Ga naar inhoud

gravity space en its result hub

albada53
 Delen

Aanbevolen berichten

albada53 Bijdrager

albada53

Geplaatst:
Geplaatst:

Ik krijg steeds de programma's: Gravity Space en Its Result Hub op mijn programma. Ik heb begrepen dat dit Addware is. Ik heb in de instellingen van Google Chrome bij extensions alles teruggezet naar de standaardwaarden maar toch komen deze 2 programma's bij het opstarten mee met de browser. Hoe kan ik deze programma's definitief verwijderen? En zijn deze programma's schadelijk?

Link naar reactie
Delen op andere sites
iEscape Grootmeester

iEscape

Geplaatst:
Geplaatst:

Download icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.


Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .


RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.


Bekijk ook de

.
Link naar reactie
Delen op andere sites
albada53 Bijdrager

albada53

Geplaatst:
  • Auteur
Geplaatst:

Bijgaand het logbestand:

 

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Windows7 at 2015-08-21 15:02:21
Microsoft Windows 7 Ultimate  Service Pack 1
System drive C: has 57 GB (48%) free of 119 GB
Total RAM: 3837 MB (54% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:02:34, on 21-8-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal
 
Running processes:
C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7\plugin.exe
C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\3\plugin.exe
C:\Program Files\trend micro\Windows7.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [spybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [spUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [spUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files (x86)\PasswordBox\pbbtnService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Service Mgr GravitySpace - Unknown owner - C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugincontainer.exe
O23 - Service: Service Mgr ItsResultsHub - Unknown owner - C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugincontainer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr GravitySpace - Unknown owner - C:\Program Files (x86)\Common Files\f4ec396c-3454-45dd-b141-69ee6db2debb\updater.exe
O23 - Service: Update Mgr ItsResultsHub - Unknown owner - C:\Program Files (x86)\Common Files\ff8de6dd-320f-4157-95aa-b9e38361078a\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 9822 bytes
 
======Listing Processes======
 
 
 
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
 
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
taskeng.exe {C224045E-9219-4873-A700-1015A5DB18FC}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe" 
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\PasswordBox\pbbtnService.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Windows\system32\GWX\GWX.exe" 
"C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugincontainer.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe" -services -injection-server
"C:\Program Files (x86)\Common Files\f4ec396c-3454-45dd-b141-69ee6db2debb\updater.exe"
"C:\Program Files (x86)\Common Files\ff8de6dd-320f-4157-95aa-b9e38361078a\updater.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2664
"C:\Program Files (x86)\Canon\CAL\CALMAIN.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\EscSvc64.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-df44b463-1e02-423b-b923-d63e0e993532 -SystemEventPortName:HostProcess-aa644b8b-4303-4c01-b695-a0739716f5aa -IoCancelEventPortName:HostProcess-a45469d6-6b03-4f69-9584-b265221e3169 -NonStateChangingEventPortName:HostProcess-ef6b513c-6628-4778-8696-535d534ca7c3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:dc3c264f-6a9c-41f8-88f5-2ce8ea95874b -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" 
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory=Default
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4268.0.903073285\815527494" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,9,22,45 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2e32 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4268.1.25992095\1455480068" --font-cache-shared-handle=2024 /prefetch:673131151
"C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\10\plugin.exe"
"C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\6\plugin.exe"
"C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\5\plugin.exe"
"C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\8\plugin.exe"
"C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\2\plugin.exe"
"C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\3\plugin.exe"
"C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7\plugin.exe" u
"C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7\plugin.exe"
"C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\3\plugin.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4268.4.1957876780\195253755" --font-cache-shared-handle=2464 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516 
"C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugincontainer.exe"
"C:\Users\Windows7\Downloads\RSITx64.exe" 
"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
 
======Scheduled tasks folder======
 
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe  
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0db7d54cc35d1.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0db7d5525056a.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Spotify Web Helper"=C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-15 2018360]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-15 2018360]
 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-02-22 3019376]
""= []
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
 
