E-Peek v 1.0.5.5 © Emphyrio/Onsia Patrick 2013-2014 Downloaded @ [url=http://www.antimalwarehelp.be/EDev/Tools/E-Peek/EPeekDL.html]E Dev[/url] Run at wo 12 nov 2014 16:01 . Windows 7 Home Premium SP 1 (64 bits) C:\Windows [NTFS - Fixed] Default Browser: Firefox 31.0 (x86 nl) Boot mode: Normal boot User logged in: brian . Java x86: 1.8 Java x64: n/a . AV : Basis [Updated - Running] AS : Basis [Updated - Running] AS : Windows Defender [Updated - Not Running] FW : Windows firewall . ==================== Files and Folders history ================================= Folders Created Last 7 days : 11-11-2014 ##### r-h-s-d+a- C:\Users\brian\AppData\Roaming\Soluto 11-11-2014 ##### r-h-s-d+a- C:\ProgramData\Soluto 11-11-2014 ##### r-h-s-d+a- C:\ProgramData\BootRacer 11-11-2014 ##### r-h-s-d+a- C:\Program Files\WinRAR 11-11-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Evernote 10-11-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Java 10-11-2014 ##### r-h+s+d+a- C:\$RECYCLE.BIN 09-11-2014 ##### r-h-s-d+a- C:\Users\brian\AppData\Roaming\SUPERAntiSpyware.com 09-11-2014 ##### r-h-s-d+a- C:\Users\brian\AppData\Local\Secunia PSI 09-11-2014 ##### r-h-s-d+a- C:\rsit 09-11-2014 ##### r-h-s-d+a- C:\ProgramData\SUPERAntiSpyware.com 09-11-2014 ##### r-h-s-d+a- C:\ProgramData\F-Secure 09-11-2014 ##### r-h-s-d+a- C:\Program Files\trend micro 09-11-2014 ##### r-h-s-d+a- C:\Program Files (x86)\stinger 09-11-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Secunia 09-11-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Norton Identity Safe 09-11-2014 ##### r-h-s-d+a- C:\Program Files (x86)\nodejs 09-11-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Internetbeveiliging 09-11-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev 08-11-2014 ##### r-h-s-d+a- C:\Users\brian\AppData\Local\NPE 08-11-2014 ##### r-h-s-d+a- C:\ProgramData\McAfee 08-11-2014 ##### r-h-s-d+a- C:\AdwCleaner 05-11-2014 ##### r-h-s-d+a- C:\Users\brian\AppData\Local\PopcornTimeDesktop 05-11-2014 ##### r-h-s-d+a- C:\ProgramData\give2u 05-11-2014 ##### r-h-s-d+a- C:\Program Files (x86)\VideoCnv 05-11-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Popcorn Time Files Modified Last 7 days : 12-11-2014 01674310 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI 12-11-2014 00746786 r-h-s-d-a+ C:\Windows\system32\perfh013.dat 12-11-2014 00701104 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerApp.exe 12-11-2014 00655292 r-h-s-d-a+ C:\Windows\system32\perfh009.dat 12-11-2014 00154236 r-h-s-d-a+ C:\Windows\system32\perfc013.dat 12-11-2014 00122662 r-h-s-d-a+ C:\Windows\system32\perfc009.dat 12-11-2014 00071344 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 12-11-2014 00023376 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 12-11-2014 00023376 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 11-11-2014 00028468 r-h-s-d-a+ C:\Windows\system32\lvcoinst.log 10-11-2014 00098216 r-h-s-d-a+ C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 06-11-2014 02800296 r-h-s-d-a+ C:\Windows\system32\nvspcap64.dll 06-11-2014 02197680 r-h-s-d-a+ C:\Windows\SysWOW64\nvspcap.dll 06-11-2014 01715224 r-h-s-d-a+ C:\Windows\system32\nvspbridge64.dll 06-11-2014 01291280 r-h-s-d-a+ C:\Windows\SysWOW64\nvspbridge.dll Files Created Last 7 days : 11-11-2014 31891784 r-h-s-d-a+ C:\Windows\system32\nvoglv64.dll 11-11-2014 24555208 r-h-s-d-a+ C:\Windows\SysWOW64\nvoglv32.dll 11-11-2014 20923712 r-h-s-d-a+ C:\Windows\system32\nvcompiler.dll 11-11-2014 19966344 r-h-s-d-a+ C:\Windows\system32\nvd3dumx.dll 11-11-2014 17259848 r-h-s-d-a+ C:\Windows\SysWOW64\nvcompiler.dll 11-11-2014 14031448 r-h-s-d-a+ C:\Windows\system32\nvopencl.dll 11-11-2014 13943904 r-h-s-d-a+ C:\Windows\system32\nvcuda.dll 11-11-2014 11397208 r-h-s-d-a+ C:\Windows\SysWOW64\nvopencl.dll 11-11-2014 11335408 r-h-s-d-a+ C:\Windows\SysWOW64\nvcuda.dll 11-11-2014 04289168 r-h-s-d-a+ C:\Windows\system32\nvcuvid.dll 11-11-2014 04009672 r-h-s-d-a+ C:\Windows\SysWOW64\nvcuvid.dll 11-11-2014 02849736 r-h-s-d-a+ C:\Windows\SysWOW64\nvapi.dll 11-11-2014 02401112 r-h-s-d-a+ C:\Windows\system32\D3DX9_43.dll 11-11-2014 01998168 r-h-s-d-a+ C:\Windows\SysWOW64\D3DX9_43.dll 11-11-2014 01876296 r-h-s-d-a+ C:\Windows\system32\nvdispco6434465.dll 11-11-2014 01539272 r-h-s-d-a+ C:\Windows\system32\nvdispgenco6434465.dll 11-11-2014 00962704 r-h-s-d-a+ C:\Windows\system32\NvIFR64.dll 11-11-2014 00934216 r-h-s-d-a+ C:\Windows\system32\NvFBC64.dll 11-11-2014 00922256 r-h-s-d-a+ C:\Windows\SysWOW64\NvIFR.dll 