E-Peek v 1.0.5.5 © Emphyrio/Onsia Patrick 2013-2014 Downloaded @ [url=http://www.antimalwarehelp.be/EDev/Tools/E-Peek/EPeekDL.html]E Dev[/url] Run at ma 17 nov 2014 00:32 . Windows Vista Home Premium SP 2 (32 bits) C:\Windows [NTFS - Fixed] Default Browser: Internet Explorer Boot mode: Normal boot User logged in: mebec . Java x86: n/a . AV : Microsoft Security Essentials [Updated - Running] AS : Microsoft Security Essentials [Updated - Running] AS : Windows Defender [Updated - Not Running] FW : Windows firewall . ==================== Files and Folders history ================================= Folders Created Last 7 days : 16-11-2014 ##### r-h-s-d+a- C:\rsit 16-11-2014 ##### r-h-s-d+a- C:\Program Files\Malwarebytes Anti-Malware 16-11-2014 ##### r-h-s-d+a- C:\Program Files\E Dev 16-11-2014 ##### r-h-s-d+a- C:\AdwCleaner Files Modified Last 7 days : 17-11-2014 00003168 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 17-11-2014 00003168 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 12-11-2014 100445232 r-h-s-d-a+ C:\Windows\system32\mrt.exe 12-11-2014 01617984 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI 12-11-2014 00721148 r-h-s-d-a+ C:\Windows\system32\perfh013.dat 12-11-2014 00701104 r-h-s-d-a+ C:\Windows\system32\FlashPlayerApp.exe 12-11-2014 00634018 r-h-s-d-a+ C:\Windows\system32\perfh009.dat 12-11-2014 00230488 r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT 12-11-2014 00150098 r-h-s-d-a+ C:\Windows\system32\perfc013.dat 12-11-2014 00119584 r-h-s-d-a+ C:\Windows\system32\perfc009.dat 12-11-2014 00071344 r-h-s-d-a+ C:\Windows\system32\FlashPlayerCPLApp.cpl Files Created Last 7 days : 16-11-2014 00000103 r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 12-11-2014 02054656 r-h-s-d-a+ C:\Windows\system32\win32k.sys 12-11-2014 01259008 r-h-s-d-a+ C:\Windows\system32\lsasrv.dll 12-11-2014 01249280 r-h-s-d-a+ C:\Windows\system32\msxml3.dll 12-11-2014 00729600 r-h-s-d-a+ C:\Windows\system32\IMJP10K.DLL 12-11-2014 00619520 r-h-s-d-a+ C:\Windows\system32\adtschema.dll 12-11-2014 00564224 r-h-s-d-a+ C:\Windows\system32\oleaut32.dll 12-11-2014 00449536 r-h-s-d-a+ C:\Windows\system32\termsrv.dll 12-11-2014 00396800 r-h-s-d-a+ C:\Windows\system32\AudioEng.dll 12-11-2014 00316928 r-h-s-d-a+ C:\Windows\system32\audiosrv.dll 12-11-2014 00278528 r-h-s-d-a+ C:\Windows\system32\schannel.dll 12-11-2014 00274432 r-h-s-d-a+ C:\Windows\system32\AUDIOKSE.dll 12-11-2014 00170496 r-h-s-d-a+ C:\Windows\system32\EncDump.dll 12-11-2014 00146432 r-h-s-d-a+ C:\Windows\system32\msaudite.dll 12-11-2014 00067072 r-h-s-d-a+ C:\Windows\system32\packager.dll 12-11-2014 00002048 r-h-s-d-a+ C:\Windows\system32\msxml3r.dll 11-11-2014 12366848 r-h-s-d-a+ C:\Windows\system32\mshtml.dll 11-11-2014 09739776 r-h-s-d-a+ C:\Windows\system32\ieframe.dll 11-11-2014 02382848 r-h-s-d-a+ C:\Windows\system32\mshtml.tlb 11-11-2014 01810944 r-h-s-d-a+ C:\Windows\system32\jscript9.dll 11-11-2014 01802752 r-h-s-d-a+ C:\Windows\system32\iertutil.dll 11-11-2014 01427968 r-h-s-d-a+ C:\Windows\system32\inetcpl.cpl 11-11-2014 01139712 r-h-s-d-a+ C:\Windows\system32\urlmon.dll 11-11-2014 01129472 r-h-s-d-a+ C:\Windows\system32\wininet.dll 11-11-2014 00717824 r-h-s-d-a+ C:\Windows\system32\jscript.dll 11-11-2014 00607744 r-h-s-d-a+ C:\Windows\system32\msfeeds.dll 11-11-2014 00421376 r-h-s-d-a+ C:\Windows\system32\vbscript.dll 11-11-2014 00353792 r-h-s-d-a+ C:\Windows\system32\dxtmsft.dll 11-11-2014 00231936 r-h-s-d-a+ C:\Windows\system32\url.dll 11-11-2014 00223232 r-h-s-d-a+ C:\Windows\system32\dxtrans.dll 11-11-2014 00176640 r-h-s-d-a+ C:\Windows\system32\ieui.dll 11-11-2014 00142848 r-h-s-d-a+ C:\Windows\system32\ieUnatt.exe 11-11-2014 00073216 r-h-s-d-a+ C:\Windows\system32\mshtmled.dll 11-11-2014 00065536 r-h-s-d-a+ C:\Windows\system32\jsproxy.dll 11-11-2014 00041472 r-h-s-d-a+ C:\Windows\system32\msfeedsbs.dll 11-11-2014 00011776 r-h-s-d-a+ C:\Windows\system32\mshta.exe 11-11-2014 00010752 r-h-s-d-a+ C:\Windows\system32\msfeedssync.exe ==================== RUNNING PROCESSES ========================================= [AdobeARM] -mebec- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - (Adobe Systems Incorporated) [armsvc] -SYSTEEM- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated) [Ati2evxx] -SYSTEEM- C:\Windows\system32\Ati2evxx.exe - (ATI Technologies Inc.) [CCleaner] -mebec- C:\Program Files\CCleaner\CCleaner.exe - (Piriform Ltd) [CLI] -mebec- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe - (ATI Technologies Inc.) [CLI] -mebec- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe - (ATI Technologies Inc.) [CLI] -mebec- C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE - (ATI Technologies Inc.) [conime] -mebec- C:\Windows\system32\conime.exe - (Microsoft Corporation) [csrss] -SYSTEEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation) [csrss] -SYSTEEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation) [dwm] -mebec- C:\Windows\system32\Dwm.exe - (Microsoft Corporation) [eDSloader] -mebec- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe - (HiTRUST) [E-Peek 1.0.5] -mebec- C:\Program Files\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev) [eRecoveryService] -SYSTEEM- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe - (Acer Inc.) [explorer] -mebec- C:\Windows\Explorer.EXE - (Microsoft Corporation) [FlashUtil32_15_0_0_223_ActiveX] -mebec- C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe - (Adobe Systems Incorporated) [iexplore] -mebec- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation) [iexplore] -mebec- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation) [iexplore] -mebec- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation) [lsass] -SYSTEEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation) [lsm] -SYSTEEM- C:\Windows\system32\lsm.exe - (Microsoft Corporation) [LSSrvc] -SYSTEEM- C:\Program Files\Common Files\LightScribe\LSSrvc.exe - (Hewlett-Packard Company) [mbamscheduler] -SYSTEEM- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe - (Malwarebytes Corporation) [MemCheck] -SYSTEEM- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe - () [mobsync] -mebec- C:\Windows\System32\mobsync.exe - (Microsoft Corporation) [msiexec] -SYSTEEM- C:\Windows\system32\msiexec.exe - (Microsoft Corporation) [MsMpEng] -SYSTEEM- C:\Program Files\Microsoft Security Client\MsMpEng.exe - (Microsoft Corporation) [msseces] -mebec- C:\Program Files\Microsoft Security Client\msseces.exe - (Microsoft Corporation) [nvSCPAPISvr] -SYSTEEM- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - (NVIDIA Corporation) [nvtray] -mebec- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - (NVIDIA Corporation) [nvvsvc] -SYSTEEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation) [nvvsvc] -SYSTEEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation) [nvxdsync] -SYSTEEM- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - (NVIDIA Corporation) [RichVideo] -SYSTEEM- C:\Program Files\CyberLink\Shared Files\RichVideo.exe - () [RtHDVCpl] -mebec- C:\Windows\RtHDVCpl.exe - (Realtek Semiconductor) [SearchFilterHost] -SYSTEEM- C:\Windows\system32\SearchFilterHost.exe - (Microsoft Corporation) [SearchIndexer] -SYSTEEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation) [SearchProtocolHost] -SYSTEEM- C:\Windows\system32\SearchProtocolHost.exe - (Microsoft Corporation) [services] -SYSTEEM- C:\Windows\system32\services.exe - (Microsoft Corporation) [SLsvc] -NETWORK SERVICE- C:\Windows\system32\SLsvc.exe - (Microsoft Corporation) [smss] -SYSTEEM- C:\Windows\system32\smss.exe - (Microsoft Corporation) [spoolsv] -SYSTEEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation) [SysMonitor] -mebec- C:\Windows\System32\SysMonitor.exe - () [taskeng] -mebec- C:\Windows\system32\taskeng.exe - (Microsoft Corporation) [taskeng] -mebec- C:\Windows\system32\taskeng.exe - (Microsoft Corporation) [taskeng] -SYSTEEM- C:\Windows\system32\taskeng.exe - (Microsoft Corporation) [wininit] -SYSTEEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation) [winlogon] -SYSTEEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation) [WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation) [wmpnscfg] -mebec- C:\Program Files\Windows Media Player\wmpnscfg.exe - (Microsoft Corporation) [WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation) ==================== IE PAGES ================================================== IE01 - HKCU\Software\Microsoft\Internet Explorer\Toolbar @ LinksFolderName = Links IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://mebec.weblinker.nl/ IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Lasaoren] @ URL = hxxp://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_secureddownload_14_38_ie&cd=2XzuyEtN2Y1L1QzutDtDtCzy0D0BtAyD0Czzzzzy0AzyyCtDtN0D0Tzu0SzyzyyDtN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtA0C0CyDtDtDyBtG0FzytDtBtGtByDyEtBtG0FyEyD0DtGyDtD0C0CtD0F0DyD0FyD0A0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtBzz0F0BtB0FzztGyDtD0B0AtGyE0Fzz0AtG0A0CyE0CtG0BtDyDtAzz0E0AzyyByE0A0F2Q&cr=105146714&ir= IE04 - HKCU\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE04 - HKCU\..