======List of files/folders created in the last 1 month======
 
2015-08-21 14:59:06 ----D---- C:\Program Files (x86)\Its Results Hub
2015-08-21 14:59:06 ----D---- C:\Program Files (x86)\Gravity Space
2015-08-21 10:19:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-08-21 10:19:35 ----A---- C:\Windows\system32\mshtml.dll
2015-08-21 00:15:18 ----A---- C:\Windows\system32\appraiser.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\invagent.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\generaltel.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\devinv.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-21 00:15:17 ----A---- C:\Windows\system32\aepdu.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\aeinv.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\acmigration.dll
2015-08-16 22:03:24 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 22:03:24 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 21:49:19 ----A---- C:\Windows\system32\mstscax.dll
2015-08-16 21:49:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-16 21:49:17 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-08-16 21:49:17 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-16 21:49:16 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-08-16 21:49:16 ----A---- C:\Windows\system32\wksprt.exe
2015-08-16 21:49:16 ----A---- C:\Windows\system32\tsgqec.dll
2015-08-16 21:48:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-16 21:48:55 ----A---- C:\Windows\system32\ntdll.dll
2015-08-16 21:48:55 ----A---- C:\Windows\system32\kernel32.dll
2015-08-16 21:48:54 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-08-16 21:48:54 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-16 21:48:54 ----A---- C:\Windows\system32\sysmain.dll
2015-08-16 21:48:53 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-08-16 21:48:53 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-16 21:48:52 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-08-16 21:48:52 ----A---- C:\Windows\system32\wow64.dll
2015-08-16 21:48:52 ----A---- C:\Windows\system32\rstrui.exe
2015-08-16 21:48:52 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-16 21:48:52 ----A---- C:\Windows\system32\KernelBase.dll
2015-08-16 21:48:51 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-08-16 21:48:51 ----A---- C:\Windows\system32\winsrv.dll
2015-08-16 21:48:51 ----A---- C:\Windows\system32\srcore.dll
2015-08-16 21:48:51 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-16 21:48:51 ----A---- C:\Windows\system32\kerberos.dll
2015-08-16 21:48:49 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-08-16 21:48:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-08-16 21:48:49 ----A---- C:\Windows\system32\wdigest.dll
2015-08-16 21:48:49 ----A---- C:\Windows\system32\schannel.dll
2015-08-16 21:48:49 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-16 21:48:49 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-16 21:48:49 ----A---- C:\Windows\system32\conhost.exe
2015-08-16 21:48:48 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-08-16 21:48:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-08-16 21:48:48 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-08-16 21:48:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-08-16 21:48:48 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-16 21:48:48 ----A---- C:\Windows\system32\sspicli.dll
2015-08-16 21:48:48 ----A---- C:\Windows\system32\smss.exe
2015-08-16 21:48:48 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-16 21:48:48 ----A---- C:\Windows\system32\lsass.exe
2015-08-16 21:48:48 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-16 21:48:48 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-16 21:48:47 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-08-16 21:48:47 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-08-16 21:48:47 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-08-16 21:48:47 ----A---- C:\Windows\system32\srclient.dll
2015-08-16 21:48:47 ----A---- C:\Windows\system32\ntvdm64.dll
2015-08-16 21:48:47 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-16 21:48:47 ----A---- C:\Windows\system32\auditpol.exe
2015-08-16 21:48:46 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-08-16 21:48:46 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-08-16 21:48:46 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-08-16 21:48:46 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-08-16 21:48:46 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-08-16 21:48:46 ----A---- C:\Windows\system32\wow64win.dll
2015-08-16 21:48:46 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-16 21:48:46 ----A---- C:\Windows\system32\secur32.dll
2015-08-16 21:48:46 ----A---- C:\Windows\system32\msmmsp.dll
2015-08-16 21:48:46 ----A---- C:\Windows\system32\credssp.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-16 21:48:45 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-08-16 21:48:45 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-08-16 21:48:45 ----A---- C:\Windows\system32\wow64cpu.dll
2015-08-16 21:48:45 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-16 21:48:45 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-16 21:48:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-16 21:48:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-16 21:48:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-16 21:48:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-16 21:48:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-16 21:48:42 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-08-16 21:48:42 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-08-16 21:48:42 ----A---- C:\Windows\system32\apisetschema.dll
2015-08-16 21:48:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-16 21:48:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-16 21:48:41 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-16 21:48:41 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-16 21:48:41 ----A---- C:\Windows\SYSWOW64\user.exe
2015-08-16 21:48:41 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-08-16 21:48:41 ----A---- C:\Windows\system32\adtschema.dll
2015-08-16 21:48:40 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-08-16 21:48:40 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-08-16 21:48:40 ----A---- C:\Windows\system32\msobjs.dll
2015-08-16 21:48:40 ----A---- C:\Windows\system32\msaudite.dll
2015-08-16 21:47:20 ----A---- C:\Windows\system32\basesrv.dll
2015-08-16 21:46:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-08-16 21:46:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-08-16 21:46:09 ----A---- C:\Windows\system32\iertutil.dll
2015-08-16 21:46:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-08-16 21:46:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-08-16 21:46:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-08-16 21:46:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-08-16 21:46:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-08-16 21:46:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-08-16 21:46:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-08-16 21:46:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-08-16 21:46:07 ----A---- C:\Windows\system32\iernonce.dll
2015-08-16 21:46:07 ----A---- C:\Windows\system32\ie4uinit.exe
2015-08-16 21:46:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-08-16 21:46:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-08-16 21:46:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-16 21:46:05 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-08-16 21:46:05 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-08-16 21:46:05 ----A---- C:\Windows\system32\iedkcs32.dll
2015-08-16 21:46:04 ----A---- C:\Windows\system32\urlmon.dll
2015-08-16 21:46:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-08-16 21:46:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-08-16 21:46:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-08-16 21:46:03 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-08-16 21:46:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-08-16 21:46:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-16 21:46:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-16 21:46:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-08-16 21:46:02 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-16 21:46:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-08-16 21:46:00 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-16 21:45:59 ----A---- C:\Windows\system32\iesetup.dll
2015-08-16 21:45:59 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-16 21:45:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-08-16 21:45:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-08-16 21:45:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-08-16 21:45:57 ----A---- C:\Windows\system32\vbscript.dll
2015-08-16 21:45:57 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-16 21:45:57 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-16 21:45:56 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-08-16 21:45:56 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-08-16 21:45:56 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-16 21:45:55 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-16 21:45:55 ----A---- C:\Windows\system32\ieui.dll
2015-08-16 21:45:55 ----A---- C:\Windows\system32\ieframe.dll
2015-08-16 21:45:54 ----A---- C:\Windows\system32\wininet.dll
2015-08-16 21:45:54 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-08-16 21:45:54 ----A---- C:\Windows\system32\jscript9diag.dll
2015-08-16 21:45:54 ----A---- C:\Windows\system32\jscript9.dll
2015-08-16 21:45:54 ----A---- C:\Windows\system32\jscript.dll
2015-08-16 21:45:53 ----A---- C:\Windows\system32\msrating.dll
2015-08-16 21:45:53 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-08-16 21:45:04 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-16 21:45:04 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-16 21:45:04 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-16 21:45:04 ----A---- C:\Windows\system32\davclnt.dll
2015-08-16 21:45:01 ----A---- C:\Windows\system32\msxml3.dll
2015-08-16 21:45:00 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-16 21:45:00 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-16 21:45:00 ----A---- C:\Windows\system32\msxml6.dll
2015-08-16 21:44:59 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-08-16 21:44:59 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-08-16 21:44:59 ----A---- C:\Windows\system32\msxml6r.dll
2015-08-16 21:44:59 ----A---- C:\Windows\system32\msxml3r.dll
2015-08-16 21:44:56 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-16 21:44:56 ----A---- C:\Windows\system32\win32k.sys
2015-08-16 21:44:56 ----A---- C:\Windows\system32\FntCache.dll
2015-08-16 21:44:56 ----A---- C:\Windows\system32\DWrite.dll
2015-08-16 21:44:56 ----A---- C:\Windows\system32\atmfd.dll
2015-08-16 21:44:55 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-08-16 21:44:53 ----A---- C:\Windows\system32\lpk.dll
2015-08-16 21:44:52 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-08-16 21:44:52 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-08-16 21:44:52 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-08-16 21:44:52 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-08-16 21:44:52 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-08-16 21:44:52 ----A---- C:\Windows\system32\fontsub.dll
2015-08-16 21:44:52 ----A---- C:\Windows\system32\dciman32.dll
2015-08-16 21:44:52 ----A---- C:\Windows\system32\d3d10warp.dll
2015-08-16 21:44:52 ----A---- C:\Windows\system32\atmlib.dll
2015-08-16 21:44:48 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-16 21:44:48 ----A---- C:\Windows\system32\notepad.exe
2015-08-16 21:44:48 ----A---- C:\Windows\notepad.exe
2015-08-16 21:44:45 ----A---- C:\Windows\system32\shell32.dll
2015-08-16 21:44:44 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-08-16 21:43:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-08-16 21:43:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-08-16 21:43:57 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-16 21:43:57 ----A---- C:\Windows\system32\wucltux.dll
2015-08-16 21:43:57 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-16 21:43:57 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-16 21:43:57 ----A---- C:\Windows\system32\wuapi.dll
2015-08-16 21:43:56 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-08-16 21:43:56 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-08-16 21:43:56 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-08-16 21:43:56 ----A---- C:\Windows\system32\wups2.dll
2015-08-16 21:43:56 ----A---- C:\Windows\system32\wups.dll
2015-08-16 21:43:56 ----A---- C:\Windows\system32\wudriver.dll
2015-08-16 21:43:56 ----A---- C:\Windows\system32\wuapp.exe
2015-08-16 21:43:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-08-16 21:43:56 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-16 21:24:19 ----HD---- C:\$Windows.~BT
2015-08-16 21:07:57 ----ASH---- C:\pagefile.sys
2015-08-16 21:07:54 ----ASH---- C:\hiberfil.sys
2015-08-16 20:54:21 ----D---- C:\$SysReset
2015-08-10 00:06:22 ----SHD---- C:\Recovery
2015-08-04 19:38:54 ----D---- C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a
2015-08-04 19:38:08 ----D---- C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb
2015-07-31 21:32:16 ----D---- C:\ProgramData\{29248ef6-e2ae-4fb9-2924-48ef6e2a3bdb}
2015-07-29 19:46:46 ----D---- C:\Program Files\Common Files\AV
2015-07-27 09:32:07 ----D---- C:\ProgramData\{e66a1256-a48f-ba52-e66a-a1256a48495a}
 