11-11-2014 00898192 r-h-s-d-a+ C:\Windows\SysWOW64\NvFBC.dll 11-11-2014 00870624 r-h-s-d-a+ C:\Windows\SysWOW64\nvumdshim.dll 11-11-2014 00701104 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerApp.exe 11-11-2014 00615568 r-h-s-d-a+ C:\Windows\SysWOW64\nvStreaming.exe 11-11-2014 00511328 r-h-s-d-a+ C:\Windows\system32\d3dx10_43.dll 11-11-2014 00501064 r-h-s-d-a+ C:\Windows\system32\nvEncodeAPI64.dll 11-11-2014 00470880 r-h-s-d-a+ C:\Windows\SysWOW64\d3dx10_43.dll 11-11-2014 00417096 r-h-s-d-a+ C:\Windows\SysWOW64\nvEncodeAPI.dll 11-11-2014 00391824 r-h-s-d-a+ C:\Windows\system32\NvIFROpenGL.dll 11-11-2014 00352016 r-h-s-d-a+ C:\Windows\system32\nvoglshim64.dll 11-11-2014 00349504 r-h-s-d-a+ C:\Windows\SysWOW64\NvIFROpenGL.dll 11-11-2014 00303600 r-h-s-d-a+ C:\Windows\SysWOW64\nvoglshim32.dll 11-11-2014 00276832 r-h-s-d-a+ C:\Windows\system32\d3dx11_43.dll 11-11-2014 00248672 r-h-s-d-a+ C:\Windows\SysWOW64\d3dx11_43.dll 11-11-2014 00174856 r-h-s-d-a+ C:\Windows\system32\nvinitx.dll 11-11-2014 00156840 r-h-s-d-a+ C:\Windows\SysWOW64\nvinit.dll 11-11-2014 00071344 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 11-11-2014 00032584 r-h-s-d-a+ C:\Windows\SysWOW64\nvaudcap32v.dll 10-11-2014 00098216 r-h-s-d-a+ C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 09-11-2014 00000299 r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 09-11-2014 00000004 r-h-s-d-a+ C:\Users\brian\AppData\Roaming\appdataFr2.bin ==================== RUNNING PROCESSES ========================================= [aaHMSvc] -SYSTEM- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe - (ASUSTeK Computer Inc.) [AiChargerAP] -brian- C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe - (ASUSTek Computer Inc.) [AllShareAgent] -brian- P:\Allshare\AllShare\AllShareAgent.exe - (Samsung Electronics Co., Ltd.) [AllShareDMS] -SYSTEM- P:\Allshare\AllShare\AllShareDMS\AllShareDMS.exe - (Samsung Electronics Co., Ltd.) [armsvc] -SYSTEM- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated) [CCleaner64] -brian- P:\CCleaner\CCleaner64.exe - (Piriform Ltd) [conhost] -NETWORK SERVICE- C:\Windows\system32\conhost.exe - (Microsoft Corporation) [conhost] -SYSTEM- C:\Windows\system32\conhost.exe - (Microsoft Corporation) [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation) [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation) [dwm] -brian- C:\Windows\system32\Dwm.exe - (Microsoft Corporation) [E-Peek 1.0.5] -brian- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev) [explorer] -brian- C:\Windows\Explorer.EXE - (Microsoft Corporation) [firefox] -brian- P:\Firefox\firefox.exe - (Mozilla Corporation) [FlashPlayerPlugin_15_0_0_223] -brian- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe - (Adobe Systems, Inc.) [FlashPlayerPlugin_15_0_0_223] -brian- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe - (Adobe Systems, Inc.) [fsgadget] -brian- C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Gadget\fsgadget.exe - () [fsgk32] -SYSTEM- C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE - (F-Secure Corporation) [FSHDLL64] -SYSTEM- C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSHDLL64.EXE - (F-Secure Corporation) [fshoster32] -brian- C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe - (F-Secure Corporation) [fshoster32] -SYSTEM- C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe - (F-Secure Corporation) [FSM32] -brian- C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE - (F-Secure Corporation) [FSMA32] -SYSTEM- C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE - (F-Secure Corporation) [fsorsp] -NETWORK SERVICE- C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe - (F-Secure Corporation) [fssm32] -SYSTEM- C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe - (F-Secure Corporation) [GfExperienceService] -SYSTEM- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe - (NVIDIA Corporation) [GoogleUpdate] -SYSTEM- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - (Google Inc.) [HeciServer] -SYSTEM- C:\Program Files\Intel\iCLS Client\HeciServer.exe - (Intel(R) Corporation) [HPNetworkCommunicatorCom] -brian- C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe - (Hewlett-Packard Co.) [IAStorDataMgrSvc] -SYSTEM- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe - (Intel Corporation) [IAStorIcon] -brian- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe - (Intel Corporation) [iusb3mon] -brian- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe - (Intel