cawa Geplaatst: 19 december 2013 Delen Geplaatst: 19 december 2013 Hallo, Een kameraad vroeg me zijn pc eens na te kijken en ik liet malwarebytes scannen en ook eset nod32. Deze vonden heel wat troep maar in zijn webbrowser zijn er bij bepaalde websites nog rare dingen waarbij bepaalde worden onderlijnt en al je er met u cursor naar toegaat komt er wat reclame voor programma's. Vandaar dat ik eens een logje plaats om dit een nat te kijken. ik post meteen ook het malwarebyteslogje erbij. Alvast bedankt voor de hulp! - - - Updated - - - RSIT logje: Logfile of random's system information tool 1.09 (written by random/random) Run by shiara en niels at 2013-12-19 15:30:08 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 401 GB (87%) free of 459 GB Total RAM: 6104 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:30:14, on 19-12-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\shiara en niels.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [Exetender] "C:\Program Files (x86)\FantastiGames\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Windows\System32\GFNEXSrv.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: YouTubeAcceleratorService - GOOBZO - C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -- End of file - 13147 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\system32\atiesrxx.exe winlogon.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\svchost.exe -k NetworkService C:\Windows\System32\GFNEXSrv.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork atieclxx "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" "C:\windows\system32\Dwm.exe" "taskhost.exe" C:\windows\Explorer.EXE C:\windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" C:\windows\system32\TODDSrv.exe "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm WLIDSvcM.exe 1640 C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe" "C:\Program Files\TOSHIBA\TECO\TecoService.exe" C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding C:\windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe" "C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log "C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" C:\windows\System32\svchost.exe -k secsvcs "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6584.0.2023029172\127291124" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x1002 --gpu-device-id=0x6840 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.932.5.3000 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --enable-experimental-extension-apis --channel="6584.4.392784580\1690993719" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --enable-experimental-extension-apis --channel="6584.27.526054927\1705471764" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --enable-experimental-extension-apis --channel="6584.28.701989382\202119016" /prefetch:673131151 taskeng.exe {A73E36EB-B5E7-4360-8F95-4473650ACF64} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --enable-experimental-extension-apis --channel="6584.37.881657832\1119814316" /prefetch:673131151 "c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe" --IPCport 5939 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6584.39.694746488\1610750040" --ppapi-flash-args --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --enable-experimental-extension-apis --channel="6584.40.2004456430\1552240117" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="6584.41.1926091748\1306539778" --lang=nl /prefetch:845217598 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --enable-experimental-extension-apis --channel="6584.43.244273074\2137102170" /prefetch:673131151 C:\windows\system32\msiexec.exe /V "C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe" C:\windows\system32\wbem\wmiprvse.exe "C:\windows\system32\NOTEPAD.EXE" C:\Program Files (x86)\Trend Micro\HiJackThis\hijackthis.log "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --enable-experimental-extension-apis --channel="6584.44.1537481482\1271374427" /prefetch:673131151 "C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544 "C:\Users\shiara en niels\Downloads\RSITx64.exe" C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\windows\tasks\Adobe Flash Player Updater.job C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job =========Mozilla firefox========= ProfilePath - C:\Users\shiara en