geduld" en dan terug muisaanwijzer ... Geprobeerd met opnieuw opstarten met de shift-toets ingedrukt: geen resultaat. Iemand enig idee wat 'k nog kan proberen?
  5. eigenaardig ... hele dag weer traag inladen van pagina's in Chrome. Net nog eens opnieuw opgestart (zonder anders iets veranderd te hebben) en nu gaat het precies wat vlotter. In elk geval, hartelijk dank voor de hulp!
  6. amai van geduldig afwachten gesproken ! En jammer dat oa de extensie van Chrome verwijderd is die 'k gebruikte bij een nieuwe tab ... zoek-results.txt
  7. Vandaag werkt Chrome opvallend traag. Intussen AdwCleaner en Malwarebytes Antimalware laten draaien. Ook Rsit hier gevonden en log staat hierbij. Kan ik nog iets "opruimen"? Dank je wel en vriendelijke groeten. log.txt
  8. Als ik in de oude versie van Google Maps een routebeschrijving maak, de link kopieer naar bv een Word-document en daarna terug op die link klik dan opent gewoon een algmene kaart. Dus zonder de gemaakte route ... Tot voor kort was dit geen probleem, wat kan de oorzaak zijn? (Als 'k de link gewoon kopieer en plak in de browser lukt het wel.)
  9. OK, CCleaner gebruik 'k al jaren regelmatig. Heel veel dank!
  10. # AdwCleaner v3.018 - Report created 01/02/2014 at 10:08:47 # Updated 28/01/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Hendrik - HENDRIK-LAPTOP # Running from : C:\Users\Hendrik\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKCU\Software\anchorfree Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\Software\smartbar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\PIP ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v26.0 (nl) [ File : C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\bhb1zl6r.default\prefs.js ] Line Deleted : user_pref("browser.startup.homepage", "hxxps://mail.google.com/mail/u/0/?shva=1#inbox"); -\\ Google Chrome v32.0.1700.102 [ File : C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1814 octets] - [01/02/2014 10:05:04] AdwCleaner[s0].txt - [1589 octets] - [01/02/2014 10:08:47] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1649 octets] ##########
  11. Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Hendrik on vr 31/01/2014 at 21:16:35,08. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hendrik\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-31-125429.log 437 bytes C:\zoek-results2014-01-31-160759.log 36742 bytes ==== Deleting Files \ Folders ====================== C:\Windows\SysNative\tasks\{4185EE75-E4C7-4233-AA57-E7EDB97F5860} deleted C:\Windows\SysNative\tasks\{4F496252-F4C9-4106-A959-64146F53F52B} deleted C:\Windows\SysNative\tasks\{57B76FA6-9C99-4DFE-B312-821621DE86D7} deleted C:\Windows\SysNative\tasks\{8A2A25A0-5226-4422-9915-B7556B7EABFD} deleted C:\Windows\SysNative\tasks\{D41CBA3A-66F3-4A33-AA80-D0DD81A560CA} deleted C:\Windows\SysNative\tasks\{FCD8829B-DD4C-4C34-A800-D7802777874A} deleted ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== C:\zoek_backup content ====================== C:\zoek_backup (files=569 folders=105 39945221 bytes) ==== EOF on vr 31/01/2014 at 21:26:05,32 ======================
  12. Probleem is blijkbaar opgelost! Dank je wel voor de snelle reacties .
  13. Heb pc heropgestart, zoek.exe opnieuw uitgevoerd en nu liep het duidelijk wel verder . Log: Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Hendrik on vr 31/01/2014 at 16:39:53,44. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hendrik\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-01-31-125429.log 437 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\FileStream deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Notificatoin deleted successfully C:\Program Files\log deleted successfully C:\ProgramData\Oracle deleted successfully C:\Users\Hendrik\AppData\Roaming\BitTorrent deleted successfully C:\Users\Hendrik\AppData\Roaming\Lite deleted successfully C:\Users\Hendrik\AppData\Roaming\TP deleted successfully C:\Users\Hendrik\AppData\Local\calibre-cache deleted successfully C:\Users\Hendrik\AppData\Local\ms-drivers deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA5A2A9E-DF07-4a8e-B423-BC5CD4D1880C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssTrayService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HssTrayService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hshld deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA5A2A9E-DF07-4a8e-B423-BC5CD4D1880C}] ==== Deleting Files \ Folders ====================== C:\ProgramData\eSellerate deleted C:\Users\Hendrik\AppData\Roaming\BitLord deleted C:\Users\Hendrik\AppData\Roaming\Hotspot Shield deleted C:\Users\Hendrik\AppData\Roaming\GetRightToGo deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield deleted C:\Windows\wininit.ini deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\bhb1zl6r.default\jetpack deleted C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\bhb1zl6r.default\extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1} deleted "C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\bhb1zl6r.default\searchplugins\duckduckgo.xml" deleted "C:\PROGRA~2\Hotspot Shield\bin\af_proxy.dll" deleted "C:\PROGRA~2\Hotspot Shield\bin\HSSCP.exe" deleted "C:\PROGRA~2\Hotspot Shield\bin\zlib1.dll" deleted "C:\PROGRA~2\Hotspot Shield\bin\lang\gui-eng.dll" deleted "C:\PROGRA~2\Hotspot Shield" deleted "C:\ProgramData\Hotspot Shield" deleted "C:\PROGRA~2\Hotspot Shield\bin" deleted "C:\PROGRA~2\Hotspot Shield\bin\lang" deleted "C:\ProgramData\Hotspot Shield\config" deleted "C:\ProgramData\Hotspot Shield\config\hsspx" deleted ==== Folders Found In C:\Users\Hendrik\AppData\Roaming\Tyre ====================== 2013-09-06 15:51:44 dc----w- C:\Users\Hendrik\AppData\Roaming\Tyre\BMW 2013-09-06 15:51:44 dc----w- C:\Users\Hendrik\AppData\Roaming\Tyre\DPTracks 2013-09-06 15:51:44 dc----w- C:\Users\Hendrik\AppData\Roaming\Tyre\TomTom 2013-09-06 15:52:36 dc----w- C:\Users\Hendrik\AppData\Roaming\Tyre\Tip ==== Files Found In C:\Users\Hendrik\AppData\Roaming\Tyre ====================== 2006-12-01 08:13:48 40960 -c--a-w- FF4139F975A27DBCA2D41F4A2C1ED432 C:\Users\Hendrik\AppData\Roaming\Tyre\appstop.exe 2008-05-20 13:13:38 7823 -c--a-w- ADD667817F25BCE331A213AB3CC9621F C:\Users\Hendrik\AppData\Roaming\Tyre\loading.gif 2009-05-18 12:58:16 11 -c--a-w- 7918F9D419B1D3556FF8F4EB582DECA1 C:\Users\Hendrik\AppData\Roaming\Tyre\UTF8Code.txt 2010-01-11 12:38:48 16950 -c--a-w- F42547446D1F2A1D2A15F43281090B7A C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_dir.tdf 2010-11-01 15:18:12 61894 -c--a-w- 4EC7117AFEF1A2F5A7BE2DECB354FC7F C:\Users\Hendrik\AppData\Roaming\Tyre\bmw.png 2010-11-15 13:58:34 1171 -c--a-w- ED5968A370527FB4C8A1550547AA220D C:\Users\Hendrik\AppData\Roaming\Tyre\Ergens op aarde.itn 2011-05-20 11:12:26 373 -c--a-w- 0A3CF848C902D45E8500B9E585603177 C:\Users\Hendrik\AppData\Roaming\Tyre\Languages.tdf 2011-11-07 10:21:08 3097 -c--a-w- 8C5148195CE547A60431A3E306C5CA43 C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_lib.html 2011-11-07 10:25:04 2675 -c--a-w- 19B3643BD2741DCE5829B867C3D034FD C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_st.html 2011-11-07 10:25:36 3326 -c--a-w- 0B84381DEFE5275407EF650DFF283DE2 C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_sv.html 2012-04-10 13:39:44 7513 -c--a-w- E0C32D2F723BAE5988682F0F79923567 C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_wp_2.tdf 2012-04-10 13:40:36 3774 -c--a-w- 45F0325E5C04B8B29D5DF8B3B258EA00 C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_wp_1.tdf 2012-04-17 06:29:06 708 -c--a-w- 6F597231B742B25EF79990428BD61A2C C:\Users\Hendrik\AppData\Roaming\Tyre\pois.txt 2012-09-25 14:17:08 10461 -c--a-w- 8442126CAC57C559B18ABC1A1B461C22 C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_names.html 2012-11-09 15:22:00 41472 -c--a-w- 17C2E4281FADD04771695A94FB82D878 C:\Users\Hendrik\AppData\Roaming\Tyre\gpx2itn.exe 2012-12-07 20:13:58 21614 -c--a-w- 7A6DE14707F04C13B8CD220774137593 C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_routes.html 2012-12-07 20:39:26 32848 -c--a-w- 5AF59B371D9D085B4BE8EFCE80697EE2 C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_libs.html 2012-12-07 21:18:28 7930 -c--a-w- 8FB8CF14D2C99AACEE73D630464A61C6 C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_optwp.html 2012-12-07 21:24:04 6143 -c--a-w- 05D79BFECB12FB915980E7F294ECF4C8 C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_optwp_calc.html 2013-02-26 11:19:48 12579 -c--a-w- C2E75E99C9AF805110D71307EC5F0B87 C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_tracks.html 2013-06-24 19:54:40 124572 -c--a-w- DB14B8924FE69A55B19588A67E5C387A C:\Users\Hendrik\AppData\Roaming\Tyre\Tyre_6.tdf 2013-07-19 08:05:12 38420 -c--a-w- 0B90EE9243833FCF4DAA3A48CA3CD796 C:\Users\Hendrik\AppData\Roaming\Tyre\English.gtl 2013-07-19 08:07:44 41360 -c--a-w- FCF5A5CE105238909CF5D0140D962756 C:\Users\Hendrik\AppData\Roaming\Tyre\Frysk.gtl 2013-07-19 08:09:26 39816 -c--a-w- 53B248D7D8A78CFA5DF7EE63AAE0FA73 C:\Users\Hendrik\AppData\Roaming\Tyre\Catala.gtl 2013-07-19 08:10:26 41788 -c--a-w- 1DA8B4C4325F401A035C7B476F2894F9 C:\Users\Hendrik\AppData\Roaming\Tyre\Espanol.gtl 2013-07-19 08:10:38 43208 -c--a-w- F85658498699BA67A064FE28FEA8EC66 C:\Users\Hendrik\AppData\Roaming\Tyre\Francais.gtl 2013-07-19 08:11:42 40975 -c--a-w- 88848B0217F32DA3991EE19ADD853F53 C:\Users\Hendrik\AppData\Roaming\Tyre\Portugues.gtl 2013-07-19 08:14:52 39729 -c--a-w- 2A303192AE972684D662AD0F36E9DBF8 C:\Users\Hendrik\AppData\Roaming\Tyre\Cestina.gtl 2013-07-19 08:15:28 38834 -c--a-w- 3F902E53EFCFA13F822049E6EE223B26 C:\Users\Hendrik\AppData\Roaming\Tyre\Dansk.gtl 2013-07-19 08:15:46 42007 -c--a-w- 5D8119559DDBB04772F20227BFBEA8DE C:\Users\Hendrik\AppData\Roaming\Tyre\Deutsch.gtl 2013-07-19 08:16:26 42095 -c--a-w- 3D48311E1865B9C5AC56C70070E4DB6D C:\Users\Hendrik\AppData\Roaming\Tyre\Italiano.gtl 2013-07-19 08:16:50 38495 -c--a-w- 2C7464483F082EF2A641D1864F534E75 C:\Users\Hendrik\AppData\Roaming\Tyre\Norsk.gtl 2013-07-19 08:18:36 60461 -c--a-w- E5E9AF6D475839C5F457598BD79CF458 C:\Users\Hendrik\AppData\Roaming\Tyre\Russian.gtl 2013-07-19 08:19:02 39661 -c--a-w- BBDB16E3043FC6617C33E4F441A4EE23 C:\Users\Hendrik\AppData\Roaming\Tyre\Polski.gtl 2013-07-19 08:19:30 35777 -c--a-w- 7E8310C94DC6BDBC8F2A2F1C4A01C4ED C:\Users\Hendrik\AppData\Roaming\Tyre\Simplified Chinese.gtl 2013-07-19 08:19:56 38769 -c--a-w- 918DAF111749A0189D316879A15C3426 C:\Users\Hendrik\AppData\Roaming\Tyre\Suomi.gtl 2013-07-19 08:20:16 40045 -c--a-w- 1F45F982A57606EDC9C52C5C8D923AAA C:\Users\Hendrik\AppData\Roaming\Tyre\Svenska.gtl 2013-07-19 08:20:36 35782 -c--a-w- BCC5D91CA741773F18F2A41AD13C7BF4 C:\Users\Hendrik\AppData\Roaming\Tyre\Traditional Chinese.gtl 2013-07-19 08:21:02 39439 -c--a-w- B798B9AB7ED048F50BFA256213A25716 C:\Users\Hendrik\AppData\Roaming\Tyre\Turkce.gtl 2013-08-01 08:37:52 41982 -c--a-w- 9F1C581D5850978CA2575DBE867D96BF C:\Users\Hendrik\AppData\Roaming\Tyre\Nederlands.gtl 2013-09-06 15:51:53 2584148 -c--a-w- 08C57DA8CDB05CDC80DD20D97D50C675 C:\Users\Hendrik\AppData\Roaming\Tyre\TyreSetup.exe 2013-09-06 15:52:35 15 -c--a-w- AD4410705C973EF1D2B699A3C0D0CEB6 C:\Users\Hendrik\AppData\Roaming\Tyre\Default.tfl 2013-09-06 15:52:35 15 -c--a-w- AD4410705C973EF1D2B699A3C0D0CEB6 C:\Users\Hendrik\AppData\Roaming\Tyre\favorites.txt 2014-01-25 15:39:56 1816 -c--a-w- 701705F335C3AF4318F86FAFD9F93D87 C:\Users\Hendrik\AppData\Roaming\Tyre\MessageToUsers.html ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Hendrik\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-01-30 22:24:39 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-01-15 09:26:46 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys 2014-01-15 09:26:46 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-01-15 09:26:46 17C6B51CBCCDED95B3CC14E22791F85E 57856 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2014-01-15 09:22:16 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2014-01-15 09:22:16 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2014-01-15 09:22:16 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2014-01-15 09:22:16 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2014-01-15 09:22:16 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2014-01-15 09:22:16 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2014-01-15 09:22:16 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2014-01-15 09:22:15 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-31 09:50:50 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-01-13 16:55:36 -------- d-----w- C:\PROGRA~2\BlueStacks 2014-01-02 17:12:05 -------- d-----w- C:\PROGRA~2\InternetCalls.com ======= C: ===== ====== C:\Users\Hendrik\AppData\Roaming ====== 