Corporation) [Jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe - (Intel Corporation) [KiesTrayAgent] -brian- P:\Kies\Kies\KiesTrayAgent.exe - (Samsung Electronics Co., Ltd.) [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation) [lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation) [lsm] -SYSTEM- C:\Windows\system32\lsm.exe - (Microsoft Corporation) [LWS] -brian- P:\Logitech\LWS\Webcam Software\LWS.exe - (Logitech Inc.) [NvBackend] -brian- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe - (NVIDIA Corporation) [NvNetworkService] -SYSTEM- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe - (NVIDIA Corporation) [nvSCPAPISvr] -SYSTEM- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - (NVIDIA Corporation) [nvstreamsvc] -NETWORK SERVICE- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe - (NVIDIA Corporation) [nvstreamsvc] -SYSTEM- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe - (NVIDIA Corporation) [nvstreamsvc] -SYSTEM- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe - (NVIDIA Corporation) [nvtray] -brian- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - (NVIDIA Corporation) [nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation) [nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation) [nvxdsync] -SYSTEM- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - (NVIDIA Corporation) [plugin-container] -brian- P:\Firefox\plugin-container.exe - (Mozilla Corporation) [PrivacyIconClient] -brian- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe - (Intel Corporation) [psi_tray] -brian- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe - (Secunia) [psia] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\PSIA.exe - (Secunia) [ReflectService] -SYSTEM- P:\Macrium Reflect\ReflectService.exe - (Paramount Software UK Ltd) [RtkNGUI64] -brian- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe - (Realtek Semiconductor) [rundll32] -brian- C:\Windows\system32\RunDll32.exe - (Microsoft Corporation) [ScanToPCActivationApp] -brian- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe - (Hewlett-Packard Co.) [SearchFilterHost] -SYSTEM- C:\Windows\system32\SearchFilterHost.exe - (Microsoft Corporation) [SearchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation) [SearchProtocolHost] -SYSTEM- C:\Windows\system32\SearchProtocolHost.exe - (Microsoft Corporation) [services] -SYSTEM- C:\Windows\system32\services.exe - (Microsoft Corporation) [sidebar] -brian- C:\Program Files\Windows Sidebar\sidebar.exe - (Microsoft Corporation) [smss] -SYSTEM- C:\Windows\system32\smss.exe - (Microsoft Corporation) [spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation) [taskeng] -SYSTEM- C:\Windows\system32\taskeng.exe - (Microsoft Corporation) [taskhost] -brian- C:\Windows\system32\taskhost.exe - (Microsoft Corporation) [taskmgr] -brian- C:\Windows\system32\taskmgr.exe - (Microsoft Corporation) [TeamViewer] -brian- P:\Teamviewer\TeamViewer.exe - (TeamViewer GmbH) [TeamViewer_Service] -SYSTEM- P:\Teamviewer\TeamViewer_Service.exe - (TeamViewer GmbH) [tv_w32] -SYSTEM- P:\Teamviewer\tv_w32.exe - (TeamViewer GmbH) [tv_x64] -SYSTEM- P:\Teamviewer\tv_x64.exe - (TeamViewer GmbH) [U3BoostSvr64] -brian- C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe - (ASUSTeK Computer Inc.) [Updater] -SYSTEM- C:\Program Files (x86)\Popcorn Time\Updater.exe - (Company) [WinBar] -brian- P:\Winbar\WinBar.exe - (The WinBar Team) [wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation) [winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation) [WLIDSVC] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - (Microsoft Corp.) [WLIDSVCM] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - (Microsoft Corp.) [WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [WmiPrvSE] -SYSTEM- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation) [WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation) ==================== IE PAGES ================================================== IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.google.nl/ IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE04 - HKCU\..\SearchScopes {2DB6C3E7-7108-480E-94A7-7858CD3738A1} @ DisplayName: [Google] @ URL = hxxp://www.google.nl/search?hl=nl&q={searchTerms} IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.google.nl/ IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE04 x64 - HKCU\..