\SearchScopes {A25AC313-DD19-4238-ACA2-401D6BEE4321} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\system32\ieframe.dll IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.msn.com/?pc=MSSE IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Lasaoren] @ URL = hxxp://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_secureddownload_14_38_ie&cd=2XzuyEtN2Y1L1QzutDtDtCzy0D0BtAyD0Czzzzzy0AzyyCtDtN0D0Tzu0SzyzyyDtN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtA0C0CyDtDtDyBtG0FzytDtBtGtByDyEtBtG0FyEyD0DtGyDtD0C0CtD0F0DyD0FyD0A0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtBzz0F0BtB0FzztGyDtD0B0AtGyE0Fzz0AtG0A0CyE0CtG0BtDyDtAzz0E0AzyyByE0A0F2Q&cr=105146714&ir= IE10 - HKLM\..\SearchScopes {A25AC313-DD19-4238-ACA2-401D6BEE4321} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE12 - HKLM\..\Toolbar{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} @ Default = C:\Windows\system32\eDStoolbar.dll ==================== Auto Load ================================================= AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe, AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = Explorer.exe ==================== Windows Host File ========================================= 127.0.0.1 localhost ::1 localhost ==================== Auto Start Programs ======================================= ASP01 - HKLM\..\Run @ Acer Empowering Technology Monitor = C:\Windows\system32\SysMonitor.exe ASP01 - HKLM\..\Run @ Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" ASP01 - HKLM\..\Run @ ATICCC = "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" ASP01 - HKLM\..\Run @ eDataSecurity Loader = C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe ASP01 - HKLM\..\Run @ MSC = "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey ASP01 - HKLM\..\Run @ RtHDVCpl = RtHDVCpl.exe ASP01 - HKLM\..\Run @ WarReg_PopUp = C:\Acer\WR_PopUp\WarReg_PopUp.exe ASP04 - HKCU\..\Run @ CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR ASP04 - HKCU\..\Run @ ISUSPM Startup = "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup ASP - Startup - C:\Users\mebec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ==================== Extra Items IE ============================================ EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP 1.1 settings EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia ==================== Internet Default Prefix =================================== IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// ==================== Default Settings IE - DSIE ================================ DSIE - ieuinit.inf: START_PAGE= "http://go.microsoft.com/fwlink/?LinkId DSIE - ieuinit.inf: SEARCH_PAGE_URL= "http://go.microsoft.com/fwlink/?LinkId ==================== ShellServiceObjectDelayLoad - SSODL ======================= SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = C:\Windows\System32\webcheck.dll ==================== SharedTaskSheduler - STS ================================== STS - {8C7461EF-2B13-11d2-BE35-3078302C2030} @ Component Categories cache daemon = C:\Windows\system32\browseui.dll ==================== Extra items - EXT (Torpig/ConduitSearch) ================== EXT00 - HKLM\SOFTWARE\AppDataLow\Software\Yahoo EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Yahoo EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= shell32.dll EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook @ {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B}= C:\Program Files\FileZilla FTP Client\fzshellext.dll EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files\common files\adobe\arm\1.0\armsvc.exe SERV - R2 - [eRecoveryService] - eRecovery Service - c:\acer\empowering technology\erecovery\erecoveryservice.exe SERV - R2 - [LightScribeService] - LightScribeService Direct Disc Labeling Service - c:\program files\common files\lightscribe\lssrvc.exe SERV - R2 - [MBAMScheduler] - MBAMScheduler - c:\program files\malwarebytes anti-malware\mbamscheduler.exe SERV - R2 - [MsMpSvc] - Microsoft Antimalware Service - c:\program files\microsoft security client\msmpeng.exe SERV - R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe SERV - R2 - [slsvc] - Software