niels\AppData\Roaming\Mozilla\Firefox\Profiles\23mef4dn.default [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0] "Description"=Exent® AOD Gecko Plugin "Path"=C:\Program Files (x86)\FantastiGames\npExentCtl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] "Description"=This plugin updates Intel WebAPI component "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0] "Description"=Microsoft Lync Plug-in for Firefox "Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM] "Description"= "Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App V2 Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\www.exent.com/GameTreatWidget] "Description"= "Path"=C:\Program Files (x86)\FantastiGames\NPGameTreatPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files (x86)\Mozilla Firefox\plugins\ npMeetingJoinPluginOC.dll C:\Program Files (x86)\Mozilla Firefox\searchplugins\ amazondotcom.xml bing.xml eBay.xml google.xml twitter.xml wikipedia.xml yahoo.xml C:\Users\shiara en niels\AppData\Roaming\Mozilla\Firefox\Profiles\23mef4dn.default\extensions\ 4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com 9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com staged ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-17 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-17 194128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-17 256080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-17 194128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""= [] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19876968] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-05-10 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-12-19 15:30:08 ----D---- C:\rsit 2013-12-19 15:30:08 ----D---- C:\Program Files\trend micro 2013-12-19 15:23:30 ----D---- C:\Program Files (x86)\Trend Micro 2013-12-17 20:29:02 ----A---- C:\DelFix.txt 2013-12-16 22:52:47 ----D---- C:\Program Files\Microsoft.NET 2013-12-16 22:33:05 ----D---- C:\Users\shiara en niels\AppData\Roaming\WinRAR 2013-12-16 22:32:28 ----D---- C:\Program Files\WinRAR 2013-12-16 22:21:00 ----D---- C:\Users\shiara en niels\AppData\Roaming\ESET 2013-12-16 22:20:01 ----D---- C:\ProgramData\ESET 2013-12-16 22:20:00 ----D---- C:\Program Files\ESET 2013-12-16 22:18:26 ----D---- C:\Program Files\KMSpico 2013-12-16 21:59:13 ----D---- C:\Program Files\Common Files\DESIGNER 2013-12-16 21:58:36 ----D---- C:\Program Files (x86)\Microsoft SQL Server 2013-12-16 21:58:11 ----D---- C:\ProgramData\regid.1991-06.com.microsoft 2013-12-16 21:57:48 ----D---- C:\windows\PCHEALTH 2013-12-16 21:57:48 ----D---- C:\Program Files\Microsoft SQL Server 2013-12-16 21:55:33 ----D---- C:\Program Files\Microsoft Analysis Services 2013-12-16 21:55:33 ----D---- C:\Program Files (x86)\Microsoft Analysis Services 2013-12-16 21:55:19 ----D---- C:\Program Files (x86)\Microsoft Office 2013-12-16 21:55:13 ----D---- C:\Program Files\Microsoft Office 2013-12-16 18:47:42 ----A---- C:\windows\system32\javaws.exe 2013-12-16 18:47:38 ----A---- C:\windows\system32\WindowsAccessBridge-64.dll 2013-12-16 18:47:38 ----A---- C:\windows\system32\javaw.exe 2013-12-16 18:47:38 ----A---- C:\windows\system32\java.exe 2013-12-16 18:47:31 ----D---- C:\Program Files\Java 2013-12-16 18:46:31 ----D---- C:\ProgramData\Oracle 2013-12-16 18:46:29 ----A---- C:\windows\SYSWOW64\javaws.exe 2013-12-16 18:46:24 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll 2013-12-16 18:46:24 ----A---- C:\windows\SYSWOW64\javaw.exe 2013-12-16 18:46:24 ----A---- C:\windows\SYSWOW64\java.exe 2013-12-16 18:46:18 ----D---- C:\Program Files (x86)\Java 2013-12-16 18:34:35 ----D---- C:\ProgramData\VS Revo Group 2013-12-16 18:34:35 ----A---- C:\windows\system32\drivers\revoflt.sys 2013-12-16 18:22:54 ----D---- C:\windows\Migration 2013-12-16 18:21:26 ----A---- C:\windows\system32\ieui.dll 2013-12-16 18:21:26 ----A---- C:\windows\system32\ieetwcollectorres.dll 2013-12-16 18:21:25 ----A---- C:\windows\SYSWOW64\jsproxy.dll 2013-12-16 18:21:25 ----A---- C:\windows\SYSWOW64\ieui.dll 2013-12-16 18:21:25 ----A---- C:\windows\system32\jsproxy.dll 2013-12-16 18:21:25 ----A---- C:\windows\system32\ieUnatt.exe 2013-12-16 18:21:25 ----A---- C:\windows\system32\iesetup.dll 2013-12-16 18:21:25 ----A---- C:\windows\system32\iernonce.dll 2013-12-16 18:21:25 ----A---- C:\windows\system32\ieetwproxystub.dll 2013-12-16 