\SearchScopes {2DB6C3E7-7108-480E-94A7-7858CD3738A1} @ DisplayName: [Google] @ URL = hxxp://www.google.nl/search?hl=nl&q={searchTerms} IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE10 x64 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE12 - HKLM\..\Toolbar{A13C2648-91D4-4bf3-BC6D-0079707C4389} @ Default = C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\coIEPlg.dll ==================== Auto Load ================================================= AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe, AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = c:\windows\system32\userinit.exe AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = Explorer.exe ==================== Firefox =================================================== FF - ProfilePath - C:\Users\brian\AppData\Roaming\Mozilla\firefox\Profiles\mieuypfa.default-1415534195062 FF - Ext: [Adblock Plus 2.6.5 ] - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} visible: True active: True FF - Ext: [Google Translator for Firefox 2.1.0.3m ] - extension - translator@zoli.bod visible: True active: True FF - Ext: [NoScript 2.6.9.3 ] - extension - {73a6fe31-595d-460b-a920-fcc0f8843232} visible: True active: True FF - Ext: [Default 33.1 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} visible: True active: True FF - PlugIn: [Adobe® Flash® Player 15.0.0.223 Plugin] - C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll FF - prefs.js: user_pref("browser.startup.homepage", "www.google.nl"); FF - prefs.js: user_pref("keyword.URL", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="); ==================== Google Chrome ============================================= GC - Prefpath: C:\Users\brian\AppData\Local\Google\Chrome\User Data\Default\Preferences GC - Profile Name: B GC - Homepage: GC - Default Search Provider: = Known Disabled Extensions = ==================== Windows Host File ========================================= 127.0.0.1 localhost ==================== BHO ======================================================= BHO - [Java(tm) Plug-In SSV Helper] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} @ Default = C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll BHO - [Aanmeldhulp voor Microsoft-account] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO - [Evernote extension] - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} @ Default = C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll BHO - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = P:\OFFICE~1\Office14\URLREDIR.DLL BHO - [Java(tm) Plug-In 2 SSV Helper] - {DBC80044-A445-435b-BC74-9C25C1C588A9} @ Default = C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll BHO - [Adblock Plus for IE Browser Helper Object] - {FFCB3198-32F3-4E8B-9539-4324694ED664} @ Default = C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll BHO x64 - [Windows Live ID Sign-in Helper] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO x64 - [Norton Identity Protection] - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} @ Default = C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\coIEPlg.dll BHO x64 - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL BHO x64 - [Adblock Plus for IE Browser Helper Object] - {FFCB3198-32F3-4E8B-9539-4324694ED664} @ Default = C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll ==================== Auto Start Programs ======================================= ASP01 - HKLM\..\Run @ Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" ASP01 - HKLM\..\Run @ AllShareAgent = P:\Allshare\AllShare\AllShareAgent.exe ASP01 - HKLM\..\Run @ ASUS Ai Charger = C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe ASP01 - HKLM\..\Run @ F-Secure Hoster (45123) = "C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe" -app -hosterid:1 ASP01 - HKLM\..\Run @ F-Secure Manager = "C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE" /splash ASP01 - HKLM\..\Run @ IMSS = "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" ASP01 - HKLM\..\Run @ KiesTrayAgent = P:\Kies\Kies\KiesTrayAgent.exe ASP01 - HKLM\..\Run @ LWS = P:\Logitech\LWS\Webcam Software\LWS.exe -hide ASP01 - HKLM\..\Run @ USB3MON = "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ASP04 - HKCU\..\Run @ CCleaner Monitoring = "P:\CCleaner\CCleaner64.exe" /MONITOR ASP04 - HKCU\..\Run @ HP Photosmart 5520 series (NET) = "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3AH513C60602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1 ASP04 - HKCU\..\Run @ Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun ASP04 - HKCU\..