2014-01-02 17:12:14 -------- dc----w- C:\Users\Hendrik\AppData\Roaming\InternetCalls ====== C:\Users\Hendrik ====== 2014-01-31 09:50:20 662C39FC1E27131551D557862CEC47F0 935175 -c--a-w- C:\Users\Hendrik\Downloads\RSITx64.exe 2014-01-30 22:23:52 683FDD3D773C58B262DC07CD0C6CE938 10285040 -c--a-w- C:\Users\Hendrik\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-26 22:23:04 22557C4952C896BFD1028A82FFEAEC48 2546497 -c--a-w- C:\Users\Hendrik\Downloads\PoiEdit2007-2-NLD.exe 2014-01-21 20:05:28 -------- dc----r- C:\Users\Hendrik\Music 2014-01-15 18:37:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-01-13 16:55:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-01-13 16:16:47 -------- dc----w- C:\Users\Hendrik\decrypt 2014-01-02 17:12:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetCalls ====== C: exe-files == 2014-01-31 10:09:43 3F05C52C278B707C16652E648A57902E 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1191951822-230774151-2282679725-1000\$IH0JXNB.exe 2014-01-31 09:50:51 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Hendrik.exe 2014-01-31 09:50:20 662C39FC1E27131551D557862CEC47F0 935175 -c--a-w- C:\Users\Hendrik\Downloads\RSITx64.exe 2014-01-30 22:23:52 683FDD3D773C58B262DC07CD0C6CE938 10285040 -c--a-w- C:\Users\Hendrik\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-29 17:18:13 95538B9357EE263A75A3349550974262 364288 -c--a-w- C:\Users\Hendrik\AppData\Local\NVIDIA\NvBackend\Packages\0000577a\updatus.17734322_RUNASUSER.exe 2014-01-29 17:17:58 F1F92AD02D1B24779EDB2B9D99EB7450 3193160 -c--a-w- C:\Users\Hendrik\AppData\Local\NVIDIA\NvBackend\Packages\00005773\dao.17731592.exe 2014-01-29 09:22:06 BD556495B9E1E00A2A55D4E6131C2EA0 981160 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_32.0.1700.76_chrome_updater.exe 2014-01-28 19:07:07 9769BD78485E5C4F8AD5CAB3B1F8A029 32710608 -c--a-w- C:\Users\Hendrik\AppData\Roaming\Spotify\Spotify_new.exe 2014-01-27 15:09:52 6226A8E84105B0B90EF8946FD60FF03F 8257536 -c--a-w- C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOHAP8XW\SpotifyFullSetup[1].exe 2014-01-26 22:23:04 22557C4952C896BFD1028A82FFEAEC48 2546497 -c--a-w- C:\Users\Hendrik\Downloads\PoiEdit2007-2-NLD.exe === C: other files == 2014-01-31 09:39:47 F93171B9F1DD602A6676DA5AE350DB7B 103 -c--a-w- C:\Users\Hendrik\AppData\Local\Temp\utt1D21.tmp.bat 2014-01-30 22:24:39 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-01-30 21:19:59 75EC11CC5F3F039E81113ABFB908110E 536213 ----a-w- C:\Users\Hendrik\Downloads\Tor Browser\FirefoxPortable\Data\profile\extensions\staged\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"="C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1191951822-230774151-2282679725-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"="C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" "GoogleChromeAutoLaunch_5AE393E819AF6946586466E0F295AD2F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Spotify Web Helper"="C:\Users\Hendrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "InternetCalls"="C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe -nosplash -minimized" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"="C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"="C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" "GoogleChromeAutoLaunch_5AE393E819AF6946586466E0F295AD2F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Spotify Web Helper"="C:\Users\Hendrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "InternetCalls"="C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe -nosplash -minimized" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BackupManagerTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\NewTech Infosystems\\Packard Bell MyBackup\\BackupManagerTray.exe\" -h -k" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BitTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Hendrik\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Hendrik\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_5AE393E819AF6946586466E0F295AD2F] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleChromeAutoLaunch_5AE393E819AF6946586466E0F295AD2F" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleDriveSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleDriveSync" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\Drive\\googledrivesync.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MozyHome Status.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\MozyHome Status.lnk" "backup"="C:\\Windows\\pss\\MozyHome Status.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\MozyHome\\mozystat.exe " "item"="MozyHome Status" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Hendrik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stickies.lnk] "path"="C:\\Users\\Hendrik\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Stickies.lnk" "backup"="C:\\Windows\\pss\\Stickies.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\Stickies\\stickies.exe " "item"="Stickies" ==== Startup Folders ====================== 2013-06-20 20:35:15 1069 -c--a-w- C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/04/2013 06:05] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/04/2013 06:05] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1191951822-230774151-2282679725-1000Core.job --a------ C:\Users\Hendrik\AppData\Local\Google\Update\GoogleUpdate.exe [02/05/2013 16:39] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1191951822-230774151-2282679725-1000UA.job --a------ C:\Users\Hendrik\AppData\Local\Google\Update\GoogleUpdate.exe [02/05/2013 16:39] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Hendrik-laptop-Hendrik" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1191951822-230774151-2282679725-1000Core" [C:\Users\Hendrik\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1191951822-230774151-2282679725-1000UA" [C:\Users\Hendrik\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Open URL by RoboForm" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNJMJHMJMOMHMLJMMCNIMPMOMJJCNLMOMPMNMCNOJOMKMLJCNMJJMPMLJOMHMHMNMGMPMNJLJJNJICMIMCNGMCNNMFMGMCNOMPMCNGMNMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMIJAJLILJOMFMOMIMHMJNHICMMJBJKJLIMJJNBJCMHLKJBJLJNIGJEJJNKJCMJNNICMJNDJCMBJDJ"] "C:\Windows\SysNative\tasks\Run RoboForm TaskBar Icon" [C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe] "C:\Windows\SysNative\tasks\{4185EE75-E4C7-4233-AA57-E7EDB97F5860}" [C:\Users\Hendrik\Downloads\Spotify Installer.exe] "C:\Windows\SysNative\tasks\{4F496252-F4C9-4106-A959-64146F53F52B}" [C:\Users\Hendrik\AppData\Roaming\Spotify\spotify.exe] "C:\Windows\SysNative\tasks\{57B76FA6-9C99-4DFE-B312-821621DE86D7}" [C:\Users\Hendrik\Downloads\SpotifySetup.exe] "C:\Windows\SysNative\tasks\{867C6285-A589-469F-8CF2-8FACB16A8CCC}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{8A2A25A0-5226-4422-9915-B7556B7EABFD}" [C:\Users\Hendrik\Downloads\Spotify Installer.exe] "C:\Windows\SysNative\tasks\{D41CBA3A-66F3-4A33-AA80-D0DD81A560CA}" [C:\Users\Hendrik\Downloads\SpotifySetup.exe] "C:\Windows\SysNative\tasks\{FCD8829B-DD4C-4C34-A800-D7802777874A}" [C:\Users\Hendrik\Downloads\SpotifySetup.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{22119944-ED35-4ab1-910B-E619EA06A115}"="C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox" [21/10/2013 10:17] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\bhb1zl6r.default - Deutsches Wrterbuch erweitert fr sterreich - %ProfilePath%\extensions\de-AT@dictionaries.addons.mozilla.org - DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com - Dictionnaires franais - %ProfilePath%\extensions\fr-dicollecte@dictionaries.addons.mozilla.org - EPUBReader - %ProfilePath%\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi - AutoCopy 2 - %ProfilePath%\extensions\autocopy2@teo.pl.xpi - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - Gmelius - %ProfilePath%\extensions\gmailadsremover@florian.bersier.xpi - ahsweN Forum Smiley - %ProfilePath%\extensions\info@ahswen.com.xpi - Lightbeam - %ProfilePath%\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi - cleanr Videos for YouTube - %ProfilePath%\extensions\jid1-rVWl1u7MJL7d2g@jetpack.xpi - Deutsch DE Language Pack - %ProfilePath%\extensions\langpack-de@firefox.mozilla.org.xpi - Ecosia - The search engine that plants trees em:descriptionEcosia is a search engine that donates 80 of its income to a tree planting program in Brazil. By searching with Ecosia you can help the environment for free - %ProfilePath%\extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Hotspot Shield Extension - %AppDir%\browser\extensions\afext@anchorfree.com - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\bhb1zl6r.default 2557FBC582910A71CDEB0F22886D118D - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash C36444D7301A8C881FC7296B092609C7 - C:\Users\Hendrik\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update 68BCBB241EF254BC5100D9E6C06ECC71 - C:\Users\Hendrik\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator 99FE6AFE80EB7FE3EEB75DC504A326A3 - C:\Users\Hendrik\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer AF42019A3B0EDBFA6878F75B9377A792 - C:\Users\Hendrik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin ==== Deleted Firefox Extensions ====================== C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com deleted ==== Chrome Look ====================== Google Docs - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Open with Office Web Apps Viewer - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcknfcclbcpdeopdopomkdbjmldgdeld Sothink Flash Downloader for Chrome - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\biceobciobbhhkplgocbaigojbnepcoi YouTube - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo HelloFax 50 Free Fax Pages - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm Last updated at time on date - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Ecosia - The search engine that plants trees - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clellnciejhoedgepbdilbkdkaoecgpc Google Search - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Free Smileys & Emoticons - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eadohofilecbkoopckifdpenihdpdbfm Gmail Offline - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk DoNotTrackMe Online Privacy Protection - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd Free Smileys Emoticons - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl Hola Better Internet - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio ProxMate - Proxy on steroids - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm BitTorrent Surf (Beta) - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibpbofogepkkeoockhkfcgngjkimndlp The Great Suspender - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg Video Downloader - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp Google Wallet - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl deleted successfully C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fjbbjfdilbioabojmcplalojlmdngbjl_0.localstorage deleted successfully C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fjbbjfdilbioabojmcplalojlmdngbjl_0.localstorage-journal deleted successfully C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fjbbjfdilbioabojmcplalojlmdngbjl deleted successfully C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eadohofilecbkoopckifdpenihdpdbfm deleted successfully C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp deleted successfully C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage deleted successfully C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://packardbell.msn.com/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://packardbell.msn.com/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {E653FCC0-8214-4D64-84DE-880B9B40BDC5} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HotspotShield deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4A17X4RH will be deleted at reboot C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOHAP8XW will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Hendrik\AppData\Local\Mozilla\Firefox\Profiles\bhb1zl6r.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=563 folders=105 39926505 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Hendrik\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Hendrik\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4A17X4RH" not found "C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOHAP8XW" not found ==== EOF on vr 31/01/2014 at 17:07:59,47 ======================
  14. intussen nog altijd "running" ... terwijl ik zoek.exe in Taakbeheer onder Processen niet terugvind?