Licensing - c:\windows\system32\slsvc.exe SERV - R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files\nvidia corporation\3d vision\nvscpapisvr.exe SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - R3 - [WMPNetworkSvc] - Windows Media Player Network Sharing-service - c:\program files\windows media player\wmpnetwk.exe SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe SERV - S2 - [MBAMService] - MBAMService - c:\program files\malwarebytes anti-malware\mbamservice.exe SERV - S2 - [nvUpdatusService] - NVIDIA Update Service Daemon - c:\program files\nvidia corporation\nvidia update core\daemonu.exe SERV - S2 - [SkypeUpdate] - Skype Updater - c:\program files\skype\updater\updater.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway-service - c:\windows\system32\alg.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [DFSR] - DFS Replication - c:\windows\system32\dfsr.exe SERV - S3 - [ehRecvr] - Windows Media Center Receiver-service - c:\windows\ehome\ehrecvr.exe SERV - S3 - [ehSched] - Windows Media Center Scheduler-service - c:\windows\ehome\ehsched.exe SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [NisSrv] - Microsoft Netwerkinspectie - c:\program files\microsoft security client\nissrv.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe SERV - S3 - [WPFFontCache_v0400] - Windows Presentation Foundation-lettertypecache 4.0.0.0 - c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe SERV - S4 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework\v4.0.30319\aspnet_state.exe SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe *** Win32ShareProcess *** SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - S3 - [idsvc] - Windows CardSpace - c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S3 - [ProtectedStorage] - Protected Storage - c:\windows\system32\lsass.exe SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter - c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter - c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter - c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [AcerMemUsageCheckService] - ePerformance Service - c:\acer\empowering technology\eperformance\memcheck.exe SERV - R2 - [Ati External Event Utility] - Ati External Event Utility - c:\windows\system32\ati2evxx.exe SERV - R2 - [RichVideo] - Cyberlink RichVideo Service(CRVS) - c:\program files\cyberlink\shared files\richvideo.exe SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [MpFilter] - Microsoft Malware Protection Driver - C:\Windows\system32\Drivers\MpFilter.sys DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys DRV - R0 - [PSDFilter] - PSDFilter - C:\Windows\system32\Drivers\PSDFilter.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys DRV - R3 - [srv] - srv - C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - srv2 - C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys DRV - R0 - [AtiPcie] - ATI PCI Express (3GIO) Filter - C:\Windows\system32\Drivers\AtiPcie.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x] DRV - R0 - [crcdisk] - Crcdisk Filter Driver - C:\Windows\system32\Drivers\crcdisk.sys DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\disk.sys DRV - R0 - [Ecache] - ReadyBoost Caching Driver - C:\Windows\system32\Drivers\Ecache.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [MountMgr] - Mount Point Manager - C:\Windows\system32\Drivers\MountMgr.sys DRV - R0 - [msisadrv] - ISA/EISA Class-stuurprogramma - C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys DRV - R0 - [PSDNServ] - PSDNSERVER - C:\Windows\system32\Drivers\PSDNServ.sys DRV - R0 - [psdvdisk] - psdvdisk - C:\Windows\system32\Drivers\psdvdisk.sys DRV - R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [UBHelper] - UBHelper - C:\Windows\system32\Drivers\UBHelper.sys DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R1 - [AFD] - Ancilliary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [netbt] - netbt - C:\Windows\system32\Drivers\netbt.sys DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys DRV - S3 - [Tcpip6] - Microsoft IPv6-protocolstuurporgramma - C:\Windows\system32\Drivers\Tcpip6.sys [x] ==================== SvcHost - White Listed ==================================== All Ok ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== Job tasks ================================================= There are no .job files found. ==================== End scanning at ma 17 nov 2014 00:33 (1 Min 19 Sec ) ======