\Run @ WinBar (x86) = P:\Winbar\WinBar.exe ASP01 x64 - HKLM\..\Run @ Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" ASP01 x64 - HKLM\..\Run @ AllShareAgent = P:\Allshare\AllShare\AllShareAgent.exe ASP01 x64 - HKLM\..\Run @ ASUS Ai Charger = C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe ASP01 x64 - HKLM\..\Run @ F-Secure Hoster (45123) = "C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe" -app -hosterid:1 ASP01 x64 - HKLM\..\Run @ F-Secure Manager = "C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE" /splash ASP01 x64 - HKLM\..\Run @ IMSS = "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" ASP01 x64 - HKLM\..\Run @ KiesTrayAgent = P:\Kies\Kies\KiesTrayAgent.exe ASP01 x64 - HKLM\..\Run @ LWS = P:\Logitech\LWS\Webcam Software\LWS.exe -hide ASP01 x64 - HKLM\..\Run @ USB3MON = "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ASP04 x64 - HKCU\..\Run @ CCleaner Monitoring = "P:\CCleaner\CCleaner64.exe" /MONITOR ASP04 x64 - HKCU\..\Run @ HP Photosmart 5520 series (NET) = "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3AH513C60602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1 ASP04 x64 - HKCU\..\Run @ Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun ASP04 x64 - HKCU\..\Run @ WinBar (x86) = P:\Winbar\WinBar.exe ASP - Startup - C:\Users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - Startup - C:\Users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ==================== Extra Items IE ============================================ EI02 - Tools - HKLM\..\Extensions\{A95fe080-8f5d-11d2-a20b-00aa003c157a} @ Script = C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia EI04 - App Ext - HKCU\..\Approved Extensions @ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll EI04 - App Ext - HKCU\..\Approved Extensions @ {B4F3A835-0E21-4959-BA22-42B3008E02FF} = P:\OFFICE~1\Office14\URLREDIR.DLL EI04 - App Ext - HKCU\..\Approved Extensions @ {DBC80044-A445-435B-BC74-9C25C1C588A9} = C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll EI04 - App Ext - HKCU\..\Approved Extensions @ {FFCB3198-32F3-4E8B-9539-4324694ED664} = C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll EI02 x64 - Tools - HKLM\..\Extensions\{A95fe080-8f5d-11d2-a20b-00aa003c157a} @ Script = C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {B4F3A835-0E21-4959-BA22-42B3008E02FF} = C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {DBC80044-A445-435B-BC74-9C25C1C588A9} = EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {FFCB3198-32F3-4E8B-9539-4324694ED664} = C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll ==================== Internet Default Prefix =================================== IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// ==================== Default Settings IE - DSIE ================================ DSIE - ieuinit.inf: START_PAGE= "http://go.microsoft.com/fwlink/p/?LinkId DSIE - ieuinit.inf: SEARCH_PAGE_URL= "http://go.microsoft.com/fwlink/?LinkId ==================== Protocol Hijackers - PH =================================== PH01 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown PH01 x64 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown ==================== ShellServiceObjectDelayLoad - SSODL ======================= SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = ==================== SharedTaskSheduler - STS ================================== STS x64 - {1984DD45-52CF-49cd-AB77-18F378FEA264} @ FencesShellExt = P:\Fences\Stardock\Fences\FencesMenu64.dll ==================== Extra items - EXT (Torpig/ConduitSearch) ================== EXT00 - HKLM\SOFTWARE\AppDataLow\Software\Adobe EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Adobe EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Adobe EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe SERV - R2 - [asHmComSvc] - ASUS HM Com Service - c:\program files (x86)\asus\aahm\1.00.22\aahmsvc.exe SERV - R2 - [fshoster] - F-Secure Dll Hoster - c:\program files (x86)\internetbeveiliging\fshoster32.exe SERV - R2 - [FSORSPClient] - F-Secure ORSP Client - c:\program files (x86)\internetbeveiliging\apps\ccf_reputation\fsorsp.exe SERV - R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe SERV - R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe SERV - R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe SERV - R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe SERV - R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe SERV - R2 - [ReflectService.exe] - Macrium Reflect