  15. Is het normaal dat zoek.exe al meer dan een uur aan het werk is? Create Environment Variables 13:50:14,19 --- Create System Restore Point 13:53:58,47 --- Checking Input 13:55:00,01 --- AU AppData Check 13:57:37,29 --- Remove From Windows Installer 13:59:13,33
  16. Sinds gisterenavond ineens willekeurige woorden op websites die "aanklikbaar" zijn. Als 'k er met de cursor boven kom, verschijnt "Click ...". Malwarebytes Antimalware geïnstalleerd en laten scannen. "Infecties" verwijderd en opnieuw opgestart. Maar probleem is niet weg. Log gemaakt met Hijackthis en RSIT: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 10:47:59, on 31/01/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) FIREFOX: 26.0 (nl) Boot mode: Normal Running processes: C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Hendrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Hendrik\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Hendrik\AppData\Roaming\Torque\Torque.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\Hendrik\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: (no name) - {DA5A2A9E-DF07-4a8e-B423-BC5CD4D1880C} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [Copy] "C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_5AE393E819AF6946586466E0F295AD2F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Hendrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [internetCalls] "C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user') O4 - Startup: Dropbox.lnk = Hendrik\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{AA909DB0-20B5-4EBE-A315-307DB8EFE8ED}: NameServer = 192.168.10.110 0.0.0.0 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MEDIONmobile. OUC (MEDIONmobile. RunOuc) - Unknown owner - C:\Program Files (x86)\MEDIONmobile\UpdateDog\ouc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: MozyHome back-updienst (mozybackup) - Mozy, Inc. - C:\Program Files\MozyHome\mozybackup.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16986 bytes Logfile of random's system information tool 1.09 (written by random/random) Run by Hendrik at 2014-01-31 10:50:50 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 221 GB (62%) free of 356 GB Total RAM: 7863 MB (53% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:50:52, on 31/01/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Hendrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Hendrik\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Hendrik\AppData\Roaming\Torque\Torque.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\Hendrik\Downloads\HijackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files\trend micro\Hendrik.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: (no name) - {DA5A2A9E-DF07-4a8e-B423-BC5CD4D1880C} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [Copy] "C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_5AE393E819AF6946586466E0F295AD2F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Hendrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [internetCalls] "C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user') O4 - Startup: Dropbox.lnk = Hendrik\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{AA909DB0-20B5-4EBE-A315-307DB8EFE8ED}: NameServer = 192.168.10.110 0.0.0.0 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MEDIONmobile. OUC (MEDIONmobile. RunOuc) - Unknown owner - C:\Program Files (x86)\MEDIONmobile\UpdateDog\ouc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: MozyHome back-updienst (mozybackup) - Mozy, Inc. - C:\Program Files\MozyHome\mozybackup.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17039 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe "C:\Windows\system32\nvvsvc.exe" C:\Windows\system32\svchost.exe -k RPCSS "C:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup "C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "taskhost.exe" "C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe" "C:\Program Files (x86)\Launch Manager\dsiwmis.exe" "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe" "C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe" "C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe" "C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe" "C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service "C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe" "C:\ProgramData\DatacardService\DCSHelper.exe" "C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray C:\ProgramData\MEDIONmobile\OnlineUpdate\ouc.exe "C:/Program Files (x86)/MEDIONmobile/UpdateDog/" "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 3764 "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android "C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl "C:\Program Files (x86)\BlueStacks\HD-Network.exe" \??\C:\Windows\system32\conhost.exe "355324742-778767920746167446985354385-20486221822040328029-10067773731919205068 "C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe" \??\C:\Windows\system32\conhost.exe "1022152261-618972128-1726236675-912628399-170116341-19786093951456819750851938291 "C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe" \??\C:\Windows\system32\conhost.exe "-181211616039620987701963890-838534694-13136858337592711341825245978-530721815 "C:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe "-1881826900-1405464768266816618-313321392-1294415457-1421630388783231299695012407 "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" C:\Windows\system32\igfxsrvc.exe -Embedding "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe" C:\Windows\system32\igfxext.exe -Embedding C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe" "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe" "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window "C:\Users\Hendrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5712.0.276720601\1091898534" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,5,13,23 --disable-accelerated-video-decode --reduce-gpu-sandbox --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2622 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.1.1001401950\723115815" /prefetch:673131151 "C:\Users\Hendrik\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup -nolaunchurl "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Launch Manager\LManager.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe" "C:\Program Files (x86)\Launch Manager\LMworker.exe" "C:\Program Files\Elantech\ETDCtrlHelper.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.2.961884133\357804027" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.3.1847513193\44810932" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.4.1658718870\1283608251" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.5.993330996\1182422768" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.6.1055130556\2088240163" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.7.699026602\1771318239" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.8.341372724\1041659641" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.9.239222394\169856358" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.10.276677928\93806768" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.12.2059361005\179493288" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5712.13.1466331336\681159846" /prefetch:673131151 C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/np-rf-plugin.dll" --lang=nl --channel="5712.14.959589733\816331009" /prefetch:-390060480 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibpbofogepkkeoockhkfcgngjkimndlp\0.8.4_0\plugins/npTorqueChrome.dll" --lang=nl --channel="5712.15.923160796\912493201" /prefetch:-390060480 "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files\MozyHome\mozybackup.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files\MozyHome\mozybackup.exe" /wts 5236 680 684 "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Users\Hendrik\AppData\Roaming\Torque\Torque.exe "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=8680.1c4b5700.1493327905 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 8680 "\\.\pipe\gecko-crash-server-pipe.8680" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe" --proxy-stub-channel=Flash5524.5B28B990.25676 --host-broker-channel=Flash5524.5B28B990.32235 --host-pid=5524 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe" --channel=8620.005EF768.1743202188 --proxy-stub-channel=Flash5524.5B28B990.25676 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" --host-npapi-version=27 --type=renderer "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" "C:\Windows\system32\SnippingTool.exe" /QuitInfo:000000000000099C;00000000000008FC; "C:\Users\Hendrik\Downloads\HijackThis.exe" "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Hendrik\Downloads\hijackthis.log taskeng.exe {EC34D631-A765-428B-AA8A-0D1665DE20EC} "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 544 548 556 65536 552 C:\Windows\system32\wbem\wmiprvse.exe "C:\Users\Hendrik\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1191951822-230774151-2282679725-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1191951822-230774151-2282679725-1000UA.job =========Mozilla firefox========= ProfilePath - C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\bhb1zl6r.default prefs.js - "browser.search.useDBForOrder" - "false" prefs.js - "browser.startup.homepage" - "https://mail.google.com/mail/u/0/?shva=1#inbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.43 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf] "Description"= "Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl] "Description"=Garmin GPS Control for Firefox "Path"=C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.43 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\bhb1zl6r.default\extensions\ de-AT@dictionaries.addons.mozilla.org donottrackplus@abine.com fr-dicollecte@dictionaries.addons.mozilla.org {5384767E-00D9-40E9-B72F-9CC39D655D6F} {941E9C01-F8E0-493E-B814-E693BC99A1A1} {b9db16a4-6edc-47ec-a1f4-b86292ed211d} C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\bhb1zl6r.default\searchplugins\ duckduckgo.xml ecosia.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-10-21 24536280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-03-08 6669000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{887cdc33-0de3-4fd5-a5d3-eccd4b4b396c}] PDN64BitBookMarkActivator.BookMark64BitActivator - C:\Windows\system32\mscoree.dll [2010-11-21 444752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-10-21 18594008] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-03-08 4171464] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA5A2A9E-DF07-4a8e-B423-BC5CD4D1880C}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-10-21 24536280] {735abc4c-9266-4008-9ef6-bc60be8de31f} - Post-it® Digital Notes - C:\Windows\system32\mscoree.dll [2010-11-21 444752] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-10-21 18594008] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608] "Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2011-01-05 860040] "MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-10 167704] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-10 392984] "Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-10 417560] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-08-27 1028896] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"=C:\Users\Hendrik\AppData\Roaming\Copy\CopyAgent.exe [2014-01-03 15501456] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608] "RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-10-21 109784] "GoogleChromeAutoLaunch_5AE393E819AF6946586466E0F295AD2F"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-01-23 866584] "Spotify Web Helper"=C:\Users\Hendrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-12-05 1168896] "InternetCalls"=C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe [2013-10-17 19569480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [2010-06-28 263936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] C:\Users\Hendrik\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\Hendrik\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-02 116648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_5AE393E819AF6946586466E0F295AD2F] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-01-23 866584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2013-12-06 20203904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MozyHome Status.lnk] C:\PROGRA~1\MozyHome\mozystat.exe [2013-05-21 6438216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Hendrik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stickies.lnk] C:\PROGRA~2\Stickies\stickies.exe [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-12-20 807696] C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Hendrik\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\system32\nvinitx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2012-01-10 390656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-03-08 6669000] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-03-08 4171464] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "vidc.XVID"=xvidvfw.