E-Peek v 1.9.9.0 ENHANCED 3 © Emphyrio/Onsia Patrick 2013-2015 [url=http://www.antimalwarehelp.be/EDev/Tools/E-Peek/EPeekDL.html]E Dev[/url] Run at za 30 mei 2015 18:39 . Windows 8.1 (64 bits) C:\WINDOWS [NTFS - Fixed] Default Browser: Firefox 38.0.1 (x86 nl) Boot mode: Normal boot User logged in: robin_000 . Java x86: 1.8 Java x64: n/a . AV : Windows Defender [Updated - Not Running] AV : AVG AntiVirus Free Edition 2015 [Updated - Not Running] AS : Windows Defender [Updated - Not Running] AS : AVG AntiVirus Free Edition 2015 [Updated - Not Running] FW : Windows firewall . ==================== Files and Folders history ================================= Folders Created Last 7 days : 30-05-2015 ##### r-h-s-d+a- C:\Users\robin_000\AppData\Roaming\E Dev 30-05-2015 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev 28-05-2015 ##### r-h-s-d+a- C:\Users\robin_000\AppData\Local\Avg 28-05-2015 ##### r-h-s-d+a- C:\FRST 27-05-2015 ##### r-h-s-d+a- C:\zoek_backup 27-05-2015 ##### r-h-s-d+a- C:\rsit 27-05-2015 ##### r-h-s-d+a- C:\ProgramData\Oracle 27-05-2015 ##### r-h-s-d+a- C:\Program Files\trend micro 27-05-2015 ##### r-h-s-d+a- C:\Program Files (x86)\Mozilla Firefox 27-05-2015 ##### r-h-s-d+a- C:\Program Files (x86)\Java Files Modified Last 7 days : 30-05-2015 01823174 r-h-s-d-a+ C:\WINDOWS\system32\PerfStringBackup.INI 30-05-2015 00806704 r-h-s-d-a+ C:\WINDOWS\system32\perfh013.dat 30-05-2015 00722476 r-h-s-d-a+ C:\WINDOWS\system32\perfh009.dat 30-05-2015 00162170 r-h-s-d-a+ C:\WINDOWS\system32\perfc013.dat 30-05-2015 00135592 r-h-s-d-a+ C:\WINDOWS\system32\perfc009.dat 28-05-2015 00074703 r-h-s-d-a+ C:\WINDOWS\SysWOW64\mfc45.dll 28-05-2015 00000018 r-h-s-d-a+ C:\WINDOWS\SysWOW64\log.txt 27-05-2015 00097888 r-h-s-d-a+ C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll Files Created Last 7 days : 28-05-2015 00074703 r-h-s-d-a+ C:\WINDOWS\SysWOW64\mfc45.dll 27-05-2015 00097888 r-h-s-d-a+ C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll ==================== RUNNING PROCESSES ========================================= [AppleMobileDeviceService] -SYSTEM- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - (Apple Inc.) [armsvc] -SYSTEM- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated) [avgcefrend] -robin_000- C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe - (AVG Secure Search) [avgui] -robin_000- C:\Program Files (x86)\AVG\AVG2015\avgui.exe - (AVG Technologies CZ, s.r.o.) [avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.) [BCMWLTRY] -SYSTEM- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe - (Broadcom Corporation) [BTStackServer] -robin_000- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe - (Broadcom Corporation.) [BTTray] -robin_000- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) [btwdins] -SYSTEM- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe - (Broadcom Corporation.) [CCleaner64] -robin_000- C:\Program Files\CCleaner\CCleaner64.exe - (Piriform Ltd) [conhost] -SYSTEM- C:\WINDOWS\system32\conhost.exe - (Microsoft Corporation) [conhost] -SYSTEM- C:\WINDOWS\system32\conhost.exe - (Microsoft Corporation) [ConnectionPro] -robin_000- C:\Program Files\Sony\VAIO Care\ConnectionPro.exe - (Sony Corporation) [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe) [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe) [ctfmon] -robin_000- C:\WINDOWS\SysWOW64\ctfmon.exe - (Microsoft Corporation) [dasHost] -LOCAL SERVICE- C:\WINDOWS\system32\dashost.exe - (Microsoft Corporation) [dllhost] -LOCAL SERVICE- C:\WINDOWS\system32\DllHost.exe - (Microsoft Corporation) [dllhost] -LOCAL SERVICE- C:\WINDOWS\SysWOW64\DllHost.exe - (Microsoft Corporation) [Dropbox] -robin_000- C:\Users\robin_000\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.) [DsmUserTask] -robin_000- C:\WINDOWS\system32\DsmUserTask.Exe - (Microsoft Corporation) [dwm] -DWM-1- C:\WINDOWS\system32\dwm.exe - (Microsoft Corporation) [E-Peek 1.9.9.0] -robin_000- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.9.9.0.exe - (E Dev) [esrv_svc] -SYSTEM- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe - (Intel Corporation) [explorer] -robin_000- C:\WINDOWS\Explorer.EXE - (Microsoft Corporation) [firefox] -robin_000- C:\Program Files (x86)\Mozilla Firefox\firefox.exe - (Mozilla Corporation) [GamesAppIntegrationService] -SYSTEM- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe - (WildTangent) [HeciServer] -SYSTEM- C:\Program Files\Intel\iCLS Client\HeciServer.exe - (Intel(R) Corporation) [igfxCUIService] -SYSTEM- C:\WINDOWS\system32\igfxCUIService.exe - (Intel Corporation) [igfxEM] -robin_000- C:\WINDOWS\system32\igfxEM.exe - (Intel Corporation) [igfxHK] -robin_000- C:\WINDOWS\system32\igfxHK.exe - (Intel Corporation) [igfxTray] -robin_000- C:\WINDOWS\system32\igfxTray.exe - (Intel Corporation) [IntelMeFWService] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe - (Intel Corporation) [IOLOTO~1] -robin_000- C:\PROGRA~1\Sony\VAIOCA~1\Iolo\IOLOTO~1.EXE - (iolo technologies, LLC) [iPodService] -SYSTEM- C:\Program Files\iPod\bin\iPodService.exe - (Apple Inc.) [iTunesHelper] -robin_000- C:\Program Files\iTunes\iTunesHelper.exe - (Apple Inc.) [Jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe - (Intel Corporation) [jusched] -robin_000- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - (Oracle Corporation) [listener] -robin_000- C:\Program Files\Sony\VAIO Care\listener.exe - () [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation) [Locator] -NETWORK SERVICE- C:\WINDOWS\system32\locator.exe - (Microsoft Corporation) [loggingserver] -SYSTEM- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\loggingserver.exe - () [lsass] -SYSTEM- C:\WINDOWS\system32\lsass.exe - (Microsoft Corporation) [mDNSResponder] -SYSTEM- C:\Program Files\Bonjour\mDNSResponder.exe - (Apple Inc.) [msfeedssync] -robin_000- C:\WINDOWS\system32\msfeedssync.exe - (Microsoft Corporation) [msiexec] -SYSTEM- C:\WINDOWS\system32\msiexec.exe - (Microsoft Corporation) [NetworkClient] -robin_000- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE - (Sony Corporation) [PMBDeviceInfoProvider] -SYSTEM- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe - (Sony Corporation) [PMBVolumeWatcher] -robin_000- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe - (Sony Corporation) [PresentationFontCache] -LOCAL SERVICE- C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe - (Microsoft Corporation) [RAVBg64] -robin_000- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - (Realtek Semiconductor) [RIconMan] -SYSTEM- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe - (Realsil Microelectronics Inc.) [rundll32] -robin_000- C:\WINDOWS\SysWOW64\RunDll32.exe - (Microsoft Corporation) [SearchFilterHost] -SYSTEM- C:\WINDOWS\system32\SearchFilterHost.exe - (Microsoft Corporation) [SearchIndexer] -SYSTEM- C:\WINDOWS\system32\SearchIndexer.exe - (Microsoft Corporation) [SearchProtocolHost] -SYSTEM- C:\WINDOWS\system32\SearchProtocolHost.exe - (Microsoft Corporation) [services] -SYSTEM- C:\Windows\System32\services.exe - (services.exe) [SettingSyncHost] -robin_000- C:\Windows\System32\SettingSyncHost.exe - (Microsoft Corporation) [smss] -SYSTEM- C:\Windows\System32\smss.exe - (smss.exe) [spoolsv] -SYSTEM- C:\WINDOWS\System32\spoolsv.exe - (Microsoft Corporation) [SUSSoundProxy] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe - (Sony Corporation) [SynTPEnh] -robin_000- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - (Synaptics Incorporated) [SynTPHelper] -robin_000- C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE - (Synaptics Incorporated) [System] -N/A- - (System) [taskeng] -SYSTEM- C:\WINDOWS\system32\taskeng.exe - (Microsoft Corporation) [taskhost] -robin_000- C:\WINDOWS\system32\taskhost.exe - (Microsoft Corporation) [taskhost] -SYSTEM- C:\WINDOWS\system32\taskhost.exe - (Microsoft Corporation) [taskhostex] -robin_000- C:\WINDOWS\system32\taskhostex.exe - (Microsoft Corporation) [ToolbarUpdater] -SYSTEM- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe - (AVG Secure Search) [UNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe - (Intel Corporation) [unsecapp] -robin_000- C:\WINDOWS\system32\wbem\unsecapp.exe - (Microsoft Corporation) [VAIOUpdt] -robin_000- C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe - (Sony Corporation) [VCAdmin] -robin_000- C:\Program Files\Sony\VAIO Care\VCAdmin.exe - (Sony Corporation) [VCAgent] -SYSTEM- C:\Program Files\Sony\VAIO Care\VCAgent.exe - (Sony Corporation) [VCPerfService] -SYSTEM- C:\Program Files\Sony\VAIO Care\VCPerfService.exe - (Intel Corporation) [VCService] -SYSTEM- C:\Program Files\Sony\VAIO Care\VCService.exe - (Sony Corporation) [VCSystemTray] -robin_000- C:\Program Files\Sony\VAIO Care\VCSystemTray.exe - (Sony Corporation) [VESMgr] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe - (Sony Corporation) [VESMgrSub] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe - (Sony Corporation) [VESMgrSub] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe - (Sony Corporation) [vim] -robin_000- C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe - (Sony Corporation) [vim] -SYSTEM- C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe - (Sony Corporation) [vprot] -robin_000- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe - () [VUAgent] -SYSTEM- C:\Program Files\Sony\VAIO Update\vuagent.exe - (Sony Corporation) [WerFault] -robin_000- C:\WINDOWS\system32\WerFault.exe - (Microsoft Corporation) [wininit] -SYSTEM- C:\WINDOWS\system32\wininit.exe - (Microsoft Corporation) [winlogon] -SYSTEM- C:\WINDOWS\system32\winlogon.exe - (Microsoft Corporation) [wlanext] -SYSTEM- C:\WINDOWS\system32\WLANExt.exe - (Microsoft