18:21:25 ----A---- C:\windows\system32\ieetwcollector.exe 2013-12-16 18:21:25 ----A---- C:\windows\system32\ie4uinit.exe 2013-12-16 18:21:24 ----A---- C:\windows\SYSWOW64\jscript9diag.dll 2013-12-16 18:21:24 ----A---- C:\windows\system32\mshtml.dll 2013-12-16 18:21:24 ----A---- C:\windows\system32\jscript9diag.dll 2013-12-16 18:21:24 ----A---- C:\windows\system32\ieapfltr.dll 2013-12-16 18:21:23 ----A---- C:\windows\SYSWOW64\wininet.dll 2013-12-16 18:21:23 ----A---- C:\windows\SYSWOW64\iertutil.dll 2013-12-16 18:21:23 ----A---- C:\windows\SYSWOW64\ieapfltr.dll 2013-12-16 18:21:23 ----A---- C:\windows\system32\wininet.dll 2013-12-16 18:21:23 ----A---- C:\windows\system32\iertutil.dll 2013-12-16 18:21:22 ----A---- C:\windows\SYSWOW64\urlmon.dll 2013-12-16 18:21:22 ----A---- C:\windows\system32\urlmon.dll 2013-12-16 18:21:21 ----A---- C:\windows\SYSWOW64\ieframe.dll 2013-12-16 18:21:21 ----A---- C:\windows\system32\ieframe.dll 2013-12-16 18:21:20 ----A---- C:\windows\SYSWOW64\mshtml.dll 2013-12-16 18:21:20 ----A---- C:\windows\SYSWOW64\jscript9.dll 2013-12-16 18:21:19 ----A---- C:\windows\system32\jscript9.dll 2013-12-16 18:20:54 ----A---- C:\windows\system32\drivers\usbuhci.sys 2013-12-16 18:20:54 ----A---- C:\windows\system32\drivers\usbport.sys 2013-12-16 18:20:54 ----A---- C:\windows\system32\drivers\usbohci.sys 2013-12-16 18:20:54 ----A---- C:\windows\system32\drivers\usbhub.sys 2013-12-16 18:20:54 ----A---- C:\windows\system32\drivers\usbehci.sys 2013-12-16 18:20:54 ----A---- C:\windows\system32\drivers\usbd.sys 2013-12-16 18:20:54 ----A---- C:\windows\system32\drivers\usbccgp.sys 2013-12-16 18:16:01 ----A---- C:\windows\system32\sdnclean64.exe 2013-12-16 18:16:00 ----D---- C:\ProgramData\Spybot - Search & Destroy 2013-12-16 18:15:57 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-12-16 17:54:17 ----D---- C:\Program Files\office.tmp 2013-12-16 17:53:37 ----D---- C:\windows\ERUNT 2013-12-16 06:37:50 ----A---- C:\windows\system32\IEUDINIT.EXE 2013-12-16 06:33:08 ----A---- C:\windows\SYSWOW64\elshyph.dll 2013-12-16 06:33:08 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\wextract.exe 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\webcheck.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\vbscript.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\url.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\pngfilt.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\occache.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\msrating.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\msls31.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\mshtmler.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\mshtmled.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\mshta.exe 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\msfeedssync.exe 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\msfeeds.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\licmgr10.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\jsIntl.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\jscript.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\inseng.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\imgutil.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\iexpress.exe 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\ieUnatt.exe 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\iesysprep.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\iesetup.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\iernonce.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\iepeers.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\iedkcs32.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\ieapfltr.dat 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\icardie.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\dxtrans.dll 2013-12-16 06:33:01 ----A---- C:\windows\SYSWOW64\dxtmsft.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\wextract.exe 2013-12-16 06:33:01 ----A---- C:\windows\system32\webcheck.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\vbscript.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\url.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\SetIEInstalledDate.exe 2013-12-16 06:33:01 ----A---- C:\windows\system32\RegisterIEPKEYs.exe 2013-12-16 06:33:01 ----A---- C:\windows\system32\pngfilt.