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-01-31 10:50:50 ----D---- C:\rsit 2014-01-31 10:50:50 ----D---- C:\Program Files\trend micro 2014-01-30 23:24:59 ----DC---- C:\Users\Hendrik\AppData\Roaming\Malwarebytes 2014-01-30 23:24:42 ----D---- C:\ProgramData\Malwarebytes 2014-01-30 23:24:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-30 23:24:39 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-01-15 19:37:42 ----A---- C:\Windows\SYSWOW64\javaws.exe 2014-01-15 19:37:37 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2014-01-15 19:37:37 ----A---- C:\Windows\SYSWOW64\javaw.exe 2014-01-15 19:37:37 ----A---- C:\Windows\SYSWOW64\java.exe 2014-01-15 10:26:47 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-01-15 10:26:47 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-01-15 10:26:47 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll 2014-01-15 10:26:46 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys 2014-01-15 10:26:46 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys 2014-01-15 10:26:46 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys 2014-01-15 10:26:44 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll 2014-01-15 10:26:44 ----A---- C:\Windows\SYSWOW64\tsgqec.dll 2014-01-15 10:26:44 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll 2014-01-15 10:26:44 ----A---- C:\Windows\SYSWOW64\mstsc.exe 2014-01-15 10:26:44 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll 2014-01-15 10:26:44 ----A---- C:\Windows\SYSWOW64\aaclient.dll 2014-01-15 10:26:44 ----A---- C:\Windows\system32\wksprtPS.dll 2014-01-15 10:26:44 ----A---- C:\Windows\system32\wksprt.exe 2014-01-15 10:26:44 ----A---- C:\Windows\system32\TSWbPrxy.exe 2014-01-15 10:26:44 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-01-15 10:26:44 ----A---- C:\Windows\system32\tsgqec.dll 2014-01-15 10:26:44 ----A---- C:\Windows\system32\rdpudd.dll 2014-01-15 10:26:44 ----A---- C:\Windows\system32\rdpendp_winip.dll 2014-01-15 10:26:44 ----A---- C:\Windows\system32\MsRdpWebAccess.dll 2014-01-15 10:26:44 ----A---- C:\Windows\system32\aaclient.dll 2014-01-15 10:26:43 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-01-15 10:26:43 ----A---- C:\Windows\system32\rdpcorets.dll 2014-01-15 10:26:43 ----A---- C:\Windows\system32\mstsc.exe 2014-01-15 10:26:42 ----A---- C:\Windows\system32\mstscax.dll 2014-01-15 10:22:16 ----A---- C:\Windows\system32\win32k.sys 2014-01-15 10:22:16 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2014-01-15 10:22:16 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-15 10:22:16 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-15 10:22:16 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-15 10:22:16 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-15 10:22:16 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-15 10:22:16 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-15 10:22:15 ----A---- C:\Windows\system32\drivers\netio.sys 2014-01-13 17:55:36 ----D---- C:\Program Files (x86)\BlueStacks 2014-01-02 18:12:14 ----DC---- C:\Users\Hendrik\AppData\Roaming\InternetCalls 2014-01-02 18:12:05 ----D---- C:\Program Files (x86)\InternetCalls.com ======List of files/folders modified in the last 1 month====== 2014-01-31 10:50:50 ----RD---- C:\Program Files 2014-01-31 10:50:36 ----DC---- C:\Users\Hendrik\AppData\Roaming\Torque 2014-01-31 10:48:49 ----D---- C:\Windows\system32\config 2014-01-31 10:39:48 ----DC---- C:\Users\Hendrik\AppData\Roaming\BitTorrent 2014-01-31 10:38:20 ----D---- C:\Windows\Temp 2014-01-31 10:37:12 ----DC---- C:\Users\Hendrik\AppData\Roaming\Dropbox 2014-01-31 10:36:46 ----DC---- C:\Users\Hendrik\AppData\Roaming\Skype 2014-01-31 10:36:14 ----DC---- C:\Users\Hendrik\AppData\Roaming\Copy 2014-01-31 10:34:47 ----A---- C:\Windows\SYSWOW64\log.txt 2014-01-31 10:32:57 ----AD---- C:\ProgramData\Temp 2014-01-30 23:24:42 ----HD---- C:\ProgramData 2014-01-30 23:24:39 ----D---- C:\Windows\system32\drivers 2014-01-30 23:24:39 ----D---- C:\Program Files (x86) 2014-01-30 23:24:32 ----D---- C:\Windows\Prefetch 2014-01-30 16:51:41 ----SHD---- C:\System Volume Information 2014-01-29 11:17:11 ----A---- C:\Windows\BRWMARK.INI 2014-01-29 09:21:40 ----D---- C:\Config.Msi 2014-01-28 22:23:15 ----DC---- C:\Users\Hendrik\AppData\Roaming\Spotify 2014-01-28 15:36:25 ----D---- C:\Windows\System32 2014-01-28 15:36:25 ----D---- C:\Windows\inf 2014-01-28 15:36:25 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-01-26 23:23:30 ----D---- C:\Windows\SysWOW64 2014-01-26 15:03:44 ----DC---- C:\Users\Hendrik\AppData\Roaming\Tyre 2014-01-25 09:01:35 ----SHD---- C:\Windows\Installer 2014-01-25 09:01:33 ----DC---- C:\Users\Hendrik\AppData\Roaming\Mozilla 2014-01-22 16:33:42 ----D---- C:\Windows\system32\catroot2 2014-01-22 16:30:31 ----D---- C:\Program Files (x86)\Calibre2 2014-01-21 14:36:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-01-21 14:32:59 ----A---- C:\Windows\wininit.ini 2014-01-19 08:33:29 ----N---- C:\Windows\system32\MpSigStub.exe 2014-01-15 19:38:10 ----D---- C:\ProgramData\Oracle 2014-01-15 19:37:36 ----D---- C:\Program Files (x86)\Java 2014-01-15 13:30:19 ----D---- C:\Windows\rescache 2014-01-15 10:53:55 ----D---- C:\Windows\winsxs 2014-01-15 10:51:56 ----D---- C:\Windows\SYSWOW64\wbem 2014-01-15 10:51:56 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-01-15 10:51:56 ----D---- C:\Windows\system32\wbem 2014-01-15 10:51:56 ----D---- C:\Windows\system32\nl-NL 2014-01-15 10:51:56 ----D---- C:\Windows\system32\drivers\nl-NL 2014-01-15 10:51:56 ----D---- C:\Windows\PolicyDefinitions 2014-01-15 10:51:55 ----D---- C:\Windows\system32\DriverStore 2014-01-15 10:27:02 ----D---- C:\Windows\system32\catroot 2014-01-15 10:26:13 ----D---- C:\Windows\system32\MRT 2014-01-15 10:23:11 ----D---- C:\Windows\debug 2014-01-15 10:22:58 ----A---- C:\Windows\system32\MRT.exe 2014-01-13 18:45:35 ----D---- C:\Windows\Microsoft.NET 2014-01-13 18:26:45 ----D---- C:\ProgramData\BlueStacksSetup 2014-01-13 18:25:08 ----RSD---- C:\Windows\assembly 2014-01-13 17:55:52 ----D---- C:\ProgramData\BlueStacks 2014-01-13 17:47:59 ----D---- C:\Windows 2014-01-13 17:33:48 ----D---- C:\Windows\Logs 2014-01-13 17:24:16 ----D---- C:\Program Files\CCleaner 2014-01-13 17:12:00 ----D---- C:\Program Files (x86)\Adobe 2014-01-13 17:10:40 ----DC---- C:\Users\Hendrik\AppData\Roaming\WildTangent 2014-01-13 17:10:40 ----D---- C:\ProgramData\WildTangent 2014-01-13 17:07:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-01-08 19:26:22 ----D---- C:\Windows\system32\Tasks 2014-01-08 19:26:19 ----D---- C:\Program Files (x86)\WizMouse 2014-01-01 21:56:43 ----D---- C:\Program Files (x86)\Garmin ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-04-13 540696] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-11-14 32544] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2013-11-02 44744] R1 mozyFilter;mozyFilter; C:\Windows\system32\DRIVERS\mozy.sys [2013-05-02 67808] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-12-20 114448] R2 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys [2013-11-23 17416] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-11 2229608] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344] R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-05-08 90112] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200] R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-09-17 42184] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys [2013-06-24 44672] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-05-08 117248] S3 ewusbmbb;HUAWEI USB-WWAN miniport; C:\Windows\system32\DRIVERS\ewusbwwan.sys [2013-05-08 450048] S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2013-05-08 225920] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-09-22 243712] S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187.sys [2010-01-07 448512] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408] R2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-12-20 402192] R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-12-20 385808] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2011-01-05 867712] R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584] R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2013-11-23 1830768] R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-11-02 906024] R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-11-02 555304] R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336] R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2011-01-31 244624] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-18 268824] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 mozybackup;MozyHome back-updienst; C:\Program Files\MozyHome\mozybackup.exe [2013-04-19 55112] R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-28 255744] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-26 116648] S2 MEDIONmobile. RunOuc;MEDIONmobile. OUC; C:\Program Files (x86)\MEDIONmobile\UpdateDog\ouc.exe [2013-05-08 655712] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-26 116648] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120] S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2013-11-02 78512] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-03-08 30798512] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-11 119408] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-28 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------
  17. Ze heeft intussen een en ander kunnen controleren en het probleem is blijkbaar opgelost. (Ze had ook nooit iets aangeklikt.) Dank je wel voor de hulp!!!
  18. De site waarop ze me toonde wat er aan de hand was: Julie in Benin. Enkele woorden waren in een andere kleur en aanklikbaar. Als je er met de cursor boven kwam, verscheen een venstertje van Safesaver. Daarnaast verscheen ook een nieuw blanco Chrome-venster als ze gewoon in Gmail bezig was.
  19. uitgevoerd. (En op een site waar ze deze middag zeker zo'n popups kreeg, zijn die nu blijkbaar verdwenen. Ze is nu wel niet thuis om haar verder te laten controleren ...). In elk geval al bedankt. zoek-results.txt
  20. Hallo mijn dochter krijgt op haar laptop in Chrome continu vervelende popups van Safesaver. Ik vind dit niet terug in de extensies, noch bij Configuratiescherm Programma verwijderen. Wat heeft er al gedraaid: Malwarebytes, Adwcleaner, HitmanPro, Combofix. En nog niet verdwenen ... De log van Combofix: ComboFix 13-10-19.02 - marieke 21/10/2013 14:21:27.2.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.6077.4315 [GMT 2:00] Gestart vanuit: c:\users\marieke\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_vpnagent . . (((((((((((((((((((( Bestanden Gemaakt van 2013-09-21 to 2013-10-21 )))))))))))))))))))))))))))))) . . 2013-10-21 13:19 . 2013-10-21 13:19 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-10-21 13:19 . 2013-10-21 13:19 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-10-21 12:08 . 2013-10-08 05:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-10-21 11:57 . 2013-10-21 11:59 -------- d-----w- C:\AdwCleaner 2013-10-21 10:30 . 2013-10-15 23:20 10280728 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{991C586A-D620-4980-93B1-1668C53ABA29}\mpengine.dll 2013-10-20 14:14 . 2013-10-15 23:20 10280728 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-10-20 14:06 . 2013-10-20 14:06 -------- d-----w- c:\users\marieke\AppData\Local\Mozilla 2013-10-19 12:28 . 2013-06-06 03:30 368128 ----a-w- c:\windows\system32\atmfd.dll 2013-10-19 12:27 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll 2013-10-19 12:21 . 2013-10-17 09:14 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DDF32E40-FB93-4BEA-A25A-B52A7B89B246}\gapaengine.dll 2013-10-19 12:17 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2013-10-19 12:17 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll 2013-10-19 12:17 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll 2013-10-19 12:17 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll 2013-10-19 12:17 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll 2013-10-19 12:17 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2013-10-19 12:17 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll 2013-10-19 12:17 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll 2013-10-19 12:17 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2013-10-19 12:17 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2013-10-19 12:16 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll 2013-10-19 12:16 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe 2013-10-19 12:16 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll 2013-10-19 12:16 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll 2013-10-19 12:14 . 2013-07-19 01:58 2048 ----a-w- c:\windows\system32\tzres.dll 2013-10-19 12:14 . 2013-07-19 01:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2013-10-19 12:14 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys 2013-10-19 12:12 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll 2013-10-19 12:12 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll 2013-10-19 12:11 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll 2013-10-19 12:11 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll 2013-10-19 12:05 . 2013-10-19 12:05 -------- d-----w- c:\users\marieke\AppData\Roaming\AVG2012 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-20 08:42 . 2012-09-29 06:05 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-10-20 08:42 . 2011-07-18 10:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-20 08:33 . 2011-07-01 10:17 80541720 ----a-w- c:\windows\system32\MRT.exe 2013-09-11 16:19 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-09-11 14:16 . 2013-09-11 14:16 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-09-11 14:16 . 2013-09-11 14:16 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-09-11 14:16 . 2013-09-11 14:16 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-09-11 14:16 . 2013-09-11 14:16 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-09-11 14:16 . 2013-09-11 14:16 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-09-11 14:16 . 2013-09-11 14:16 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-09-11 14:16 . 2013-09-11 14:16 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-09-11 14:16 . 2013-09-11 14:16 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-09-11 14:16 . 2013-09-11 14:16 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-09-11 14:16 . 2013-09-11 14:16 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-09-11 14:16 . 2013-09-11 14:16 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-09-11 14:16 . 2013-09-11 14:16 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-09-11 14:16 . 2013-09-11 14:16 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-09-11 14:16 . 2013-09-11 14:16 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-09-11 14:16 . 2013-09-11 14:16 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-09-11 14:16 . 2013-09-11 14:16 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-09-11 14:16 . 2013-09-11 14:16 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-09-11 14:16 . 2013-09-11 14:16 81408 ----a-w- c:\windows\system32\icardie.dll 2013-09-11 14:16 . 2013-09-11 14:16 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-09-11 14:16 . 2013-09-11 14:16 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-09-11 14:16 . 2013-09-11 14:16 441856 ----a-w- c:\windows\system32\html.iec 2013-09-11 14:16 . 2013-09-11 14:16 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-09-11 14:16 . 2013-09-11 14:16 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-09-11 14:16 . 2013-09-11 14:16 235008 ----a-w- c:\windows\system32\url.dll 2013-09-11 14:16 . 2013-09-11 14:16 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-09-11 14:16 . 2013-09-11 14:16 216064 ----a-w- c:\windows\system32\msls31.dll 2013-09-11 14:16 . 2013-09-11 14:16 197120 ----a-w- c:\windows\system32\msrating.dll 2013-09-11 14:16 . 2013-09-11 14:16 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-09-11 14:16 . 2013-09-11 14:16 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-09-11 14:16 . 