Corporation) [WLTRAY] -robin_000- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE - (Broadcom Corporation) [WLTRYSVC] -SYSTEM- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE - (Broadcom Corporation) [WmiPrvSE] -NETWORK SERVICE- C:\WINDOWS\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [WmiPrvSE] -SYSTEM- C:\WINDOWS\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [WtuSystemSupport] -SYSTEM- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe - () [WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation) ==================== IE PAGES ================================================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Local Page = C:\Windows\SysWOW64\blank.htm Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} DisplayName = @ieframe.dll,-12512 URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==================== IE PAGES x64 ============================================== HKLM\Software\Microsoft\Internet Explorer\Main Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Local Page = C:\Windows\System32\blank.htm Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\SearchScopes DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} DisplayName = @ieframe.dll,-12512 URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==================== Auto Load ================================================= HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = userinit.exe Shell = explorer.exe ==================== Auto Load x64 ============================================= HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = C:\Windows\system32\userinit.exe, Shell = explorer.exe ==================== Browsers present ========================================== FIREFOX.EXE IEXPLORE.EXE ==================== Firefox =================================================== FF - ProfilePath - C:\Users\robin_000\AppData\Roaming\Mozilla\firefox\Profiles\dfyyiebj.default FF - Ext: [AVG Web TuneUp 4.1.0.411 ] - extension - avg@toolbar [ visible: True # active: False] FF - Ext: [Default 38.0.1 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} [ visible: True # active: True] FF - Search: [Bing] - C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml [ hidden: False] FF - Search: [bol.com] - C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bolcom-nl.xml [ hidden: False] FF - Search: [DuckDuckGo] - C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml [ hidden: False] FF - Search: [Google] - C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml [ hidden: False] FF - Search: [Marktplaats.nl] - C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\marktplaats-nl.xml [ hidden: False] FF - Search: [Wikipedia (nl)] - C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-nl.xml [ hidden: False] FF - PlugIn: [Adobe® Flash® Player 17.0.0.169 Plugin] - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll FF - PlugIn: [Java™ Deployment Toolkit] - C:\WINDOWS\system32\npDeployJava1.dll FF - PlugIn: [Ag Player] - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll FF - PlugIn: [Microsoft SharePoint Plug-in for Firefox] - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL FF - prefs.js: user_pref("browser.startup.homepage", "hxxps://www.google.nl/?gws_rd=ssl"); ==================== Windows Host File ========================================= ==================== BHO ======================================================= HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects {18DF081C-E8AD-4283-A596-FA578C2EBDC3} HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} Default = Adobe PDF Link Helper => HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InProcServer32 Default = c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Default = Java(tm) Plug-In SSV Helper => HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32 Default = C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll {95B7759C-8C7F-4BF1-B163-73684A933233} HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Default = AVG Web TuneUp => HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\InProcServer32 Default = C:\Program Files (x86)\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Default = Microsoft SkyDrive Pro Browser Helper => HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\InProcServer32 Default = C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Default = Java(tm) Plug-In 2 SSV Helper => HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32 Default = C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll ==================== BHO x64 =================================================== HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Default = Lync Browser Helper => HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\InProcServer32 Default = C:\Program Files\Microsoft Office\Office15\OCHelper.dll {95B7759C-8C7F-4BF1-B163-73684A933233} HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Default = AVG Web TuneUp => HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\InProcServer32 Default = C:\Program Files\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll ==================== Auto Start Programs ======================================= HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run Adobe ARM = "c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY Intel AppUp(R) center = "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 PMBVolumeWatcher = C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" vProt = "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR ==================== Auto Start Programs x64 =================================== HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx Bluetooth = C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe Broadcom Wireless Manager UI = C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe IgfxTray = C:\Windows\system32\igfxtray.exe iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" Logitech Download Assistant = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch RtHDVBg = "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved [2 = enabled 3= disabled] Bluetooth = 2 Broadcom Wireless Manager UI = 2 HotKeysCmds = 3 IgfxTray = 2 iTunesHelper = 2 Logitech Download Assistant = 2 Persistence = 3 RtHDVBg = 2 SynTPEnh = 6 Adobe ARM = 3 AVG_UI = 2 Intel AppUp(R) center = 2 iTunesHelper = 3 mcpltui_exe = 2 mcui_exe = 3 PMBVolumeWatcher = 2 vProt = 2 McAfee Parental Controls.lnk = 2 HKCU\Software\Microsoft\Windows\CurrentVersion\Run CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR Startup - C:\Users\robin_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==================== Extra Items IE ============================================ HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia ==================== Extra Items IE x64 ======================================== HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia ==================== Internet Default Prefix =================================== HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix Default = http:// HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes WWW = http:// ==================== Internet Default Prefix x64 =============================== HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix Default = http:// HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes WWW = http:// ==================== Protocol Hijackers ======================================== HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\osf CLSID = {D924BDC6-C83A-4BD5-90D0-095128A113D1} => SOFTWARE\Classes\\CLSID\{D924BDC6-C83A-4BD5-90D0-095128A113D1}\InProcServer32 @ Default = Unknown # C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL # MD5 [e735e207423b5abfcebf86fe5cc0a30b] HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\text/xml CLSID = {807583E5-5146-11D5-A672-00B0D022E945} => SOFTWARE\Classes\\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL <= Unknown ==================== Protocol Hijackers x64 ==================================== HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\osf CLSID = {D924BDC6-C83A-4BD5-90D0-095128A113D1} => SOFTWARE\Classes\\CLSID\{D924BDC6-C83A-4BD5-90D0-095128A113D1}\InProcServer32 @ Default = Unknown # C:\Program Files\Microsoft Office\Office15\MSOSB.DLL # MD5 [59ac63d95071da4b8f1f5a9277b7f4fe] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml CLSID = {807583E5-5146-11D5-A672-00B0D022E945} => SOFTWARE\Classes\\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL <= Unknown ==================== ShellServiceObjectDelayLoad =============================== HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present] ==================== ShellServiceObjectDelayLoad x64 ========================= HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present] ==================== Extra (Torpig/ConduitSearch) ============================== HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ Default = {217FC9C0-3AEA-1069-A2DB-08002B30309D} => HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32 @ Default = C:\WINDOWS\system32\shell32.dll HKCR\Directory\shellex\CopyHookHandlers\Monitor @ Default = {7842554E-6BED-11D2-8CDB-B05550C10000} => HKCR\CLSID\{7842554E-6BED-11D2-8CDB-B05550C10000}\InProcServer32 @ Default = C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll HKCR\Directory\shellex\CopyHookHandlers\Sharing @ Default = {40dd6e20-7c17-11ce-a804-00aa003ca9f6} => HKCR\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32 @ Default = C:\WINDOWS\system32\ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe SERV - R2 - [Apple Mobile Device Service] - Apple Mobile Device Service - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe SERV - R2 - [Bonjour Service] - Bonjour-service - c:\program files\bonjour\mdnsresponder.exe SERV - R2 - [btwdins] - Bluetooth Service - c:\program files\widcomm\bluetooth software\btwdins.exe SERV - R2 - [GamesAppIntegrationService] - GamesAppIntegrationService - c:\program files (x86)\wildtangent games\app\gamesappintegrationservice.exe SERV - R2 - [IconMan_R] - IconMan_R - c:\program files (x86)\realtek\realtek pcie card reader\riconman.exe SERV - R2 - [igfxCUIService1.