======List of files/folders modified in the last 1 month======
 
2015-08-21 15:02:28 ----D---- C:\Windows\Temp
2015-08-21 15:02:24 ----D---- C:\Program Files\trend micro
2015-08-21 14:59:06 ----RD---- C:\Program Files (x86)
2015-08-21 13:54:59 ----D---- C:\Windows\system32\config
2015-08-21 12:09:19 ----D---- C:\Windows\system32\drivers\etc
2015-08-21 10:23:07 ----D---- C:\Windows\winsxs
2015-08-21 10:20:56 ----SD---- C:\Windows\system32\CompatTel
2015-08-21 10:20:56 ----D---- C:\Windows\SysWOW64
2015-08-21 10:20:56 ----D---- C:\Windows\system32\appraiser
2015-08-21 10:20:56 ----D---- C:\Windows\System32
2015-08-21 10:20:56 ----D---- C:\Windows\AppPatch
2015-08-21 10:19:25 ----SHD---- C:\System Volume Information
2015-08-21 00:06:16 ----D---- C:\Windows
2015-08-20 21:25:01 ----SHD---- C:\Windows\Installer
2015-08-20 21:21:44 ----D---- C:\Program Files (x86)\Google
2015-08-20 21:20:53 ----D---- C:\Windows\Tasks
2015-08-20 21:20:53 ----D---- C:\Windows\system32\Tasks
2015-08-20 21:04:32 ----D---- C:\Windows\inf
2015-08-20 21:04:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-20 20:57:17 ----D---- C:\Windows\pss
2015-08-20 19:44:27 ----D---- C:\Windows\rescache
2015-08-20 18:55:27 ----D---- C:\Windows\Microsoft.NET
2015-08-20 18:54:31 ----RSD---- C:\Windows\assembly
2015-08-17 07:07:29 ----D---- C:\Boot
2015-08-17 06:58:11 ----RSD---- C:\Windows\Media
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\zh-TW
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\zh-HK
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\zh-CN
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\tr-TR
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\sv-SE
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\ru-RU
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\pt-PT
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\pt-BR
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\pl-PL
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\nb-NO
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\migration
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\ko-KR
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\ja-JP
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\it-IT
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\hu-HU
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\fr-FR
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\fi-FI
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\es-ES
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\el-GR
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\de-DE
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\da-DK
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\color
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\BioAPIFFDB
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\Atheros_L1e
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\Adobe
2015-08-17 06:58:07 ----D---- C:\Windows\system32\zh-TW
2015-08-17 06:58:07 ----D---- C:\Windows\system32\zh-HK
2015-08-17 06:58:07 ----D---- C:\Windows\system32\zh-CN
2015-08-17 06:58:07 ----D---- C:\Windows\system32\tr-TR
2015-08-17 06:58:07 ----D---- C:\Windows\system32\sv-SE
2015-08-17 06:58:04 ----D---- C:\Windows\system32\ru-RU
2015-08-17 06:58:04 ----D---- C:\Windows\system32\pt-PT
2015-08-17 06:58:04 ----D---- C:\Windows\system32\pt-BR
2015-08-17 06:58:04 ----D---- C:\Windows\system32\pl-PL
2015-08-17 06:58:04 ----D---- C:\Windows\system32\NDF
2015-08-17 06:58:04 ----D---- C:\Windows\system32\nb-NO
2015-08-17 06:58:04 ----D---- C:\Windows\system32\migration
2015-08-17 06:58:04 ----D---- C:\Windows\system32\ko-KR
2015-08-17 06:58:04 ----D---- C:\Windows\system32\ja-JP
2015-08-17 06:58:04 ----D---- C:\Windows\system32\it-IT
2015-08-17 06:58:03 ----DC---- C:\Windows\system32\DRVSTORE
2015-08-17 06:58:03 ----D---- C:\Windows\system32\hu-HU
2015-08-17 06:58:03 ----D---- C:\Windows\system32\fr-FR
2015-08-17 06:58:03 ----D---- C:\Windows\system32\fi-FI
2015-08-17 06:58:03 ----D---- C:\Windows\system32\es-ES
2015-08-17 06:58:03 ----D---- C:\Windows\system32\el-GR
2015-08-17 06:58:03 ----D---- C:\Windows\system32\de-DE
2015-08-17 06:58:03 ----D---- C:\Windows\system32\da-DK
2015-08-17 06:58:03 ----D---- C:\Windows\system32\cs-CZ
2015-08-17 06:58:02 ----D---- C:\Windows\system32\appmgmt
2015-08-17 06:58:02 ----D---- C:\Windows\ShellNew
2015-08-17 06:58:01 ----D---- C:\Windows\PolicyDefinitions
2015-08-17 06:58:00 ----D---- C:\Windows\nl
2015-08-17 06:58:00 ----D---- C:\Windows\LiveKernelReports
2015-08-17 06:57:56 ----RSD---- C:\Windows\Fonts
2015-08-17 06:57:56 ----D---- C:\Windows\Downloaded Program Files
2015-08-17 06:57:56 ----D---- C:\Windows\DigitalLocker
2015-08-17 06:57:55 ----SD---- C:\ProgramData\Microsoft
2015-08-17 06:57:55 ----HD---- C:\ProgramData
2015-08-17 06:57:52 ----D---- C:\Program Files (x86)\MSBuild
2015-08-17 06:57:52 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-08-17 06:57:52 ----D---- C:\Program Files (x86)\Common Files
2015-08-17 06:57:51 ----RD---- C:\Program Files
2015-08-17 06:57:51 ----D---- C:\Program Files\Common Files\System
2015-08-17 06:57:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-08-17 06:57:50 ----D---- C:\Windows\system32\Recovery
2015-08-17 06:57:50 ----D---- C:\Program Files\Common Files
2015-08-17 06:57:48 ----SD---- C:\Users\Windows7\AppData\Roaming\Microsoft
2015-08-16 22:13:23 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-08-16 22:13:23 ----D---- C:\Windows\SYSWOW64\en-US
2015-08-16 22:13:22 ----D---- C:\Windows\system32\nl-NL
2015-08-16 22:13:22 ----D---- C:\Windows\system32\en-US
2015-08-16 22:13:22 ----D---- C:\Windows\system32\drivers\nl-NL
2015-08-16 22:13:22 ----D---- C:\Windows\system32\drivers\en-US
2015-08-16 22:13:21 ----D---- C:\Windows\system32\drivers
2015-08-16 22:13:04 ----D---- C:\Program Files\Internet Explorer
2015-08-16 22:12:58 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-16 22:04:25 ----D---- C:\ProgramData\Microsoft Help
2015-08-16 22:04:12 ----A---- C:\Windows\win.ini
2015-08-16 22:03:47 ----D---- C:\Windows\system32\catroot2
2015-08-16 21:41:49 ----D---- C:\Windows\Panther
2015-08-16 21:36:49 ----D---- C:\ProgramData\{f2250c9f-26f3-fc3d-f225-50c9f26f327c}
2015-08-15 21:31:11 ----D---- C:\Users\Windows7\AppData\Roaming\Spotify
2015-08-15 20:38:54 ----D---- C:\Program Files (x86)\1Password 4
2015-08-15 19:14:33 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-15 19:14:33 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-15 19:04:11 ----A---- C:\Windows\system32\MRT.exe
2015-08-15 18:46:05 ----D---- C:\Users\Windows7\AppData\Roaming\Identities
2015-08-09 14:34:49 ----D---- C:\Windows\registration
2015-08-09 13:27:10 ----RASH---- C:\BOOTSECT.BAK
2015-08-05 17:50:20 ----D---- C:\ProgramData\9362275760275399918
2015-07-29 19:46:43 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-29 19:38:37 ----D---- C:\Windows\Logs
2015-07-25 17:34:03 ----D---- C:\Program Files\CCleaner
2015-07-25 16:58:10 ----D---- C:\ProgramData\{f29e2a13-9ed9-d039-f29e-e2a139eda84e}
2015-07-25 16:48:03 ----SD---- C:\Windows\system32\GWX
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 RapportHades64;RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [2015-07-29 139896]
R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2015-07-29 394584]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 RapportCerberus_1507063;RapportCerberus_1507063; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507063.sys [2015-08-20 958232]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-07-29 500088]
R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-07-29 489240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-02-17 2153072]
S1 ctxusbm;Citrix USB Monitor Driver; C:\Windows\system32\DRIVERS\ctxusbm.sys []
S1 GLogin;GLogin; C:\Windows\system32\drivers\GLogin.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 netr28ux;Sweex Wireless USB Adapter Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2010-07-27 1241952]
S3 NMgamingmsFltr;USB Optical Mouse; C:\Windows\system32\drivers\NMgamingms.sys [2009-07-24 11264]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2011-08-11 694376]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-12 135824]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 PasswordBox;PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2014-05-14 67584]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-07-29 2255128]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 Service Mgr GravitySpace;Service Mgr GravitySpace; C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugincontainer.exe [2015-08-21 1189648]
R2 Service Mgr ItsResultsHub;Service Mgr ItsResultsHub; C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugincontainer.exe [2015-08-21 1192720]
R2 Update Mgr GravitySpace;Update Mgr GravitySpace; C:\Program Files (x86)\Common Files\f4ec396c-3454-45dd-b141-69ee6db2debb\updater.exe [2015-08-21 702224]
R2 Update Mgr ItsResultsHub;Update Mgr ItsResultsHub; C:\Program Files (x86)\Common Files\ff8de6dd-320f-4157-95aa-b9e38361078a\updater.exe [2015-08-21 708880]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-02-17 27760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 ba96e052;SystemPlus; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-02 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
 
-----------------EOF-----------------
Link naar reactie
Delen op andere sites
Jion Grootmeester

Jion

Geplaatst:
Geplaatst:

Download AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

Als de link naar AdwCleaner niet werkt, probeer dan deze link.