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\occache.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\msrating.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\msls31.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\mshtmlmedia.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\mshtmler.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\mshtmled.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\MshtmlDac.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\mshta.exe 2013-12-16 06:33:01 ----A---- C:\windows\system32\msfeedssync.exe 2013-12-16 06:33:01 ----A---- C:\windows\system32\msfeedsbs.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\msfeeds.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\licmgr10.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\jsIntl.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\jscript.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\inseng.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\imgutil.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\iexpress.exe 2013-12-16 06:33:01 ----A---- C:\windows\system32\iesysprep.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\iepeers.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\iedkcs32.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\ieapfltr.dat 2013-12-16 06:33:01 ----A---- C:\windows\system32\IEAdvpack.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\icardie.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\elshyph.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\dxtrans.dll 2013-12-16 06:33:01 ----A---- C:\windows\system32\dxtmsft.dll 2013-12-15 11:45:01 ----A---- C:\windows\SYSWOW64\wmploc.DLL 2013-12-15 11:45:01 ----A---- C:\windows\system32\wmploc.DLL 2013-12-15 11:45:00 ----A---- C:\windows\SYSWOW64\wmp.dll 2013-12-15 11:45:00 ----A---- C:\windows\system32\wmp.dll 2013-12-12 18:02:28 ----A---- C:\windows\SYSWOW64\WMPhoto.dll 2013-12-12 18:02:28 ----A---- C:\windows\system32\WMPhoto.dll 2013-12-12 18:02:27 ----A---- C:\windows\SYSWOW64\msieftp.dll 2013-12-12 18:02:27 ----A---- C:\windows\SYSWOW64\imagehlp.dll 2013-12-12 18:02:27 ----A---- C:\windows\system32\win32k.sys 2013-12-12 18:02:27 ----A---- C:\windows\system32\msieftp.dll 2013-12-12 18:02:27 ----A---- C:\windows\system32\imagehlp.dll 2013-12-12 18:02:26 ----A---- C:\windows\SYSWOW64\tzres.dll 2013-12-12 18:02:26 ----A---- C:\windows\system32\tzres.dll 2013-12-12 18:02:23 ----A---- C:\windows\system32\drivers\portcls.sys 2013-12-12 18:02:23 ----A---- C:\windows\system32\drivers\drmk.sys 2013-12-12 18:02:22 ----A---- C:\windows\SYSWOW64\wscript.exe 2013-12-12 18:02:22 ----A---- C:\windows\SYSWOW64\scrrun.dll 2013-12-12 18:02:22 ----A---- C:\windows\SYSWOW64\cscript.exe 2013-12-12 18:02:22 ----A---- C:\windows\system32\wscript.exe 2013-12-12 18:02:22 ----A---- C:\windows\system32\scrrun.dll 2013-12-12 18:02:22 ----A---- C:\windows\system32\cscript.exe 2013-12-12 08:59:09 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe ======List of files/folders modified in the last 1 month====== 2013-12-19 15:30:09 ----D---- C:\windows\Temp 2013-12-19 15:30:08 ----RD---- C:\Program Files 2013-12-19 15:23:31 ----SHD---- C:\windows\Installer 2013-12-19 15:23:30 ----SD---- C:\Users\shiara en niels\AppData\Roaming\Microsoft 2013-12-19 15:23:30 ----RD---- C:\Program Files (x86) 2013-12-19 15:23:20 ----SHD---- C:\System Volume Information 2013-12-19 12:44:09 ----D---- C:\windows\system32\config 2013-12-19 11:29:17 ----D---- C:\windows\Microsoft.NET 2013-12-19 11:27:33 ----RSD---- C:\windows\assembly 2013-12-18 15:18:50 ----D---- C:\Users\shiara en niels\AppData\Roaming\Skype 2013-12-18 06:44:44 ----D---- C:\Program Files (x86)\Google 2013-12-18 06:40:28 ----D---- C:\windows\inf 2013-12-18 06:40:28 ----AD---- C:\windows\System32 2013-12-18 06:40:28 ----A---- C:\windows\system32\PerfStringBackup.INI 2013-12-18 06:36:42 ----A---- C:\windows\SYSWOW64\log.txt 2013-12-18 06:34:32 ----AD---- C:\ProgramData\TEMP 2013-12-18 06:34:02 ----AD---- C:\Windows 2013-12-17 21:04:14 ----D---- C:\windows\SysWOW64 2013-12-16 22:52:47 ----D---- C:\Program Files (x86)\Microsoft.NET 2013-12-16 22:50:19 ----D---- C:\ProgramData\Microsoft Help 2013-12-16 22:49:45 ----A---- C:\windows\win.ini 2013-12-16 22:45:22 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-12-16 