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\igfxcuiservice.exe SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe SERV - R2 - [Intel(R) ME Service] - Intel(R) ME Service - c:\program files (x86)\intel\intel(r) management engine components\fwservice\intelmefwservice.exe SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe SERV - R2 - [PMBDeviceInfoProvider] - PMBDeviceInfoProvider - c:\program files (x86)\sony\playmemories home\pmbdeviceinfoprovider.exe SERV - R2 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - R2 - [SampleCollector] - Intel(R) System Behavior Tracker Collector Service - c:\program files\sony\vaio care\vcperfservice.exe SERV - R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe SERV - R2 - [VAIO Event Service] - VAIO Event Service - c:\program files (x86)\sony\vaio control center\vesmgr.exe SERV - R2 - [vToolbarUpdater18.4.0] - vToolbarUpdater18.4.0 - c:\program files (x86)\common files\avg secure search\vtoolbarupdater\18.4.0\toolbarupdater.exe SERV - R2 - [wltrysvc] - Broadcom Wireless LAN Tray Service - c:\program files\broadcom\broadcom 802.11 network adapter\wltrysvc.exe c:\program files\broadcom\broadcom 802.11 network adapter\bcmwltry.exe [x] SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R2 - [WtuSystemSupport] - WtuSystemSupport - c:\program files (x86)\avg web tuneup\wtusystemsupport.exe SERV - R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe SERV - R3 - [iPod Service] - iPod-service - c:\program files\ipod\bin\ipodservice.exe SERV - R3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - R3 - [VCService] - VCService - c:\program files\sony\vaio care\vcservice.exe SERV - R3 - [VUAgent] - VUAgent - c:\program files\sony\vaio update\vuagent.exe SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe SERV - S2 - [BcmBtRSupport] - Bluetooth Driver Management Service - c:\windows\system32\btwrsupportservice.exe SERV - S2 - [Service KMSELDI] - Service KMSELDI - c:\program files\kmspico\service_kms.exe SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe SERV - S2 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe SERV - S2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [GamesAppService] - GamesAppService - c:\program files (x86)\wildtangent games\app\gamesappservice.exe SERV - S3 - [ICCS] - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - c:\program files (x86)\intel\intel(r) integrated clock controller service\iccproxy.exe SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [McComponentHostServiceSony] - McAfee Security Scan Component Host Service for Sony - c:\program files (x86)\sony\mss\3.8.130\mcchsvc.exe SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [NetworkSupport] - NetworkSupport - c:\program files (x86)\sony\vaio control center\networksetting\networksupport.exe SERV - S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [SOHCImp] - VAIO Content Importer - c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe SERV - S3 - [SOHDms] - VAIO Digital Media Server - c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe SERV - S3 - [SOHDs] - VAIO Device Searcher - c:\program files (x86)\common files\sony shared\sohlib\sohds.exe SERV - S3 - [SpfService] - VAIO Entertainment Common Service - c:\program files\common files\sony shared\vaio entertainment platform\spf\spfservice64.exe SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [USER_ESRV_SVC] - User Energy Server Service - c:\program files\sony\vaio care\esrv\esrv_svc.exe SERV - S3 - [VAIO Power Management] - VAIO Power Management - c:\program files\sony\vaio power management\spmservice.exe SERV - S3 - [VCFw] - VAIO Content Folder Watcher - c:\program files (x86)\common files\sony shared\vaio content folder watcher\vcfw.