De download start automatisch na enkele seconden.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan (Engelse versie) of Scannen (Nederlandstalige versie)
  • Mocht u gevonden items willen behouden, verwijder deze dan nu uit het lijstje.
  • Klik vervolgens op Clean (Engelse versie) of Verwijderen (Nederlandstalige versie)
  • Klik bij popup-scherm "AdwCleaner Herstart" op OK


Nadat de PC opnieuw is opgestart, opent meestal onmiddellijk een logfile van AdwCleaner.
Anders is het logfile hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.


Meer informatie vind je in de handleiding.

Link naar reactie
Delen op andere sites
albada53 Bijdrager

albada53

Geplaatst:
  • Auteur
Geplaatst:

Bijgaand het logbestand:

 

# AdwCleaner v5.003 - Logbestand aangemaakt 22/08/2015 op 13:55:26
# Laatste update 20/08/2015 door Xplode
# Database : 2015-08-20.1 [server]
# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (x64)
# Gebruikersnaam : Windows7 - WINDOWS7-PC
# Gestart vanuit : C:\Users\Windows7\Downloads\adwcleaner_5.003.exe
# Optie : Verwijderen
 
***** [ Services ] *****
 
[-] Service Verwijderd : Service Mgr GravitySpace
[-] Service Verwijderd : Service Mgr ItsResultsHub
[-] Service Verwijderd : Update Mgr GravitySpace
[-] Service Verwijderd : Update Mgr ItsResultsHub
[-] Service Verwijderd : ba96e052
 
***** [ Mappen ] *****
 
[-] Map Verwijderd : C:\Program Files (x86)\DealExpreess
[-] Map Verwijderd : C:\Program Files (x86)\Gravity Space
[-] Map Verwijderd : C:\Program Files (x86)\Its Results Hub
[-] Map Verwijderd : C:\ProgramData\Conduit
[-] Map Verwijderd : C:\ProgramData\Tarma Installer
[-] Map Verwijderd : C:\ProgramData\Innovative Solutions
[-] Map Verwijderd : C:\ProgramData\9362275760275399918
[-] Map Verwijderd : C:\ProgramData\{29248ef6-e2ae-4fb9-2924-48ef6e2a3bdb}
[-] Map Verwijderd : C:\ProgramData\{e66a1256-a48f-ba52-e66a-a1256a48495a}
[-] Map Verwijderd : C:\ProgramData\{f2250c9f-26f3-fc3d-f225-50c9f26f327c}
[-] Map Verwijderd : C:\ProgramData\{f29e2a13-9ed9-d039-f29e-e2a139eda84e}
[-] Map Verwijderd : C:\Users\Windows7\AppData\Local\AVG Secure Search
[-] Map Verwijderd : C:\Users\Windows7\AppData\Local\Innovative Solutions
[-] Map Verwijderd : C:\Users\Windows7\AppData\LocalLow\Conduit
[-] Map Verwijderd : C:\Users\Windows7\AppData\LocalLow\PriceGong
[-] Map Verwijderd : C:\Users\Windows7\AppData\Roaming\OpenCandy
 
***** [ Bestanden ] *****
 
 
***** [ Snelkoppelingen ] *****
 
 
***** [ geplande taken ] *****
 
[-] Taak Verwidjerd : Express FilesUpdate
 
***** [ Register ] *****
 
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\Prod.cap
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\speedupmypc
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\ffe234b3-ae3a-7f66-5965-f0d45f30d325
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{14df11ed}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ba96e052}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[!] Sleutel Niet Verwidjerd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\CLSID\{99415057-7C50-439D-AA20-02D83C071B61}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\CLSID\{2a361efd-fb26-4d2c-82ef-2535d46b8c07}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\CLSID\{8788dd2d-bed5-4071-8439-c822cef57bc8}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\TypeLib\{5DEBC66A-136E-4F2C-84CC-8A984EBA1195}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\TypeLib\{829DD016-D322-481B-8BA3-10064B09EAC4}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\TypeLib\{A6918429-4197-42E6-A4AC-742073A9BCBB}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\TypeLib\{67B87BDE-141A-4CB3-AC00-49501C139D4A}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Classes\TypeLib\{F895EF08-C980-4DFC-A0C8-C40E25D66ADF}
[-] Sleutel Verwidjerd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
[-] Sleutel Verwidjerd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Sleutel Verwidjerd : HKCU\Software\AppDataLow\Software\Conduit
[-] Sleutel Verwidjerd : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Sleutel Verwidjerd : HKCU\Software\AppDataLow\Software\PriceGong
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Conduit
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\Uniblue
[!] Sleutel Niet Verwidjerd : HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Sleutel Verwidjerd : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Sleutel Verwidjerd : [x64] HKLM\SOFTWARE\Tarma Installer
 
***** [ Internetbrowsers ] *****
 
[-] [C:\Users\Windows7\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Verwijderd : start.facemoods.com
[-] [C:\Users\Windows7\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Verwijderd : r
[-] [C:\Users\Windows7\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Verwijderd : toolbar.ask.com
[-] [C:\Users\Windows7\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Verwijderd : search.conduit.com
[-] [C:\Users\Windows7\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Verwijderd : isearch.avg.com
[-] [C:\Users\Windows7\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Verwijderd : search.babylon.com
[-] [C:\Users\Windows7\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Verwijderd : utorrent.nl.softonic.com
 
*************************
 
:: Proxy instellingen gereset
:: Winsock instellingen gereset
:: Chrome policies verwijderd
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5883 bytes] ##########
Link naar reactie
Delen op andere sites
Jion Grootmeester

Jion

Geplaatst:
Geplaatst:

Download malwarebytes_anti_malware.pngMalwareBytes Anti-Malware bij voorkeur naar het bureaublad.

  • Dubbelklik op mbam-setup-2.0.exe om de installatie van Malwarebytes Anti-Malware te starten.
  • Volg de verdere aanwijzingen, de volledige installatieprocedure kunt u nalezen op de volgende link - Malwarebytes Anti-Malware installeren.
  • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
  • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
  • De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.
  • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
    • Klik vervolgens op de knop Acties toepassen, bij de melding dat uw computer opnieuw opgestart moet worden klikt u op Nee.
    • Klik vervolgens op de knop Bekijk gedetailleerd logboek en klik op de knop exporteer en kies de optie tekstbestand (*.txt).
    • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog en klik vervolgens op de knop Opslaan.
    • Dit bestand zal standaard op uw bureaublad worden opgeslagen.



MBAM-Scan.png

MalwareBytes' Anti-Malware logbestand plaatsen

  • Voeg het logbestand wat u zojuist heeft opgeslagen als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in Malwarebytes Anti-Malware bij Historie > Programmalogboeken)
  • Plaats de inhoud van dit logbestand in het volgende bericht.


Wil je meer uitleg - in beeld en geluid - over de werking van Malwarebytes, bekijk dan onze eigen PCH-video hier.