22:20:45 ----D---- C:\windows\system32\DriverStore 2013-12-16 22:20:45 ----D---- C:\windows\system32\drivers 2013-12-16 22:20:45 ----D---- C:\windows\system32\catroot 2013-12-16 22:20:01 ----HD---- C:\ProgramData 2013-12-16 22:18:28 ----D---- C:\windows\system32\Tasks 2013-12-16 21:59:31 ----D---- C:\windows\ShellNew 2013-12-16 21:59:22 ----D---- C:\Program Files\Common Files\Microsoft Shared 2013-12-16 21:59:13 ----D---- C:\Program Files\Common Files 2013-12-16 21:57:48 ----SD---- C:\ProgramData\Microsoft 2013-12-16 21:56:20 ----D---- C:\Program Files\Common Files\System 2013-12-16 18:46:56 ----D---- C:\Program Files (x86)\Common Files 2013-12-16 18:36:16 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI 2013-12-16 18:35:46 ----D---- C:\windows\SYSWOW64\nl-NL 2013-12-16 18:35:46 ----D---- C:\windows\system32\nl-NL 2013-12-16 18:32:47 ----D---- C:\windows\system32\drivers\etc 2013-12-16 18:30:52 ----D---- C:\windows\winsxs 2013-12-16 18:29:13 ----D---- C:\Program Files\Internet Explorer 2013-12-16 18:29:13 ----D---- C:\Program Files (x86)\Internet Explorer 2013-12-16 18:22:56 ----D---- C:\windows\SYSWOW64\en-US 2013-12-16 18:22:56 ----D---- C:\windows\system32\en-US 2013-12-16 18:21:41 ----D---- C:\windows\system32\catroot2 2013-12-16 18:12:59 ----D---- C:\Users\shiara en niels\AppData\Roaming\uTorrent 2013-12-16 18:03:46 ----D---- C:\windows\SoftwareDistribution 2013-12-16 18:02:59 ----D---- C:\windows\Panther 2013-12-16 18:02:59 ----D---- C:\windows\Logs 2013-12-16 18:02:59 ----D---- C:\windows\debug 2013-12-16 18:01:08 ----D---- C:\windows\Prefetch 2013-12-16 18:00:05 ----D---- C:\Program Files (x86)\YouTube Accelerator 2013-12-16 17:58:22 ----D---- C:\windows\SYSWOW64\migration 2013-12-16 17:58:21 ----D---- C:\windows\system32\migration 2013-12-16 17:58:21 ----D---- C:\windows\PolicyDefinitions 2013-12-16 17:58:21 ----D---- C:\Program Files\Windows Media Player 2013-12-16 17:58:21 ----D---- C:\Program Files (x86)\Windows Media Player 2013-12-16 17:57:31 ----D---- C:\Users\shiara en niels\AppData\Roaming\SoftGrid Client 2013-12-16 17:56:58 ----D---- C:\Program Files (x86)\TeamViewer 2013-12-16 17:56:17 ----RSD---- C:\windows\Fonts 2013-12-16 06:29:55 ----D---- C:\windows\system32\MRT 2013-12-16 06:29:49 ----A---- C:\windows\system32\MRT.exe 2013-12-12 08:59:18 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-16 62136] R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver; C:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-05 16152] R0 NBVol;Nero Backup Volume Filter Driver; C:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240] R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920] R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2011-05-23 213888] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-15 26840] R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2013-09-16 239320] R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2013-09-16 168256] R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-16 44120] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2013-09-16 220232] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472] R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-01-20 10731520] R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-01-20 328192] R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-12-30 2799616] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-03-21 4013928] R3 iusb3hub;Intel® USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-05 355096] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-05 786200] R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MEIx64;Intel® Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784] R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2011-08-17 251496] R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-12-19 411920] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-31 27784] R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2010-06-19 18872] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\windows\system32\DRIVERS\btfilter.sys [2011-08-09 45168] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\windows\system32\drivers\hitmanpro37.sys [2013-11-13 32512] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 Revoflt;Revoflt; C:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 s
Aanbevolen berichten