2013-09-11 14:16 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-09-11 14:16 . 2013-09-11 14:16 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-09-11 14:16 . 2013-09-11 14:16 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-09-11 14:16 . 2013-09-11 14:16 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-09-11 14:16 . 2013-09-11 14:16 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-09-11 14:16 . 2013-09-11 14:16 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-09-11 14:16 . 2013-09-11 14:16 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-09-11 14:16 . 2013-09-11 14:16 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-09-11 14:16 . 2013-09-11 14:16 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-09-11 14:16 . 2013-09-11 14:16 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-09-11 14:16 . 2013-09-11 14:16 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-09-11 14:16 . 2013-09-11 14:16 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-09-11 14:16 . 2013-09-11 14:16 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-09-11 14:16 . 2013-09-11 14:16 149504 ----a-w- c:\windows\system32\occache.dll 2013-09-11 14:16 . 2013-09-11 14:16 144896 ----a-w- c:\windows\system32\wextract.exe 2013-09-11 14:16 . 2013-09-11 14:16 13824 ----a-w- c:\windows\system32\mshta.exe 2013-09-11 14:16 . 2013-09-11 14:16 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-09-11 14:16 . 2013-09-11 14:16 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-09-11 14:16 . 2013-09-11 14:16 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-09-11 14:16 . 2013-09-11 14:16 102912 ----a-w- c:\windows\system32\inseng.dll 2013-09-11 14:13 . 2013-09-11 14:13 1887232 ----a-w- c:\windows\system32\d3d11.dll 2013-09-11 14:13 . 2013-09-11 14:13 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll 2013-09-04 19:58 . 2012-07-04 09:11 965008 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-08-29 01:48 . 2013-10-19 12:28 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-07-26 02:24 . 2013-09-11 14:29 14172672 ----a-w- c:\windows\system32\shell32.dll 2013-07-26 02:24 . 2013-09-11 14:29 197120 ----a-w- c:\windows\system32\shdocvw.dll 2013-07-25 09:25 . 2013-09-11 14:29 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-25 08:57 . 2013-09-11 14:29 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\marieke\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\marieke\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\marieke\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\marieke\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "54FEEA040D6D119BBDE1AE7EA3C74FCEF45A89C2._service_run"="c:\users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe" [2013-10-09 844752] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] . c:\users\marieke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\marieke\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-18 1080096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys;c:\windows\SYSNATIVE\drivers\SBREdrv.sys [x] R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0;PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\my dell\pcdsrvc_x64.pkms;c:\program files\my dell\pcdsrvc_x64.pkms [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys;c:\windows\SYSNATIVE\DRIVERS\stdflt.sys [x] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x] S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [x] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x] S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys;c:\windows\SYSNATIVE\DRIVERS\rimspe64.sys [x] S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\risdpe64.sys [x] S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\rixdpe64.sys [x] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys;c:\windows\SYSNATIVE\DRIVERS\Acceler.sys [x] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2013-10-21 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 08:42] . 2013-10-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2464107285-1286796822-690490645-1001Core.job - c:\users\marieke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 21:19] . 2013-10-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2464107285-1286796822-690490645-1001UA.job - c:\users\marieke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 21:19] . 2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-26 11:48] . 2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-26 11:48] . 2013-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2464107285-1286796822-690490645-1001Core.job - c:\users\marieke\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-01 09:41] . 2013-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2464107285-1286796822-690490645-1001UA.job - c:\users\marieke\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-01 09:41] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\marieke\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\marieke\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\marieke\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\marieke\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-20 487424] "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-16 5470208] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2384896] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 1356240] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\marieke\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 195.130.131.5 195.130.130.133 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SanDisk Media Manager.lnk - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{D3412D80-CF3B4A27-06020200}_0] "ImagePath"="\??\c:\program files\my dell\pcdsrvc_x64.pkms" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2464107285-1286796822-690490645-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (S-1-5-21-2464107285-1286796822-690490645-1001) @Denied: (2) (LocalSystem) "Progid"="ThunderbirdEML" . [HKEY_USERS\S-1-5-21-2464107285-1286796822-690490645-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (S-1-5-21-2464107285-1286796822-690490645-1001) @Denied: (2) (LocalSystem) "Progid"="Outlook.File.vcf" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe . ************************************************************************** . Voltooingstijd: 2013-10-21 15:34:00 - machine werd herstart ComboFix-quarantined-files.txt 2013-10-21 13:33 ComboFix2.txt 2013-05-01 15:09 . Pre-Run: 101.730.119.680 bytes beschikbaar Post-Run: 100.892.200.960 bytes beschikbaar . - - End Of File - - F27DF9E94D6DE7FF9FA2C16B59DF6633 5C616939100B85E558DA92B899A0FC36 Log van Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:00:30, on 21/10/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [54FEEA040D6D119BBDE1AE7EA3C74FCEF45A89C2._service_run] "C:\Users\marieke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service O4 - Startup: Dropbox.lnk = marieke\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\marieke\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13982 bytes
  21. Windows7 opnieuw geïnstalleerd en Skype geeft geen problemen meer. Nogmaals dank!
  22. "no threats" ... 20:47:40.0798 4832 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 20:47:41.0065 4832 ============================================================ 20:47:41.0065 4832 Current date / time: 2013/04/25 20:47:41.0065 20:47:41.0065 4832 SystemInfo: 20:47:41.0065 4832 20:47:41.0065 4832 OS Version: 6.1.7601 ServicePack: 1.0 20:47:41.0065 4832 Product type: Workstation 20:47:41.0065 4832 ComputerName: HENDRIK 20:47:41.0065 4832 UserName: H 20:47:41.0065 4832 Windows directory: C:\Windows 20:47:41.0065 4832 System windows directory: C:\Windows 20:47:41.0065 4832 Running under WOW64 20:47:41.0065 4832 Processor architecture: Intel x64 20:47:41.0065 4832 Number of processors: 4 20:47:41.0065 4832 Page size: 0x1000 20:47:41.0065 4832 Boot type: Normal boot 20:47:41.0065 4832 ============================================================ 20:47:41.0833 4832 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:47:41.0848 4832 ============================================================ 20:47:41.0848 4832 \Device\Harddisk0\DR0: 20:47:41.0848 4832 MBR partitions: 20:47:41.0848 4832 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000 20:47:41.0849 4832 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x2B7C3000 20:47:41.0869 4832 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2DFF6000, BlocksNum 0x2954F800 20:47:41.0869 4832 ============================================================ 20:47:41.0943 4832 C: <-> \Device\Harddisk0\DR0\Partition2 20:47:41.0984 4832 F: <-> \Device\Harddisk0\DR0\Partition3 20:47:41.0984 4832 ============================================================ 20:47:41.0984 4832 Initialize success 20:47:41.0984 4832 ============================================================ 20:47:50.0461 6040 ============================================================ 20:47:50.0461 6040 Scan started 20:47:50.0461 6040 Mode: Manual; 20:47:50.0461 6040 ============================================================ 20:47:50.0778 6040 ================ Scan system memory ======================== 20:47:50.0778 6040 System memory - ok 20:47:50.0779 6040 ================ Scan services ============================= 20:47:51.0002 6040 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 20:47:51.0007 6040 1394ohci - ok 20:47:51.0036 6040 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 20:47:51.0042 6040 ACPI - ok 20:47:51.0048 6040 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 20:47:51.0050 6040 AcpiPmi - ok 20:47:51.0100 6040 [ 888DFE4137F626CEA9CCE3BD47941B64 ] ACSSCR C:\Windows\system32\DRIVERS\a38usb.sys 20:47:51.0101 6040 ACSSCR - ok 20:47:51.0190 6040 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe 20:47:51.0192 6040 AdobeActiveFileMonitor9.0 - ok 20:47:51.0347 6040 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:47:51.0351 6040 AdobeFlashPlayerUpdateSvc - ok 20:47:51.0377 6040 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 20:47:51.0386 6040 adp94xx - ok 20:47:51.0441 6040 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 20:47:51.0447 6040 adpahci - ok 20:47:51.0508 6040 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 20:47:51.0513 6040 adpu320 - ok 20:47:51.0629 6040 [ 7652940ADA176D26D8938B9BE309F4EE ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe 20:47:51.0638 6040 AdvancedSystemCareService6 - ok 20:47:51.0703 6040 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:47:51.0705 6040 AeLookupSvc - ok 20:47:51.0750 6040 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 20:47:51.0759 6040 AFD - ok 20:47:51.0782 6040 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 20:47:51.0784 6040 agp440 - ok 20:47:51.0795 6040 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 20:47:51.0798 6040 ALG - ok 20:47:51.0803 6040 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 20:47:51.0804 6040 aliide - ok 20:47:51.0809 6040 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 20:47:51.0810 6040 amdide - ok 20:47:51.0815 6040 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 20:47:51.0816 6040 AmdK8 - ok 20:47:51.0821 6040 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 20:47:51.0822 6040 AmdPPM - ok 20:47:51.0854 6040 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 20:47:51.0856 6040 amdsata - ok 20:47:51.0871 6040 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 20:47:51.0874 6040 amdsbs - ok 20:47:51.0887 6040 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 20:47:51.0887 6040 amdxata - ok 20:47:51.0893 6040 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 20:47:51.0895 6040 AppID - ok 20:47:51.0909 6040 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 20:47:51.0910 6040 AppIDSvc - ok 20:47:51.0915 6040 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 20:47:51.0917 6040 Appinfo - ok 20:47:51.0924 6040 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 20:47:51.0926 6040 arc - ok 20:47:51.0930 6040 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 20:47:51.0932 6040 arcsas - ok 20:47:51.0943 6040 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:47:51.0944 6040 AsyncMac - ok 20:47:51.0953 6040 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 20:47:51.0954 6040 atapi - ok 20:47:52.0014 6040 [ E642491F64E58CD5BC8FB8B347DCF65F ] athr C:\Windows\system32\DRIVERS\athrx.sys 20:47:52.0026 6040 athr - ok 20:47:52.0055 6040 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:47:52.0063 6040 AudioEndpointBuilder - ok 20:47:52.0073 6040 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 20:47:52.0078 6040 AudioSrv - ok 20:47:52.0090 6040 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:47:52.0092 6040 AxInstSV - ok 20:47:52.0111 6040 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 20:47:52.0117 6040 b06bdrv - ok 20:47:52.0131 6040 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 20:47:52.0135 6040 b57nd60a - ok 20:47:52.0153 6040 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 20:47:52.0156 6040 BDESVC - ok 20:47:52.0166 6040 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 20:47:52.0167 6040 Beep - ok 20:47:52.0195 6040 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 20:47:52.0204 6040 BFE - ok 20:47:52.0253 6040 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 20:47:52.0269 6040 BITS - ok 20:47:52.0289 6040 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 20:47:52.0290 6040 blbdrive - ok 20:47:52.0321 6040 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:47:52.0323 6040 bowser - ok 20:47:52.0346 6040 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 20:47:52.0347 6040 BrFiltLo - ok 20:47:52.0352 6040 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 20:47:52.0354 6040 BrFiltUp - ok 20:47:52.0360 6040 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 20:47:52.0362 6040 BridgeMP - ok 20:47:52.0390 6040 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 20:47:52.0392 6040 Browser - ok 20:47:52.0402 6040 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 20:47:52.0406 6040 Brserid - ok 20:47:52.0410 6040 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 20:47:52.0412 6040 BrSerWdm - ok 20:47:52.0417 6040 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 20:47:52.0418 6040 BrUsbMdm - ok 20:47:52.0422 6040 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 20:47:52.0423 6040 BrUsbSer - ok 20:47:52.0477 6040 [ 9D7BF8AB181DA27E2C13F701FCD5BD2F ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe 20:47:52.0483 6040 BstHdAndroidSvc - ok 20:47:52.0511 