Link naar reactie
Delen op andere sites
albada53 Bijdrager

albada53

Geplaatst:
  • Auteur
Geplaatst:

Bijgaand het MBAM logbestand:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scandatum: 22-8-2015
Scantijd: 14:44
Logboekbestand: MBAM Scanlog.txt
Beheerder: Ja
 
Versie: 2.1.8.1057
Malware-database: v2015.08.22.02
Rootkit-database: v2015.08.16.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld
 
Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Windows7
 
Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 349411
Verstreken tijd: 18 min, 47 sec
 
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld
 
Processen: 0
(Geen kwaadaardige items gedetecteerd)
 
Modules: 0
(Geen kwaadaardige items gedetecteerd)
 
Registersleutels: 3
PUP.Optional.GravitySpace.A, HKLM\SOFTWARE\WOW6432NODE\GravitySpace, In quarantaine, [3f9b3ecd4b40211579611a05c340926e], 
PUP.Optional.ItsResultsHub.A, HKLM\SOFTWARE\WOW6432NODE\ItsResultsHub, In quarantaine, [37a363a8becd1521f5fd882a7094916f], 
PUP.Optional.Conduit.A, HKU\S-1-5-21-1869362604-1768435415-2293966079-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{951AA42A-7E13-44E8-9D49-B9609A3CB09D}, In quarantaine, [a13982897f0c0432e7e2bc69e71c1ce4], 
 
Registerwaarden: 3
PUP.Optional.Conduit.A, HKU\S-1-5-21-1869362604-1768435415-2293966079-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{951AA42A-7E13-44E8-9D49-B9609A3CB09D}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN38681808413092588&UM=2, In quarantaine, [a13982897f0c0432e7e2bc69e71c1ce4]
PUP.Optional.Conduit.A, HKU\S-1-5-21-1869362604-1768435415-2293966079-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{951AA42A-7E13-44E8-9D49-B9609A3CB09D}|SuggestionsURL_JSON, http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In quarantaine, [0fcb6ba0a5e674c2b8110a1b55aea55b]
PUP.Optional.Conduit.A, HKU\S-1-5-21-1869362604-1768435415-2293966079-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{951AA42A-7E13-44E8-9D49-B9609A3CB09D}|FaviconURL, http://search.conduit.com/favicon.ico, In quarantaine, [b624fe0d1d6ea78f0abf0e174cb7d828]
 
Registerdata: 0
(Geen kwaadaardige items gedetecteerd)
 
Mappen: 46
PUP.Optional.Updater.A, C:\Program Files (x86)\Common Files\f4ec396c-3454-45dd-b141-69ee6db2debb, In quarantaine, [b723e922ef9c89ad1628307351b3a759], 
PUP.Optional.Updater.A, C:\Program Files (x86)\Common Files\f4ec396c-3454-45dd-b141-69ee6db2debb\updater, In quarantaine, [b723e922ef9c89ad1628307351b3a759], 
PUP.Optional.Updater.A, C:\Program Files (x86)\Common Files\ff8de6dd-320f-4157-95aa-b9e38361078a, In quarantaine, [e5f5c249b0db87aff747772c5ea6768a], 
PUP.Optional.Updater.A, C:\Program Files (x86)\Common Files\ff8de6dd-320f-4157-95aa-b9e38361078a\updater, In quarantaine, [e5f5c249b0db87aff747772c5ea6768a], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugincontainer, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\10, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\10bak, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\12, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\12\resources, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\12bak, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\12bak\resources, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\2, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\2bak, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\3, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\3bak, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\4, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\4bak, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\5, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\5bak, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7\resources, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7bak, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7bak\resources, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\8, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\8bak, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugincontainer, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\10, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\10bak, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\2, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\2bak, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\3, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\3bak, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\5, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\5bak, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\6, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\6bak, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7\resources, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7bak, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7bak\resources, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\8, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\8bak, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
 
Bestanden: 65
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugincontainer.bak, In quarantaine, [eeec8e7deba032045a985f2b7a8b16ea], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugincontainer.exe, In quarantaine, [e7f3f4179eed95a11ad8c4c6d035d22e], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\10\Plugin.exe, In quarantaine, [fedc5caf1b7062d4bf33b5d52ed7a15f], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\10bak\Plugin.exe, In quarantaine, [b327fe0d6c1fa88efdf56e1c8e77f10f], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\12\Plugin.exe, In quarantaine, [31a9a665553674c24aa8eb9fc83de21e], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\12\resources\plugin.dll, In quarantaine, [24b621eae4a7a59124cefb8f848158a8], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\12bak\Plugin.exe, In quarantaine, [d505ac5f9cef3204b53d24662bdaa45c], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\12bak\resources\plugin.dll, In quarantaine, [dbffda31d2b90531866c7b0fd23304fc], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\2\Plugin.exe, In quarantaine, [13c76e9dc8c388ae2bc7f09a6d9833cd], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\2bak\Plugin.exe, In quarantaine, [36a4f417ef9cdd59876b0a80a85d2ed2], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\3\Plugin.exe, In quarantaine, [9545d338800b211509e9d7b33bcaf40c], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\3bak\Plugin.exe, In quarantaine, [e4f654b73556cc6af5fdec9ea26307f9], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\4\Plugin.exe, In quarantaine, [35a524e7f398fb3b5c96ee9cd1349e62], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\4bak\Plugin.exe, In quarantaine, [af2bef1c4e3dae8829c998f212f3ec14], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\5\Plugin.exe, In quarantaine, [77636f9c6a2164d28f636c1edf261de3], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\5bak\Plugin.exe, In quarantaine, [b4262fdcf3986accea082664bc49857b], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7\Plugin.exe, In quarantaine, [3d9de72436552c0a20d2d7b3ad58da26], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7\resources\38.0.5.dll, In quarantaine, [6f6bfd0e355642f45d95d3b7de27c838], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7\resources\39.0.0.dll, In quarantaine, [1bbf84872863b581b83a4545bb4a42be], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7\resources\40.0.0.dll, In quarantaine, [a6348487731872c482702763b3523ec2], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7bak\Plugin.exe, In quarantaine, [78629e6db4d741f59a58058514f17090], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7bak\resources\38.0.5.dll, In quarantaine, [2baf7f8c6328e45247ab325827de5ca4], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7bak\resources\39.0.0.dll, In quarantaine, [776355b63a51e94d07ebe6a4a4612cd4], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\7bak\resources\40.0.0.dll, In quarantaine, [26b4fc0f94f7300690624941db2ad927], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\8\Plugin.exe, In quarantaine, [4e8c68a3c2c99a9c5e94cebc6a9b18e8], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\8bak\Plugin.exe, In quarantaine, [6c6ef01b058671c5638ff694ca3bdd23], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugincontainer.bak, In quarantaine, [825854b7246788aeaf52f49920e53bc5], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugincontainer.exe, In quarantaine, [23b734d7d8b3f0461ee3721b6e9746ba], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\10\Plugin.exe, In quarantaine, [984230db8ffcf6405aa7eca131d4f010], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\10bak\Plugin.exe, In quarantaine, [2ab0c942cfbcc175778a0588f70e21df], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\2\Plugin.exe, In quarantaine, [14c60b00bfccfb3b5ea33e4f897c6d93], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\2bak\Plugin.exe, In quarantaine, [677312f9d1ba0f27fc05f895e71ecb35], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\3\Plugin.exe, In quarantaine, [ac2e76957c0fa19509f81d701ee7c838], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\3bak\Plugin.exe, In quarantaine, [fedc4ac1c0cbd85e09f86d2039cc14ec], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\5\Plugin.exe, In quarantaine, [10ca818a107b7eb85ea35f2eab5a41bf], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\5bak\Plugin.exe, In quarantaine, [edede328bbd01f17827f721bb64fd828], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\6\Plugin.exe, In quarantaine, [01d9dc2f8ffccb6b20e1e1ac1beabb45], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\6bak\Plugin.exe, In quarantaine, [499167a4bdce280ed8295c31788d57a9], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7\Plugin.exe, In quarantaine, [b4262ae11279f6407a87731a897c8779], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7\resources\38.0.5.dll, In quarantaine, [5b7fcc3fc3c8cd698c75dbb233d2f10f], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7\resources\39.0.0.dll, In quarantaine, [736724e733583df9d0318c0164a129d7], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7\resources\40.0.0.dll, In quarantaine, [0bcf000b82091f17679afc917293ff01], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7bak\Plugin.exe, In quarantaine, [03d7ab60fb9058decc35e8a59d680df3], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7bak\resources\38.0.5.dll, In quarantaine, [4a90b358b6d55ed820e199f47a8b4bb5], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7bak\resources\39.0.0.dll, In quarantaine, [756532d9424938fe3fc2cbc2a4617e82], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\7bak\resources\40.0.0.dll, In quarantaine, [1bbf010afe8d74c2758c721be2236b95], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\8\Plugin.exe, In quarantaine, [8357bc4fef9c1422fc056924937212ee], 
PUP.Optional.Yontoo.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\plugins\8bak\Plugin.exe, In quarantaine, [e3f75bb063281c1aa160f7969174837d], 
PUP.Optional.Multiplug.A, C:\Program Files (x86)\Android Resource Navigator\Android Resource Navigator.exe, In quarantaine, [9644b952cbc069cd19ea8befa65bc53b], 
PUP.Optional.GravitySpace.A, C:\Users\Windows7\AppData\Local\Temp\{386A8078-9B0C-4E21-AF9C-0763C4143330}.dll, In quarantaine, [be1c8784bfcc6dc9935f04862bda22de], 
PUP.Optional.GravitySpace.A, C:\Users\Windows7\AppData\Local\Temp\{A68B0999-E601-42FA-B937-E3257121D458}.dll, In quarantaine, [d802e92257342e08ad45f1997f8617e9], 
PUP.Optional.GravitySpace.A, C:\Users\Windows7\AppData\Local\Temp\{AD002073-2619-498A-9649-D83E0DCEB12A}.dll, In quarantaine, [0ccebe4dfc8f03334ca6deac09fc2bd5], 
PUP.Optional.GravitySpace.A, C:\Users\Windows7\AppData\Local\Temp\{BE7CBEB9-9C0A-48ED-89FB-3A974B872CD9}.dll, In quarantaine, [27b3fc0f5c2fe15548aa1674c34256aa], 
PUP.Optional.GravitySpace.A, C:\Users\Windows7\AppData\Local\Temp\{DCD9AC96-E60D-4F14-B793-B29FDD1D65D9}.dll, In quarantaine, [16c4da315e2d95a11cd69febc243d32d], 
PUP.Optional.GravitySpace.A, C:\Users\Windows7\AppData\Local\Temp\{FBE0EE50-EF8A-4BA6-81BA-F5F399FE0272}.dll, In quarantaine, [81591cef1e6dad893cb608829a6b34cc], 
PUP.Optional.Updater.A, C:\Program Files (x86)\Common Files\f4ec396c-3454-45dd-b141-69ee6db2debb\updater.exe, In quarantaine, [b723e922ef9c89ad1628307351b3a759], 
PUP.Optional.Updater.A, C:\Program Files (x86)\Common Files\f4ec396c-3454-45dd-b141-69ee6db2debb\updater.bak, In quarantaine, [b723e922ef9c89ad1628307351b3a759], 
PUP.Optional.Updater.A, C:\Program Files (x86)\Common Files\ff8de6dd-320f-4157-95aa-b9e38361078a\updater.exe, In quarantaine, [e5f5c249b0db87aff747772c5ea6768a], 
PUP.Optional.Updater.A, C:\Program Files (x86)\Common Files\ff8de6dd-320f-4157-95aa-b9e38361078a\updater.bak, In quarantaine, [e5f5c249b0db87aff747772c5ea6768a], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\temp, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\12.zip, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\2.zip, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\4.zip, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.GravitySpace.A, C:\ProgramData\f4ec396c-3454-45dd-b141-69ee6db2debb\plugins\8.zip, In quarantaine, [4a9034d7dfac71c5d4390c0c5ba810f0], 
PUP.Optional.SeeMoreResultsHub.A, C:\ProgramData\ff8de6dd-320f-4157-95aa-b9e38361078a\temp, In quarantaine, [bf1bef1cb0dbc86edd5d8594f90a659b], 
 
Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)
Link naar reactie
Delen op andere sites
albada53 Bijdrager

albada53

Geplaatst:
  • Auteur
Geplaatst:

Bijgaand het nieuwe RSIT logje

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Windows7 at 2015-08-23 01:59:15
Microsoft Windows 7 Ultimate  Service Pack 1
System drive C: has 56 GB (47%) free of 119 GB
Total RAM: 3837 MB (49% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:59:27, on 23-8-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal
 
Running processes:
C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\trend micro\Windows7.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [spybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [spUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [spUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files (x86)\PasswordBox\pbbtnService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 9246 bytes
 
======Listing Processes======
 
 
 
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
 
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\PasswordBox\pbbtnService.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"taskhost.exe"
taskeng.exe {EA746169-07AF-4119-8530-4CF6AF7B4612}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe" -services -injection-server
"C:\Windows\system32\GWX\GWX.exe" 
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Canon\CAL\CALMAIN.exe"
C:\Windows\system32\EscSvc64.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
WLIDSvcM.exe 2612
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe" 
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ec12fe78-0487-4bf3-97a9-d4bb6e5b9cfa -SystemEventPortName:HostProcess-fbac17a6-290c-4cbf-8df2-ccde78c3abee -IoCancelEventPortName:HostProcess-bf43dcf9-c5fe-4678-ac6c-2f1ef2c7e6ea -NonStateChangingEventPortName:HostProcess-7246f8ce-dc46-4a9b-86f0-3c625b2033c5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9be40953-ed8c-4c5e-8b3f-cc32138cb168 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516 
"C:\Users\Windows7\Downloads\RSITx64 (1).exe" 
 
======Scheduled tasks folder======
 
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe  
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0db7d54cc35d1.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0db7d5525056a.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Spotify Web Helper"=C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-15 2018360]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-15 2018360]
 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-02-22 3019376]
""= []
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
 