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe *** Win32ShareProcess *** SERV - R2 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - R3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe SERV - S3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\WINDOWS\system32\Drivers\AVGIDSHA.sys DRV - R0 - [Avgloga] - AVG Logging Driver - C:\WINDOWS\system32\Drivers\Avgloga.sys DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\WINDOWS\system32\Drivers\Avgmfx64.sys DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\WINDOWS\system32\Drivers\Avgrkx64.sys DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\WINDOWS\system32\Drivers\srv.sys DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\WINDOWS\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\WINDOWS\system32\Drivers\ACPI.sys DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys DRV - R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\WINDOWS\system32\Drivers\disk.sys DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\WINDOWS\system32\Drivers\fvevol.sys DRV - R0 - [iaStorA] - iaStorA - C:\WINDOWS\system32\Drivers\iaStorA.sys DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\WINDOWS\system32\Drivers\intelpep.sys DRV - R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys DRV - R0 - [mountmgr] - Mount Point Manager - C:\WINDOWS\system32\Drivers\mountmgr.sys DRV - R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS System Driver - C:\WINDOWS\system32\Drivers\NDIS.sys DRV - R0 - [partmgr] - Partition Manager - C:\WINDOWS\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\WINDOWS\system32\Drivers\pci.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys DRV - R0 - [pdc] - pdc - C:\WINDOWS\system32\Drivers\pdc.sys DRV - R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\WINDOWS\system32\Drivers\spaceport.sys DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\WINDOWS\system32\Drivers\Tcpip.sys DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\WINDOWS\system32\Drivers\vdrvroot.sys DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\WINDOWS\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\WINDOWS\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Opslagvolumes - C:\WINDOWS\system32\Drivers\volsnap.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\WINDOWS\system32\Drivers\Wdf01000.sys DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\WINDOWS\system32\Drivers\WFPLWFS.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\WINDOWS\system32\Drivers\AFD.sys DRV - R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\WINDOWS\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys DRV - S0 - [Avgboota] - AVG Early Launch Anti-Malware Driver - C:\WINDOWS\system32\Drivers\Avgboota.sys DRV - S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys DRV - S3 - [atapi] - IDE-kanaal - C:\WINDOWS\system32\Drivers\atapi.sys ==================== SvcHost - White Listed ==================================== WOW x64 - All Ok ==================== SvcHost x64 - White Listed ================================ All Ok ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== SigCheck x64 Fast ========================================= Fast Scan All ok ==================== Job tasks at C:\WINDOWS\Tasks ============================= C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 940 bytes [ 2-3-2015 21:08:18 ] C:\WINDOWS\Tasks\SA.DAT 6 bytes [ 22-8-2013 16:45:54 ] C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job 264 bytes [ 18-11-2014 22:12:19 ] ==================== Job tasks at C:\WINDOWS\system32\Tasks ==================== C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 3828 bytes [ 2-3-2015 21:08:18 ] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\system32\Tasks\Adobe-online actualiseringsprogramma 3694 bytes [ 27-3-2015 09:58:15 ] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\WINDOWS\system32\Tasks\AutoPico Daily Restart 3708 bytes [ 7-7-2014 20:30:59 ] => "C:\Program Files\KMSpico\AutoPico.exe" C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2780 bytes [ 17-10-2014 17:24:04 ] => "C:\Program Files\CCleaner\CCleaner.exe" C:\WINDOWS\system32\Tasks\CLVDLauncher 3160 bytes [ 6-10-2013 21:40:12 ] => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe C:\WINDOWS\system32\Tasks\CreateChoiceProcessTask 3554 bytes [ 29-4-2014 21:09:56 ] => C:\Windows\BrowserChoice\browserchoice.exe C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3636894022-4057739004-481170259-1001 3596 bytes [ 1-2-2014 14:21:18 ] C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3636894022-4057739004-481170259-1006 3598 bytes [ 10-3-2015 21:09:48 ] C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements 2986 bytes [ 6-10-2013 21:11:34 ] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\Tasks\USER_ESRV_SVC 3134 bytes [ 28-2-2015 09:37:25 ] => "C:\WINDOWS\System32\Wscript.exe" C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4A6BF3A6-EDE9-4922-B7C9-72F80112F223} 3974 bytes [ 10-3-2015 21:07:55 ] => C:\WINDOWS\system32\msfeedssync.exe C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A94EF16E-1A32-45A0-914A-66DDA89BA630} 3966 bytes [ 11-12-2014 21:57:53 ] => C:\WINDOWS\system32\msfeedssync.exe ==================== Job tasks at C:\WINDOWS\SysWOW64\Tasks ==================== There are no .job files found. ==================== End scanning at za 30 mei 2015 18:40 (0 Min 53 Sec ) ======