6040 [ 781591A2EDC56188C31EF6D6AA53B66E ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys 20:47:52.0512 6040 BstHdDrv - ok 20:47:52.0548 6040 [ 15C160D8419F9FE74161B88B6A8EB799 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe 20:47:52.0552 6040 BstHdLogRotatorSvc - ok 20:47:52.0583 6040 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 20:47:52.0585 6040 BthEnum - ok 20:47:52.0611 6040 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 20:47:52.0614 6040 BTHMODEM - ok 20:47:52.0652 6040 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 20:47:52.0655 6040 BthPan - ok 20:47:52.0683 6040 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 20:47:52.0692 6040 BTHPORT - ok 20:47:52.0741 6040 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 20:47:52.0744 6040 bthserv - ok 20:47:52.0762 6040 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 20:47:52.0764 6040 BTHUSB - ok 20:47:52.0768 6040 catchme - ok 20:47:52.0804 6040 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:47:52.0806 6040 cdfs - ok 20:47:52.0828 6040 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 20:47:52.0831 6040 cdrom - ok 20:47:52.0847 6040 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 20:47:52.0850 6040 CertPropSvc - ok 20:47:52.0871 6040 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 20:47:52.0873 6040 circlass - ok 20:47:52.0898 6040 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 20:47:52.0903 6040 CLFS - ok 20:47:52.0961 6040 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:47:52.0963 6040 clr_optimization_v2.0.50727_32 - ok 20:47:53.0006 6040 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:47:53.0009 6040 clr_optimization_v2.0.50727_64 - ok 20:47:53.0077 6040 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:47:53.0079 6040 clr_optimization_v4.0.30319_32 - ok 20:47:53.0114 6040 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:47:53.0117 6040 clr_optimization_v4.0.30319_64 - ok 20:47:53.0148 6040 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 20:47:53.0150 6040 CmBatt - ok 20:47:53.0162 6040 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 20:47:53.0164 6040 cmdide - ok 20:47:53.0193 6040 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 20:47:53.0200 6040 CNG - ok 20:47:53.0218 6040 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 20:47:53.0219 6040 Compbatt - ok 20:47:53.0233 6040 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 20:47:53.0235 6040 CompositeBus - ok 20:47:53.0239 6040 COMSysApp - ok 20:47:53.0252 6040 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 20:47:53.0253 6040 crcdisk - ok 20:47:53.0327 6040 [ 63A7739AC9C1E38589B3EDB1DAEB9DF5 ] CronService C:\Prey\platform\windows\cronsvc.exe 20:47:53.0359 6040 CronService - ok 20:47:53.0406 6040 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:47:53.0409 6040 CryptSvc - ok 20:47:53.0441 6040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 20:47:53.0449 6040 DcomLaunch - ok 20:47:53.0489 6040 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 20:47:53.0494 6040 defragsvc - ok 20:47:53.0546 6040 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:47:53.0548 6040 DfsC - ok 20:47:53.0570 6040 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 20:47:53.0577 6040 Dhcp - ok 20:47:53.0614 6040 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 20:47:53.0614 6040 discache - ok 20:47:53.0628 6040 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 20:47:53.0629 6040 Disk - ok 20:47:53.0650 6040 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:47:53.0653 6040 Dnscache - ok 20:47:53.0675 6040 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 20:47:53.0679 6040 dot3svc - ok 20:47:53.0694 6040 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 20:47:53.0697 6040 DPS - ok 20:47:53.0708 6040 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:47:53.0710 6040 drmkaud - ok 20:47:53.0748 6040 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe 20:47:53.0750 6040 DsiWMIService - ok 20:47:53.0755 6040 DUMeterDrv - ok 20:47:53.0790 6040 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:47:53.0796 6040 DXGKrnl - ok 20:47:53.0812 6040 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 20:47:53.0814 6040 EapHost - ok 20:47:53.0889 6040 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 20:47:53.0946 6040 ebdrv - ok 20:47:54.0006 6040 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 20:47:54.0009 6040 EFS - ok 20:47:54.0075 6040 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:47:54.0085 6040 ehRecvr - ok 20:47:54.0097 6040 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 20:47:54.0100 6040 ehSched - ok 20:47:54.0131 6040 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 20:47:54.0138 6040 elxstor - ok 20:47:54.0232 6040 [ 2AEE0416C54A1A86D035366DE192B2F0 ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe 20:47:54.0241 6040 ePowerSvc - ok 20:47:54.0247 6040 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 20:47:54.0248 6040 ErrDev - ok 20:47:54.0285 6040 [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys 20:47:54.0286 6040 ETD - ok 20:47:54.0321 6040 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 20:47:54.0326 6040 EventSystem - ok 20:47:54.0373 6040 [ 17114BBC8BEC3CFB4193DC0E2BCA0685 ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys 20:47:54.0375 6040 ewusbmbb - ok 20:47:54.0393 6040 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys 20:47:54.0394 6040 ew_hwusbdev - ok 20:47:54.0419 6040 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 20:47:54.0422 6040 exfat - ok 20:47:54.0456 6040 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:47:54.0459 6040 fastfat - ok 20:47:54.0485 6040 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 20:47:54.0495 6040 Fax - ok 20:47:54.0500 6040 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 20:47:54.0502 6040 fdc - ok 20:47:54.0523 6040 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 20:47:54.0525 6040 fdPHost - ok 20:47:54.0542 6040 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 20:47:54.0544 6040 FDResPub - ok 20:47:54.0558 6040 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:47:54.0559 6040 FileInfo - ok 20:47:54.0578 6040 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:47:54.0580 6040 Filetrace - ok 20:47:54.0584 6040 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 20:47:54.0587 6040 flpydisk - ok 20:47:54.0603 6040 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:47:54.0607 6040 FltMgr - ok 20:47:54.0678 6040 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 20:47:54.0710 6040 FontCache - ok 20:47:54.0747 6040 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:47:54.0748 6040 FontCache3.0.0.0 - ok 20:47:54.0767 6040 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 20:47:54.0769 6040 FsDepends - ok 20:47:54.0808 6040 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:47:54.0809 6040 Fs_Rec - ok 20:47:54.0838 6040 [ 121AF3148CDDA212CFFBC4F6240699C2 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys 20:47:54.0839 6040 FTSER2K - ok 20:47:54.0867 6040 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 20:47:54.0870 6040 fvevol - ok 20:47:54.0896 6040 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 20:47:54.0899 6040 gagp30kx - ok 20:47:54.0940 6040 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 20:47:54.0950 6040 gpsvc - ok 20:47:54.0995 6040 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe 20:47:54.0996 6040 GREGService - ok 20:47:55.0026 6040 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys 20:47:55.0027 6040 grmnusb - ok 20:47:55.0071 6040 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:47:55.0072 6040 gupdate - ok 20:47:55.0081 6040 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:47:55.0083 6040 gupdatem - ok 20:47:55.0130 6040 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 20:47:55.0132 6040 gusvc - ok 20:47:55.0165 6040 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 20:47:55.0167 6040 hcw85cir - ok 20:47:55.0179 6040 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 20:47:55.0184 6040 HdAudAddService - ok 20:47:55.0204 6040 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 20:47:55.0205 6040 HDAudBus - ok 20:47:55.0231 6040 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys 20:47:55.0232 6040 HECIx64 - ok 20:47:55.0237 6040 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 20:47:55.0239 6040 HidBatt - ok 20:47:55.0247 6040 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 20:47:55.0249 6040 HidBth - ok 20:47:55.0254 6040 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 20:47:55.0256 6040 HidIr - ok 20:47:55.0293 6040 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 20:47:55.0295 6040 hidserv - ok 20:47:55.0305 6040 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 20:47:55.0306 6040 HidUsb - ok 20:47:55.0318 6040 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 20:47:55.0321 6040 hkmsvc - ok 20:47:55.0335 6040 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 20:47:55.0339 6040 HomeGroupListener - ok 20:47:55.0371 6040 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 20:47:55.0375 6040 HomeGroupProvider - ok 20:47:55.0393 6040 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 20:47:55.0395 6040 HpSAMD - ok 20:47:55.0427 6040 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:47:55.0435 6040 HTTP - ok 20:47:55.0463 6040 [ 871DE49EFF65CEABF15415F93148DF5A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys 20:47:55.0464 6040 huawei_enumerator - ok 20:47:55.0488 6040 [ 24FA6177FE55C4BC045EC87E39F90688 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 20:47:55.0490 6040 hwdatacard - ok 20:47:55.0554 6040 [ E90DA42B87D684DEBFB73B38A718A006 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe 20:47:55.0559 6040 HWDeviceService64.exe - ok 20:47:55.0592 6040 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 20:47:55.0593 6040 hwpolicy - ok 20:47:55.0620 6040 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 20:47:55.0622 6040 i8042prt - ok 20:47:55.0658 6040 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys 20:47:55.0663 6040 iaStor - ok 20:47:55.0716 6040 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 20:47:55.0717 6040 IAStorDataMgrSvc - ok 20:47:55.0747 6040 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 20:47:55.0755 6040 iaStorV - ok 20:47:55.0832 6040 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:47:55.0848 6040 idsvc - ok 20:47:56.0071 6040 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 20:47:56.0137 6040 igfx - ok 20:47:56.0168 6040 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 20:47:56.0170 6040 iirsp - ok 20:47:56.0211 6040 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 20:47:56.0221 6040 IKEEXT - ok 20:47:56.0251 6040 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 20:47:56.0252 6040 Impcd - ok 20:47:56.0335 6040 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 20:47:56.0352 6040 IntcAzAudAddService - ok 20:47:56.0385 6040 [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 20:47:56.0387 6040 IntcDAud - ok 20:47:56.0392 6040 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 20:47:56.0394 6040 intelide - ok 20:47:56.0404 6040 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:47:56.0404 6040 intelppm - ok 20:47:56.0411 6040 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:47:56.0413 6040 IPBusEnum - ok 20:47:56.0419 6040 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:47:56.0421 6040 IpFilterDriver - ok 20:47:56.0455 6040 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:47:56.0462 6040 iphlpsvc - ok 20:47:56.0468 6040 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 20:47:56.0470 6040 IPMIDRV - ok 20:47:56.0477 6040 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:47:56.0479 6040 IPNAT - ok 20:47:56.0491 6040 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:47:56.0492 6040 IRENUM - ok 20:47:56.0498 6040 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:47:56.0501 6040 isapnp - ok 20:47:56.0524 6040 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 20:47:56.0528 6040 iScsiPrt - ok 20:47:56.0563 6040 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys 20:47:56.0565 6040 k57nd60a - ok 20:47:56.0580 6040 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 20:47:56.0580 6040 kbdclass - ok 20:47:56.0595 6040 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 20:47:56.0596 6040 kbdhid - ok 20:47:56.0602 6040 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 20:47:56.0604 6040 KeyIso - ok 20:47:56.0635 6040 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:47:56.0637 6040 KSecDD - ok 20:47:56.0673 6040 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:47:56.0675 6040 KSecPkg - ok 20:47:56.0685 6040 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 20:47:56.0686 6040 ksthunk - ok 20:47:56.0720 6040 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 20:47:56.0726 6040 KtmRm - ok 20:47:56.0760 6040 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 20:47:56.0764 6040 LanmanServer - ok 20:47:56.0804 6040 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:47:56.0807 6040 LanmanWorkstation - ok 20:47:56.0864 6040 [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe 20:47:56.0867 6040 Live Updater Service - ok 20:47:56.0905 6040 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:47:56.0907 6040 lltdio - ok 20:47:56.0949 6040 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:47:56.0956 6040 lltdsvc - ok 20:47:56.0971 6040 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:47:56.0974 6040 lmhosts - ok 20:47:57.0011 6040 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 20:47:57.0013 6040 LMS - ok 20:47:57.0036 6040 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 20:47:57.0039 6040 LSI_FC - ok 20:47:57.0046 6040 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 20:47:57.0049 6040 LSI_SAS - ok 20:47:57.0057 6040 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 20:47:57.0059 6040 LSI_SAS2 - ok 20:47:57.0065 6040 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 20:47:57.0067 6040 LSI_SCSI - ok 20:47:57.0084 6040 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 20:47:57.0086 6040 luafv - ok 20:47:57.0117 6040 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys 20:47:57.0119 6040 MarvinBus - ok 20:47:57.0143 6040 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:47:57.0147 6040 Mcx2Svc - ok 20:47:57.0218 6040 [ 625C98D60AD5AB1FCCBD0E2C0AC0D905 ] MEDIONmobile. RunOuc C:\Program Files (x86)\MEDIONmobile\UpdateDog\ouc.exe 20:47:57.0224 6040 