======List of files/folders created in the last 1 month======
 
2015-08-22 15:05:17 ----A---- C:\MBAM Scanlog.txt
2015-08-22 14:43:29 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-08-22 14:42:30 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-08-22 14:42:30 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-08-22 14:42:30 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-08-22 14:42:29 ----D---- C:\ProgramData\Malwarebytes
2015-08-22 14:42:29 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-22 12:52:27 ----D---- C:\AdwCleaner
2015-08-21 10:19:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-08-21 10:19:35 ----A---- C:\Windows\system32\mshtml.dll
2015-08-21 00:15:18 ----A---- C:\Windows\system32\appraiser.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\invagent.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\generaltel.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\devinv.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-21 00:15:17 ----A---- C:\Windows\system32\aepdu.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\aeinv.dll
2015-08-21 00:15:17 ----A---- C:\Windows\system32\acmigration.dll
2015-08-16 22:03:24 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 22:03:24 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 21:49:19 ----A---- C:\Windows\system32\mstscax.dll
2015-08-16 21:49:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-16 21:49:17 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-08-16 21:49:17 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-16 21:49:16 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-08-16 21:49:16 ----A---- C:\Windows\system32\wksprt.exe
2015-08-16 21:49:16 ----A---- C:\Windows\system32\tsgqec.dll
2015-08-16 21:48:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-16 21:48:55 ----A---- C:\Windows\system32\ntdll.dll
2015-08-16 21:48:55 ----A---- C:\Windows\system32\kernel32.dll
2015-08-16 21:48:54 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-08-16 21:48:54 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-16 21:48:54 ----A---- C:\Windows\system32\sysmain.dll
2015-08-16 21:48:53 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-08-16 21:48:53 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-16 21:48:52 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-08-16 21:48:52 ----A---- C:\Windows\system32\wow64.dll
2015-08-16 21:48:52 ----A---- C:\Windows\system32\rstrui.exe
2015-08-16 21:48:52 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-16 21:48:52 ----A---- C:\Windows\system32\KernelBase.dll
2015-08-16 21:48:51 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-08-16 21:48:51 ----A---- C:\Windows\system32\winsrv.dll
2015-08-16 21:48:51 ----A---- C:\Windows\system32\srcore.dll
2015-08-16 21:48:51 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-16 21:48:51 ----A---- C:\Windows\system32\kerberos.dll
2015-08-16 21:48:49 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-08-16 21:48:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-08-16 21:48:49 ----A---- C:\Windows\system32\wdigest.dll
2015-08-16 21:48:49 ----A---- C:\Windows\system32\schannel.dll
2015-08-16 21:48:49 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-16 21:48:49 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-16 21:48:49 ----A---- C:\Windows\system32\conhost.exe
2015-08-16 21:48:48 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-08-16 21:48:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-08-16 21:48:48 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-08-16 21:48:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-08-16 21:48:48 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-16 21:48:48 ----A---- C:\Windows\system32\sspicli.dll
2015-08-16 21:48:48 ----A---- C:\Windows\system32\smss.exe
2015-08-16 21:48:48 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-16 21:48:48 ----A---- C:\Windows\system32\lsass.exe
2015-08-16 21:48:48 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-16 21:48:48 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-16 21:48:47 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-08-16 21:48:47 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-08-16 21:48:47 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-08-16 21:48:47 ----A---- C:\Windows\system32\srclient.dll
2015-08-16 21:48:47 ----A---- C:\Windows\system32\ntvdm64.dll
2015-08-16 21:48:47 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-16 21:48:47 ----A---- C:\Windows\system32\auditpol.exe
2015-08-16 21:48:46 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-08-16 21:48:46 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-08-16 21:48:46 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-08-16 21:48:46 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-08-16 21:48:46 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-08-16 21:48:46 ----A---- C:\Windows\system32\wow64win.dll
2015-08-16 21:48:46 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-16 21:48:46 ----A---- C:\Windows\system32\secur32.dll
2015-08-16 21:48:46 ----A---- C:\Windows\system32\msmmsp.dll
2015-08-16 21:48:46 ----A---- C:\Windows\system32\credssp.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-16 21:48:45 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-16 21:48:45 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-08-16 21:48:45 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-08-16 21:48:45 ----A---- C:\Windows\system32\wow64cpu.dll
2015-08-16 21:48:45 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-16 21:48:45 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-16 21:48:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-16 21:48:44 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-16 21:48:43 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-16 21:48:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-16 21:48:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-16 21:48:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-16 21:48:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-16 21:48:42 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-08-16 21:48:42 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-08-16 21:48:42 ----A---- C:\Windows\system32\apisetschema.dll
2015-08-16 21:48:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-16 21:48:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-16 21:48:41 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-16 21:48:41 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-16 21:48:41 ----A---- C:\Windows\SYSWOW64\user.exe
2015-08-16 21:48:41 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-08-16 21:48:41 ----A---- C:\Windows\system32\adtschema.dll
2015-08-16 21:48:40 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-08-16 21:48:40 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-08-16 21:48:40 ----A---- C:\Windows\system32\msobjs.dll
2015-08-16 21:48:40 ----A---- C:\Windows\system32\msaudite.dll
2015-08-16 21:47:20 ----A---- C:\Windows\system32\basesrv.dll
2015-08-16 21:46:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-08-16 21:46:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-08-16 21:46:09 ----A---- C:\Windows\system32\iertutil.dll
2015-08-16 21:46:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-08-16 21:46:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-08-16 21:46:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-08-16 21:46:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-08-16 21:46:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-08-16 21:46:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-08-16 21:46:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-08-16 21:46:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-08-16 21:46:07 ----A---- C:\Windows\system32\iernonce.dll
2015-08-16 21:46:07 ----A---- C:\Windows\system32\ie4uinit.exe
2015-08-16 21:46:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-08-16 21:46:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-08-16 21:46:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-16 21:46:05 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-08-16 21:46:05 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-08-16 21:46:05 ----A---- C:\Windows\system32\iedkcs32.dll
2015-08-16 21:46:04 ----A---- C:\Windows\system32\urlmon.dll
2015-08-16 21:46:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-08-16 21:46:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-08-16 21:46:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-08-16 21:46:03 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-08-16 21:46:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-08-16 21:46:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-16 21:46:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-16 21:46:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-08-16 21:46:02 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-16 21:46:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-08-16 21:46:00 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-16 21:45:59 ----A---- C:\Windows\system32\iesetup.dll
2015-08-16 21:45:59 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-16 21:45:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-08-16 21:45:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-08-16 21:45:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-08-16 21:45:57 ----A---- C:\Windows\system32\vbscript.dll
2015-08-16 21:45:57 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-16 21:45:57 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-16 21:45:56 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-08-16 21:45:56 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-08-16 21:45:56 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-16 21:45:55 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-16 21:45:55 ----A---- C:\Windows\system32\ieui.dll
2015-08-16 21:45:55 ----A---- C:\Windows\system32\ieframe.dll
2015-08-16 21:45:54 ----A---- C:\Windows\system32\wininet.dll
2015-08-16 21:45:54 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-08-16 21:45:54 ----A---- C:\Windows\system32\jscript9diag.dll
2015-08-16 21:45:54 ----A---- C:\Windows\system32\jscript9.dll
2015-08-16 21:45:54 ----A---- C:\Windows\system32\jscript.dll
2015-08-16 21:45:53 ----A---- C:\Windows\system32\msrating.dll
2015-08-16 21:45:53 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-08-16 21:45:04 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-16 21:45:04 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-16 21:45:04 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-16 21:45:04 ----A---- C:\Windows\system32\davclnt.dll
2015-08-16 21:45:01 ----A---- C:\Windows\system32\msxml3.dll
2015-08-16 21:45:00 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-16 21:45:00 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-16 21:45:00 ----A---- C:\Windows\system32\msxml6.dll
2015-08-16 21:44:59 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-08-16 21:44:59 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-08-16 21:44:59 ----A---- C:\Windows\system32\msxml6r.dll
2015-08-16 21:44:59 ----A---- C:\Windows\system32\msxml3r.dll
2015-08-16 21:44:56 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-16 21:44:56 ----A---- C:\Windows\system32\win32k.sys
2015-08-16 21:44:56 ----A---- C:\Windows\system32\FntCache.dll
2015-08-16 21:44:56 ----A---- C:\Windows\system32\DWrite.dll
2015-08-16 21:44:56 ----A---- C:\Windows\system32\atmfd.dll
2015-08-16 21:44:55 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-08-16 21:44:53 ----A---- C:\Windows\system32\lpk.dll
2015-08-16 21:44:52 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-08-16 21:44:52 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-08-16 21:44:52 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-08-16 21:44:52 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-08-16 21:44:52 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-08-16 21:44:52 ----A---- C:\Windows\system32\fontsub.dll
2015-08-16 21:44:52 ----A---- C:\Windows\system32\dciman32.dll
2015-08-16 21:44:52 ----A---- C:\Windows\system32\d3d10warp.dll
2015-08-16 21:44:52 ----A---- C:\Windows\system32\atmlib.dll
2015-08-16 21:44:48 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-16 21:44:48 ----A---- C:\Windows\system32\notepad.exe
2015-08-16 21:44:48 ----A---- C:\Windows\notepad.exe
2015-08-16 21:44:45 ----A---- C:\Windows\system32\shell32.dll
2015-08-16 21:44:44 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-08-16 21:43:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-08-16 21:43:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-08-16 21:43:57 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-16 21:43:57 ----A---- C:\Windows\system32\wucltux.dll
2015-08-16 21:43:57 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-16 21:43:57 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-16 21:43:57 ----A---- C:\Windows\system32\wuapi.dll
2015-08-16 21:43:56 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-08-16 21:43:56 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-08-16 21:43:56 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-08-16 21:43:56 ----A---- C:\Windows\system32\wups2.dll
2015-08-16 21:43:56 ----A---- C:\Windows\system32\wups.dll
2015-08-16 21:43:56 ----A---- C:\Windows\system32\wudriver.dll
2015-08-16 21:43:56 ----A---- C:\Windows\system32\wuapp.exe
2015-08-16 21:43:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-08-16 21:43:56 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-16 21:24:19 ----HD---- C:\$Windows.~BT
2015-08-16 21:07:57 ----ASH---- C:\pagefile.sys
2015-08-16 21:07:54 ----ASH---- C:\hiberfil.sys
2015-08-16 20:54:21 ----D---- C:\$SysReset
2015-08-10 00:06:22 ----SHD---- C:\Recovery
2015-07-29 19:46:46 ----D---- C:\Program Files\Common Files\AV
 