Image Mounting Service - p:\macrium reflect\reflectservice.exe SERV - R2 - [SamsungAllShareV2.0] - Samsung AllShare PC - p:\allshare\allshare\allsharedms\allsharedms.exe SERV - R2 - [Secunia PSI Agent] - Secunia PSI Agent - c:\program files (x86)\secunia\psi\psia.exe SERV - R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe SERV - R2 - [TeamViewer9] - TeamViewer 9 - p:\teamviewer\teamviewer_service.exe SERV - R2 - [Update service] - Update service - c:\program files (x86)\popcorn time\updater.exe SERV - R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R3 - [FSMA] - F-Secure Management Agent - c:\program files (x86)\internetbeveiliging\apps\computersecurity\common\fsma32.exe SERV - R3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - S2 - [AsusFanControlService] - AsusFanControlService - c:\program files (x86)\asus\asusfancontrolservice\1.02.24\asusfancontrolservice.exe SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe SERV - S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe SERV - S2 - [fa6789c5] - VideoCnv - (x86)\videocnv\zet.dll [x] SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe SERV - S2 - [Secunia Update Agent] - Secunia Update Agent - c:\program files (x86)\secunia\psi\sua.exe SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe SERV - S3 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe SERV - S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe SERV - S3 - [ICCS] - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - c:\program files (x86)\intel\intel(r) integrated clock controller service\iccproxy.exe SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - S3 - [SimpleSlideShowServer] - SimpleSlideShowServer - p:\allshare\allshare\allshareslideshowservice.exe SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe SERV - S4 - [asComSvc] - ASUS Com Service - c:\program files (x86)\asus\axsp\1.01.02\atkexcomsvc.exe SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe SERV - S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe SERV - S4 - [SkypeUpdate] - Skype Updater - p:\skype\updater\updater.exe *** Win32ShareProcess *** SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe SERV - S3 - [idsvc] - Windows CardSpace - c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe SERV - S3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S3 - [ProtectedStorage] - Protected Storage - c:\windows\system32\lsass.exe SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe SERV - S4 - [ASGT] - ASGT - c:\windows\syswow64\asgt.exe *** File System Driver *** DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys DRV - R3 - [srv] - Stuurprogramma Server SMB 1.xxx - C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - Stuurprogramma Server SMB 2.xxx - C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x] DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys DRV - R0 - [Disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\Disk.sys DRV - R0 - [fsbts] - fsbts - C:\Windows\system32\Drivers\fsbts.sys DRV - R0 - [fvevol] - Filterstuurprogramma Bitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys DRV - R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys DRV - R0 - [iaStorA] - iaStorA - C:\Windows\system32\Drivers\iaStorA.sys DRV - R0 - [iaStorF] - iaStorF - C:\Windows\system32\Drivers\iaStorF.sys DRV - R0 - [iusb3hcs] - Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma - C:\Windows\system32\Drivers\iusb3hcs.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys DRV - R0 - [mountmgr] - Koppelpuntbeheer - C:\Windows\system32\Drivers\mountmgr.sys DRV - R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS-systeemstuurprogramma - C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [partmgr] - Partitiebeheer - C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys DRV - R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator-stuurprogramma - C:\Windows\system32\Drivers\vdrvroot.sys DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamisch Volumebeheer - C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys ==================== SvcHost - White Listed ==================================== All Ok WOW - All Ok ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== SigCheck x64 Fast ========================================= Fast Scan All ok ==================== Job tasks ================================================= There are no .job files found. ==================== End scanning at wo 12 nov 2014 16:01 (0 Min 7 Sec ) =======