MEDIONmobile. RunOuc - ok 20:47:57.0232 6040 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 20:47:57.0234 6040 megasas - ok 20:47:57.0243 6040 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 20:47:57.0247 6040 MegaSR - ok 20:47:57.0331 6040 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 20:47:57.0333 6040 Microsoft Office Groove Audit Service - ok 20:47:57.0370 6040 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 20:47:57.0373 6040 MMCSS - ok 20:47:57.0396 6040 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 20:47:57.0398 6040 Modem - ok 20:47:57.0417 6040 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:47:57.0418 6040 monitor - ok 20:47:57.0436 6040 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 20:47:57.0437 6040 mouclass - ok 20:47:57.0451 6040 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:47:57.0452 6040 mouhid - ok 20:47:57.0472 6040 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:47:57.0474 6040 mountmgr - ok 20:47:57.0519 6040 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 20:47:57.0520 6040 MozillaMaintenance - ok 20:47:57.0555 6040 [ 19B2629C3F8E02B2E823738FF0AB1BFD ] mozybackup C:\Program Files\MozyHome\mozybackup.exe 20:47:57.0556 6040 mozybackup - ok 20:47:57.0574 6040 [ A5C8838B68EDDD5C738308B3A50CB350 ] mozyFilter C:\Windows\system32\DRIVERS\mozy.sys 20:47:57.0575 6040 mozyFilter - ok 20:47:57.0610 6040 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 20:47:57.0612 6040 MpFilter - ok 20:47:57.0636 6040 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 20:47:57.0639 6040 mpio - ok 20:47:57.0655 6040 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:47:57.0657 6040 mpsdrv - ok 20:47:57.0693 6040 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 20:47:57.0707 6040 MpsSvc - ok 20:47:57.0716 6040 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:47:57.0719 6040 MRxDAV - ok 20:47:57.0758 6040 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:47:57.0760 6040 mrxsmb - ok 20:47:57.0780 6040 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:47:57.0784 6040 mrxsmb10 - ok 20:47:57.0800 6040 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:47:57.0802 6040 mrxsmb20 - ok 20:47:57.0808 6040 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 20:47:57.0810 6040 msahci - ok 20:47:57.0827 6040 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:47:57.0830 6040 msdsm - ok 20:47:57.0846 6040 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 20:47:57.0849 6040 MSDTC - ok 20:47:57.0875 6040 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:47:57.0876 6040 Msfs - ok 20:47:57.0891 6040 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:47:57.0893 6040 mshidkmdf - ok 20:47:57.0911 6040 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:47:57.0912 6040 msisadrv - ok 20:47:57.0950 6040 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:47:57.0953 6040 MSiSCSI - ok 20:47:57.0959 6040 msiserver - ok 20:47:57.0965 6040 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:47:57.0967 6040 MSKSSRV - ok 20:47:58.0029 6040 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe 20:47:58.0030 6040 MsMpSvc - ok 20:47:58.0052 6040 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:47:58.0054 6040 MSPCLOCK - ok 20:47:58.0077 6040 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:47:58.0079 6040 MSPQM - ok 20:47:58.0114 6040 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:47:58.0119 6040 MsRPC - ok 20:47:58.0145 6040 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 20:47:58.0145 6040 mssmbios - ok 20:47:58.0160 6040 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:47:58.0161 6040 MSTEE - ok 20:47:58.0176 6040 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 20:47:58.0178 6040 MTConfig - ok 20:47:58.0192 6040 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 20:47:58.0193 6040 Mup - ok 20:47:58.0230 6040 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 20:47:58.0237 6040 napagent - ok 20:47:58.0264 6040 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:47:58.0268 6040 NativeWifiP - ok 20:47:58.0325 6040 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe 20:47:58.0329 6040 NAUpdate - ok 20:47:58.0394 6040 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 20:47:58.0409 6040 NDIS - ok 20:47:58.0436 6040 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:47:58.0438 6040 NdisCap - ok 20:47:58.0454 6040 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:47:58.0455 6040 NdisTapi - ok 20:47:58.0475 6040 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:47:58.0478 6040 Ndisuio - ok 20:47:58.0497 6040 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:47:58.0500 6040 NdisWan - ok 20:47:58.0522 6040 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:47:58.0524 6040 NDProxy - ok 20:47:58.0547 6040 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:47:58.0548 6040 NetBIOS - ok 20:47:58.0574 6040 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:47:58.0578 6040 NetBT - ok 20:47:58.0595 6040 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 20:47:58.0597 6040 Netlogon - ok 20:47:58.0641 6040 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 20:47:58.0647 6040 Netman - ok 20:47:58.0676 6040 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 20:47:58.0684 6040 netprofm - ok 20:47:58.0712 6040 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:47:58.0715 6040 NetTcpPortSharing - ok 20:47:58.0739 6040 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 20:47:58.0741 6040 nfrd960 - ok 20:47:58.0776 6040 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 20:47:58.0778 6040 NisDrv - ok 20:47:58.0811 6040 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe 20:47:58.0814 6040 NisSrv - ok 20:47:58.0874 6040 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 20:47:58.0879 6040 NlaSvc - ok 20:47:58.0915 6040 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys 20:47:58.0916 6040 NPF - ok 20:47:58.0932 6040 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:47:58.0933 6040 Npfs - ok 20:47:58.0968 6040 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 20:47:58.0971 6040 nsi - ok 20:47:59.0005 6040 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:47:59.0006 6040 nsiproxy - ok 20:47:59.0065 6040 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:47:59.0077 6040 Ntfs - ok 20:47:59.0125 6040 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe 20:47:59.0127 6040 NTI IScheduleSvc - ok 20:47:59.0142 6040 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys 20:47:59.0142 6040 NTIDrvr - ok 20:47:59.0160 6040 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 20:47:59.0161 6040 Null - ok 20:47:59.0373 6040 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:47:59.0428 6040 nvlddmkm - ok 20:47:59.0447 6040 [ 6D785C898F9D70905A90655F4D0D0AFB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys 20:47:59.0447 6040 nvpciflt - ok 20:47:59.0480 6040 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:47:59.0484 6040 nvraid - ok 20:47:59.0506 6040 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:47:59.0509 6040 nvstor - ok 20:47:59.0554 6040 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\Windows\system32\nvvsvc.exe 20:47:59.0560 6040 nvsvc - ok 20:47:59.0632 6040 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 20:47:59.0639 6040 nvUpdatusService - ok 20:47:59.0693 6040 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:47:59.0695 6040 nv_agp - ok 20:47:59.0788 6040 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 20:47:59.0791 6040 odserv - ok 20:47:59.0800 6040 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 20:47:59.0802 6040 ohci1394 - ok 20:47:59.0835 6040 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:47:59.0836 6040 ose - ok 20:47:59.0871 6040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:47:59.0876 6040 p2pimsvc - ok 20:47:59.0897 6040 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 20:47:59.0903 6040 p2psvc - ok 20:47:59.0918 6040 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 20:47:59.0920 6040 Parport - ok 20:47:59.0959 6040 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:47:59.0961 6040 partmgr - ok 20:47:59.0983 6040 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 20:47:59.0988 6040 PcaSvc - ok 20:48:00.0013 6040 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 20:48:00.0015 6040 pci - ok 20:48:00.0041 6040 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 20:48:00.0043 6040 pciide - ok 20:48:00.0170 6040 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\Windows\SysWOW64\drivers\pclepci.sys 20:48:00.0170 6040 PCLEPCI - ok 20:48:00.0184 6040 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 20:48:00.0188 6040 pcmcia - ok 20:48:00.0207 6040 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 20:48:00.0208 6040 pcw - ok 20:48:00.0242 6040 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:48:00.0254 6040 PEAUTH - ok 20:48:00.0284 6040 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 20:48:00.0286 6040 PerfHost - ok 20:48:00.0339 6040 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 20:48:00.0374 6040 pla - ok 20:48:00.0429 6040 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:48:00.0435 6040 PlugPlay - ok 20:48:00.0453 6040 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:48:00.0456 6040 PNRPAutoReg - ok 20:48:00.0482 6040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:48:00.0485 6040 PNRPsvc - ok 20:48:00.0523 6040 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:48:00.0530 6040 PolicyAgent - ok 20:48:00.0563 6040 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 20:48:00.0567 6040 Power - ok 20:48:00.0591 6040 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:48:00.0593 6040 PptpMiniport - ok 20:48:00.0615 6040 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 20:48:00.0617 6040 Processor - ok 20:48:00.0662 6040 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 20:48:00.0669 6040 ProfSvc - ok 20:48:00.0694 6040 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 20:48:00.0696 6040 ProtectedStorage - ok 20:48:00.0715 6040 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:48:00.0718 6040 Psched - ok 20:48:00.0747 6040 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 20:48:00.0748 6040 PxHlpa64 - ok 20:48:00.0795 6040 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 20:48:00.0827 6040 ql2300 - ok 20:48:00.0852 6040 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 20:48:00.0854 6040 ql40xx - ok 20:48:00.0882 6040 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 20:48:00.0887 6040 QWAVE - ok 20:48:00.0907 6040 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:48:00.0908 6040 QWAVEdrv - ok 20:48:00.0917 6040 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:48:00.0919 6040 RasAcd - ok 20:48:00.0948 6040 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:48:00.0949 6040 RasAgileVpn - ok 20:48:00.0962 6040 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 20:48:00.0966 6040 RasAuto - ok 20:48:00.0982 6040 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:48:00.0984 6040 Rasl2tp - ok 20:48:01.0008 6040 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 20:48:01.0013 6040 RasMan - ok 20:48:01.0027 6040 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:48:01.0029 6040 RasPppoe - ok 20:48:01.0050 6040 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:48:01.0052 6040 RasSstp - ok 20:48:01.0073 6040 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:48:01.0077 6040 rdbss - ok 20:48:01.0096 6040 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 20:48:01.0097 6040 rdpbus - ok 20:48:01.0117 6040 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:48:01.0118 6040 RDPCDD - ok 20:48:01.0131 6040 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:48:01.0131 6040 RDPENCDD - ok 20:48:01.0146 6040 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 20:48:01.0147 6040 RDPREFMP - ok 20:48:01.0177 6040 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 20:48:01.0178 6040 RdpVideoMiniport - ok 20:48:01.0218 6040 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:48:01.0221 6040 RDPWD - ok 20:48:01.0245 6040 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:48:01.0248 6040 rdyboost - ok 20:48:01.0292 6040 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:48:01.0297 6040 RemoteAccess - ok 20:48:01.0336 6040 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:48:01.0341 6040 RemoteRegistry - ok 20:48:01.0378 6040 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 20:48:01.0382 6040 RFCOMM - ok 20:48:01.0431 6040 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe 20:48:01.0432 6040 rpcapd - ok 20:48:01.0449 6040 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:48:01.0453 6040 RpcEptMapper - ok 20:48:01.0496 6040 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 20:48:01.0498 6040 RpcLocator - ok 20:48:01.0529 6040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 20:48:01.0533 6040 RpcSs - ok 20:48:01.0563 6040 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:48:01.0565 6040 rspndr - ok 20:48:01.0615 6040 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 20:48:01.0617 6040 RSUSBSTOR - ok 20:48:01.0659 6040 [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187 C:\Windows\system32\DRIVERS\rtl8187.sys 20:48:01.0662 6040 RTL8187 - ok 20:48:01.0683 6040 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 20:48:01.0685 6040 SamSs - ok 20:48:01.0708 6040 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:48:01.0710 6040 sbp2port - ok 20:48:01.0718 6040 SBRE - ok 20:48:01.0747 6040 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:48:01.0751 6040 SCardSvr - ok 20:48:01.0774 6040 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:48:01.0775 6040 scfilter - ok 20:48:01.0813 6040 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 20:48:01.0832 6040 Schedule - ok 20:48:01.0857 6040 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 20:48:01.0858 6040 SCPolicySvc - ok 20:48:01.0873 6040 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:48:01.0877 6040 SDRSVC - ok 20:48:01.0895 6040 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:48:01.0896 6040 secdrv - ok 20:48:01.0917 6040 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 20:48:01.0919 6040 seclogon - ok 20:48:01.0942 6040 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 20:48:01.0945 6040 SENS - ok 20:48:01.0965 6040 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:48:01.0968 6040 SensrSvc - ok 20:48:01.0982 6040 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 20:48:01.0984 6040 Serenum - ok 20:48:02.0013 6040 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 20:48:02.0016 6040 Serial - ok 20:48:02.0024 6040 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 20:48:02.0025 6040 sermouse - ok 20:48:02.0064 6040 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 20:48:02.0067 6040 SessionEnv - ok 20:48:02.0074 6040 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:48:02.0076 6040 sffdisk - ok 20:48:02.0085 6040 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:48:02.0086 6040 sffp_mmc - ok 20:48:02.0094 6040 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:48:02.0095 6040 sffp_sd - ok 20:48:02.0103 6040 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 20:48:02.0104 6040 sfloppy - ok 20:48:02.0151 6040 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:48:02.0156 6040 SharedAccess - ok 20:48:02.0194 6040 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:48:02.0200 6040 ShellHWDetection - ok 20:48:02.0210 6040 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 20:48:02.0211 6040 SiSRaid2 - ok 20:48:02.0222 6040 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 20:48:02.0225 6040 SiSRaid4 - ok 20:48:02.0259 6040 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys 20:48:02.0259 6040 SmartDefragDriver - ok 20:48:02.0306 6040 [ 7442BCA60ED46CC31C2F39728BBDD9AD ] SMA_USBBUS C:\Windows\system32\drivers\ftdibus.sys 20:48:02.0307 6040 SMA_USBBUS - ok 20:48:02.0325 6040 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:48:02.0328 6040 Smb - ok 20:48:02.0364 6040 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:48:02.0367 6040 SNMPTRAP - ok 20:48:02.0383 6040 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 20:48:02.0384 6040 spldr - ok 20:48:02.0438 6040 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 20:48:02.0451 6040 Spooler - ok 20:48:02.0538 6040 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 20:48:02.0603 6040 sppsvc - ok 20:48:02.0625 6040 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 20:48:02.0628 6040 sppuinotify - ok 20:48:02.0668 6040 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 20:48:02.0673 6040 srv - ok 20:48:02.0702 6040 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:48:02.0706 6040 srv2 - ok 20:48:02.0730 6040 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:48:02.0732 6040 srvnet - ok 20:48:02.0777 6040 [ 2BD486E7A2EB225E9E8E3DD1C016461B ] SSCBFS3 C:\Windows\system32\DRIVERS\sscbfs3.sys 20:48:02.0779 6040 SSCBFS3 - ok 20:48:02.0820 6040 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:48:02.0827 6040 SSDPSRV - ok 20:48:02.0862 6040 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:48:02.0865 6040 SstpSvc - ok 20:48:02.0894 6040 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 20:48:02.0896 6040 stexstor - ok 20:48:02.0948 6040 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 20:48:02.0966 6040 stisvc - ok 20:48:02.0988 6040 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 20:48:02.0989 6040 swenum - ok 20:48:03.0039 6040 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 20:48:03.0046 6040 swprv - ok 20:48:03.0104 6040 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 20:48:03.0142 6040 SysMain - ok 20:48:03.0164 6040 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:48:03.0168 6040 TabletInputService - ok 20:48:03.0190 6040 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 20:48:03.0196 6040 TapiSrv - ok 20:48:03.0219 6040 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 20:48:03.0220 6040 TBS - ok 20:48:03.0286 6040 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:48:03.0319 6040 Tcpip - ok 20:48:03.0356 6040 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:48:03.0367 6040 TCPIP6 - ok 20:48:03.0419 6040 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:48:03.0420 6040 tcpipreg - ok 20:48:03.0473 6040 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:48:03.0474 6040 TDPIPE - ok 20:48:03.0516 6040 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:48:03.0517 6040 TDTCP - ok 20:48:03.0542 6040 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:48:03.0544 6040 tdx - ok 20:48:03.0567 6040 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 20:48:03.0569 6040 TermDD - ok 20:48:03.0611 6040 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 20:48:03.0621 6040 TermService - ok 20:48:03.0648 6040 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 20:48:03.0651 6040 Themes - ok 20:48:03.0680 6040 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 20:48:03.0682 6040 THREADORDER - ok 20:48:03.0746 6040 [ 0765EE4A7A0D6609BF91CA2E4700E885 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe 20:48:03.0747 6040 TomTomHOMEService - ok 20:48:03.0764 6040 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 20:48:03.0768 6040 TrkWks - ok 20:48:03.0827 6040 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:48:03.0831 6040 TrustedInstaller - ok 20:48:03.0873 6040 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:48:03.0875 6040 tssecsrv - ok 20:48:03.0909 6040 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 20:48:03.0911 6040 TsUsbFlt - ok 20:48:03.0946 6040 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 20:48:03.0947 6040 TsUsbGD - ok 20:48:03.0974 6040 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:48:03.0976 6040 tunnel - ok 20:48:04.0005 6040 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 20:48:04.0007 6040 uagp35 - ok 20:48:04.0035 6040 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys 20:48:04.0036 6040 UBHelper - ok 20:48:04.0062 6040 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:48:04.0066 6040 udfs - ok 20:48:04.0138 6040 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:48:04.0143 6040 UI0Detect - ok 20:48:04.0182 6040 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:48:04.0185 6040 uliagpkx - ok 20:48:04.0210 6040 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 20:48:04.0212 6040 umbus - ok 20:48:04.0223 6040 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 20:48:04.0224 6040 UmPass - ok 20:48:04.0326 6040 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 20:48:04.0341 6040 UNS - ok 20:48:04.0364 6040 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 20:48:04.0370 6040 upnphost - ok 20:48:04.0399 6040 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:48:04.0401 6040 usbccgp - ok 20:48:04.0430 6040 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:48:04.0432 6040 usbcir - ok 20:48:04.0449 6040 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 20:48:04.0451 6040 usbehci - ok 20:48:04.0481 6040 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:48:04.0486 6040 usbhub - ok 20:48:04.0504 6040 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 20:48:04.0506 6040 usbohci - ok 20:48:04.0529 6040 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 20:48:04.0531 6040 usbprint - ok 20:48:04.0562 6040 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:48:04.0564 6040 USBSTOR - ok 20:48:04.0587 6040 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 20:48:04.0589 6040 usbuhci - ok 20:48:04.0610 6040 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 20:48:04.0614 6040 usbvideo - ok 20:48:04.0648 6040 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 20:48:04.0651 6040 UxSms - ok 20:48:04.0660 6040 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 20:48:04.0662 6040 VaultSvc - ok 20:48:04.0676 6040 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:48:04.0677 6040 vdrvroot - ok 20:48:04.0701 6040 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 20:48:04.0708 6040 vds - ok 20:48:04.0735 6040 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:48:04.0736 6040 vga - ok 20:48:04.0756 6040 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 20:48:04.0757 6040 VgaSave - ok 20:48:04.0768 6040 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 20:48:04.0771 6040 vhdmp - ok 20:48:04.0780 6040 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 20:48:04.0783 6040 viaide - ok 20:48:04.0805 6040 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:48:04.0807 6040 volmgr - ok 20:48:04.0831 6040 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:48:04.0835 6040 volmgrx - ok 20:48:04.0860 6040 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:48:04.0864 6040 volsnap - ok 20:48:04.0883 6040 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 20:48:04.0885 6040 vsmraid - ok 20:48:04.0931 6040 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 20:48:04.0964 6040 VSS - ok 20:48:04.0989 6040 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 20:48:04.0990 6040 vwifibus - ok 20:48:05.0013 6040 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 20:48:05.0015 6040 vwififlt - ok 20:48:05.0036 6040 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 20:48:05.0037 6040 vwifimp - ok 20:48:05.0063 6040 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 20:48:05.0069 6040 W32Time - ok 20:48:05.0105 6040 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 20:48:05.0107 6040 WacomPen - ok 20:48:05.0130 6040 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 20:48:05.0133 6040 WANARP - ok 20:48:05.0142 6040 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:48:05.0143 6040 Wanarpv6 - ok 20:48:05.0205 6040 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 20:48:05.0239 6040 WatAdminSvc - ok 20:48:05.0289 6040 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 20:48:05.0324 6040 wbengine - ok 20:48:05.0348 6040 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:48:05.0353 6040 WbioSrvc - ok 20:48:05.0377 6040 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:48:05.0384 6040 wcncsvc - ok 20:48:05.0408 6040 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:48:05.0411 6040 WcsPlugInService - ok 20:48:05.0442 6040 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 20:48:05.0444 6040 Wd - ok 20:48:05.0510 6040 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:48:05.0538 6040 Wdf01000 - ok 20:48:05.0557 6040 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:48:05.0561 6040 WdiServiceHost - ok 20:48:05.0574 6040 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:48:05.0577 6040 WdiSystemHost - ok 20:48:05.0606 6040 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 20:48:05.0611 6040 WebClient - ok 20:48:05.0636 6040 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:48:05.0641 6040 Wecsvc - ok 20:48:05.0663 6040 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:48:05.0666 6040 wercplsupport - ok 20:48:05.0682 6040 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 20:48:05.0685 6040 WerSvc - ok 20:48:05.0719 6040 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 20:48:05.0721 6040 WfpLwf - ok 20:48:05.0741 6040 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:48:05.0743 6040 WIMMount - ok 20:48:05.0775 6040 WinDefend - ok 20:48:05.0797 6040 WinHttpAutoProxySvc - ok 20:48:05.0871 6040 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:48:05.0874 6040 Winmgmt - ok 20:48:05.0937 6040 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 20:48:05.0983 6040 WinRM - ok 20:48:06.0055 6040 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 20:48:06.0066 6040 Wlansvc - ok 20:48:06.0146 6040 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 20:48:06.0148 6040 wlcrasvc - ok 20:48:06.0256 6040 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:48:06.0271 6040 wlidsvc - ok 20:48:06.0310 6040 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 20:48:06.0310 6040 WmiAcpi - ok 20:48:06.0353 6040 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:48:06.0356 6040 wmiApSrv - ok 20:48:06.0391 6040 WMPNetworkSvc - ok 20:48:06.0419 6040 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:48:06.0421 6040 WPCSvc - ok 20:48:06.0441 6040 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:48:06.0445 6040 WPDBusEnum - ok 20:48:06.0467 6040 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:48:06.0467 6040 ws2ifsl - ok 20:48:06.0493 6040 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 20:48:06.0499 6040 wscsvc - ok 20:48:06.0511 6040 WSearch - ok 20:48:06.0592 6040 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 20:48:06.0638 6040 wuauserv - ok 20:48:06.0683 6040 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:48:06.0685 6040 WudfPf - ok 20:48:06.0712 6040 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:48:06.0716 6040 WUDFRd - ok 20:48:06.0757 6040 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:48:06.0760 6040 wudfsvc - ok 20:48:06.0794 6040 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 20:48:06.0799 6040 WwanSvc - ok 20:48:06.0873 6040 ================ Scan global =============================== 20:48:06.0927 6040 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 20:48:06.0957 6040 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 20:48:06.0967 6040 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 20:48:06.0992 6040 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 20:48:07.0036 6040 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 20:48:07.0042 6040 [Global] - ok 20:48:07.0043 6040 ================ Scan MBR ================================== 20:48:07.0054 6040 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 20:48:07.0528 6040 \Device\Harddisk0\DR0 - ok 20:48:07.0529 6040 ================ Scan VBR ================================== 20:48:07.0532 6040 [ 2A365E17842182EA6FC2D3464E0692CA ] \Device\Harddisk0\DR0\Partition1 20:48:07.0534 6040 \Device\Harddisk0\DR0\Partition1 - ok 20:48:07.0552 6040 [ 7FEE8B20B411D1CDF9457D03F4E522B5 ] \Device\Harddisk0\DR0\Partition2 20:48:07.0554 6040 \Device\Harddisk0\DR0\Partition2 - ok 20:48:07.0580 6040 [ 09CCF3C8FEFE10D34C1D750EC838EE10 ] \Device\Harddisk0\DR0\Partition3 20:48:07.0582 6040 \Device\Harddisk0\DR0\Partition3 - ok 20:48:07.0583 6040 ============================================================ 20:48:07.0583 6040 Scan finished 20:48:07.0583 6040 ============================================================ 20:48:07.0594 6992 Detected object count: 0 20:48:07.0594 6992 Actual detected object count: 0
  23. Ik had iets gelezen over een update van W7 die hier en daar voor problemen gezorgd had. Gisteren was er dan een nieuwe versie van die update, dus enkel dit toegepast. Had in het begin van de week eigenlijk al de recoverycd's liggen met de bedoeling W7 volledig opnieuw te installeren toen 'k er aan dacht hier eens de vraag te stellen. Zal waarschijnlijk iets voor maandag zijn, vanaf morgen eerst een weekendje weg . Nogmaals dank! Ik laat dan wel iets weten.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.