======List of files/folders modified in the last 1 month======
 
2015-08-23 01:59:17 ----D---- C:\Program Files\trend micro
2015-08-23 01:58:59 ----D---- C:\Windows\Temp
2015-08-23 01:57:23 ----D---- C:\Windows\system32\config
2015-08-23 01:52:58 ----D---- C:\Windows\system32\drivers
2015-08-22 15:04:28 ----HD---- C:\ProgramData
2015-08-22 15:04:26 ----D---- C:\Program Files (x86)\Common Files
2015-08-22 15:04:26 ----D---- C:\Program Files (x86)\Android Resource Navigator
2015-08-22 14:42:29 ----RD---- C:\Program Files (x86)
2015-08-22 13:59:28 ----D---- C:\Windows\system32\Tasks
2015-08-22 12:48:34 ----D---- C:\Windows\system32\FxsTmp
2015-08-21 12:09:19 ----D---- C:\Windows\system32\drivers\etc
2015-08-21 10:23:07 ----D---- C:\Windows\winsxs
2015-08-21 10:20:56 ----SD---- C:\Windows\system32\CompatTel
2015-08-21 10:20:56 ----D---- C:\Windows\SysWOW64
2015-08-21 10:20:56 ----D---- C:\Windows\system32\appraiser
2015-08-21 10:20:56 ----D---- C:\Windows\System32
2015-08-21 10:20:56 ----D---- C:\Windows\AppPatch
2015-08-21 10:19:25 ----SHD---- C:\System Volume Information
2015-08-21 00:06:16 ----D---- C:\Windows
2015-08-20 21:25:01 ----SHD---- C:\Windows\Installer
2015-08-20 21:21:44 ----D---- C:\Program Files (x86)\Google
2015-08-20 21:20:53 ----D---- C:\Windows\Tasks
2015-08-20 21:04:32 ----D---- C:\Windows\inf
2015-08-20 21:04:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-20 20:57:17 ----D---- C:\Windows\pss
2015-08-20 19:44:27 ----D---- C:\Windows\rescache
2015-08-20 18:55:27 ----D---- C:\Windows\Microsoft.NET
2015-08-20 18:54:31 ----RSD---- C:\Windows\assembly
2015-08-17 07:07:29 ----D---- C:\Boot
2015-08-17 06:58:11 ----RSD---- C:\Windows\Media
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\zh-TW
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\zh-HK
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\zh-CN
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\tr-TR
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\sv-SE
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\ru-RU
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\pt-PT
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\pt-BR
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\pl-PL
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\nb-NO
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\migration
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\ko-KR
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\ja-JP
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\it-IT
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\hu-HU
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\fr-FR
2015-08-17 06:58:09 ----D---- C:\Windows\SYSWOW64\fi-FI
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\es-ES
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\el-GR
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\de-DE
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\da-DK
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\color
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\BioAPIFFDB
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\Atheros_L1e
2015-08-17 06:58:08 ----D---- C:\Windows\SYSWOW64\Adobe
2015-08-17 06:58:07 ----D---- C:\Windows\system32\zh-TW
2015-08-17 06:58:07 ----D---- C:\Windows\system32\zh-HK
2015-08-17 06:58:07 ----D---- C:\Windows\system32\zh-CN
2015-08-17 06:58:07 ----D---- C:\Windows\system32\tr-TR
2015-08-17 06:58:07 ----D---- C:\Windows\system32\sv-SE
2015-08-17 06:58:04 ----D---- C:\Windows\system32\ru-RU
2015-08-17 06:58:04 ----D---- C:\Windows\system32\pt-PT
2015-08-17 06:58:04 ----D---- C:\Windows\system32\pt-BR
2015-08-17 06:58:04 ----D---- C:\Windows\system32\pl-PL
2015-08-17 06:58:04 ----D---- C:\Windows\system32\NDF
2015-08-17 06:58:04 ----D---- C:\Windows\system32\nb-NO
2015-08-17 06:58:04 ----D---- C:\Windows\system32\migration
2015-08-17 06:58:04 ----D---- C:\Windows\system32\ko-KR
2015-08-17 06:58:04 ----D---- C:\Windows\system32\ja-JP
2015-08-17 06:58:04 ----D---- C:\Windows\system32\it-IT
2015-08-17 06:58:03 ----DC---- C:\Windows\system32\DRVSTORE
2015-08-17 06:58:03 ----D---- C:\Windows\system32\hu-HU
2015-08-17 06:58:03 ----D---- C:\Windows\system32\fr-FR
2015-08-17 06:58:03 ----D---- C:\Windows\system32\fi-FI
2015-08-17 06:58:03 ----D---- C:\Windows\system32\es-ES
2015-08-17 06:58:03 ----D---- C:\Windows\system32\el-GR
2015-08-17 06:58:03 ----D---- C:\Windows\system32\de-DE
2015-08-17 06:58:03 ----D---- C:\Windows\system32\da-DK
2015-08-17 06:58:03 ----D---- C:\Windows\system32\cs-CZ
2015-08-17 06:58:02 ----D---- C:\Windows\system32\appmgmt
2015-08-17 06:58:02 ----D---- C:\Windows\ShellNew
2015-08-17 06:58:01 ----D---- C:\Windows\PolicyDefinitions
2015-08-17 06:58:00 ----D---- C:\Windows\nl
2015-08-17 06:58:00 ----D---- C:\Windows\LiveKernelReports
2015-08-17 06:57:56 ----RSD---- C:\Windows\Fonts
2015-08-17 06:57:56 ----D---- C:\Windows\Downloaded Program Files
2015-08-17 06:57:56 ----D---- C:\Windows\DigitalLocker
2015-08-17 06:57:55 ----SD---- C:\ProgramData\Microsoft
2015-08-17 06:57:52 ----D---- C:\Program Files (x86)\MSBuild
2015-08-17 06:57:52 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-08-17 06:57:51 ----RD---- C:\Program Files
2015-08-17 06:57:51 ----D---- C:\Program Files\Common Files\System
2015-08-17 06:57:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-08-17 06:57:50 ----D---- C:\Windows\system32\Recovery
2015-08-17 06:57:50 ----D---- C:\Program Files\Common Files
2015-08-17 06:57:48 ----SD---- C:\Users\Windows7\AppData\Roaming\Microsoft
2015-08-16 22:13:23 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-08-16 22:13:23 ----D---- C:\Windows\SYSWOW64\en-US
2015-08-16 22:13:22 ----D---- C:\Windows\system32\nl-NL
2015-08-16 22:13:22 ----D---- C:\Windows\system32\en-US
2015-08-16 22:13:22 ----D---- C:\Windows\system32\drivers\nl-NL
2015-08-16 22:13:22 ----D---- C:\Windows\system32\drivers\en-US
2015-08-16 22:13:04 ----D---- C:\Program Files\Internet Explorer
2015-08-16 22:12:58 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-16 22:04:25 ----D---- C:\ProgramData\Microsoft Help
2015-08-16 22:04:12 ----A---- C:\Windows\win.ini
2015-08-16 22:03:47 ----D---- C:\Windows\system32\catroot2
2015-08-16 21:41:49 ----D---- C:\Windows\Panther
2015-08-15 21:31:11 ----D---- C:\Users\Windows7\AppData\Roaming\Spotify
2015-08-15 20:38:54 ----D---- C:\Program Files (x86)\1Password 4
2015-08-15 19:14:33 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-15 19:14:33 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-15 19:04:11 ----A---- C:\Windows\system32\MRT.exe
2015-08-15 18:46:05 ----D---- C:\Users\Windows7\AppData\Roaming\Identities
2015-08-09 14:34:49 ----D---- C:\Windows\registration
2015-08-09 13:27:10 ----RASH---- C:\BOOTSECT.BAK
2015-07-29 19:46:43 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-29 19:38:37 ----D---- C:\Windows\Logs
2015-07-25 17:34:03 ----D---- C:\Program Files\CCleaner
2015-07-25 16:48:03 ----SD---- C:\Windows\system32\GWX
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 RapportHades64;RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [2015-07-29 139896]
R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2015-07-29 394584]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 RapportCerberus_1507063;RapportCerberus_1507063; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507063.sys [2015-08-20 958232]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-07-29 500088]
R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-07-29 489240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-02-17 2153072]
S1 ctxusbm;Citrix USB Monitor Driver; C:\Windows\system32\DRIVERS\ctxusbm.sys []
S1 GLogin;GLogin; C:\Windows\system32\drivers\GLogin.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 netr28ux;Sweex Wireless USB Adapter Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2010-07-27 1241952]
S3 NMgamingmsFltr;USB Optical Mouse; C:\Windows\system32\drivers\NMgamingms.sys [2009-07-24 11264]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2011-08-11 694376]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-12 135824]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 PasswordBox;PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2014-05-14 67584]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-07-29 2255128]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-02-17 27760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-02 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
 
-----------------EOF-----------------
Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.