Goedemiddag,
Mijn laptop start sinds gisteren niet meer normaal op. Ik krijg steeds een blauw scherm met bovenstaande melding. Ik heb jullie stappenplan opgevolgd en plaats hieronder de logjes. Dit probleem is sinds gisteren nadat ik een document in mail opende dat in Word was opgemaakt. Ik hoop dat iemand mij kan helpen. Alvast bedankt voor het lezen.
AdwCleaner v2.306 - Verslag gemaakt op 08/08/2013 om 14:21:49
# Geactualiseerd op 19/07/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Gerard - MANKO1
# Opstarten Modus : Veillige modus met netwerk
# Gelanceerd vanaf : C:\Users\Gerard\Desktop\adwcleaner.exe
# Optie
***** *****
***** *****
Map Verwijderd : C:\Program Files (x86)\Conduit
Map Verwijderd : C:\ProgramData\IBUpdaterService
Map Verwijderd : C:\Users\Gerard\AppData\LocalLow\Conduit
Map Verwijderd : C:\Users\Gerard\AppData\Roaming\file scout
Map Verwijderd : C:\Users\Gerard\AppData\Roaming\PerformerSoft
***** *****
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijderd : HKCU\Software\Conduit
Sleutel Verwijderd : HKCU\Software\Softonic
Sleutel Verwijderd : HKCU\Software\systweak
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Sleutel Verwijderd : HKLM\Software\Conduit
Sleutel Verwijderd : HKLM\Software\systweak
Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
***** *****
-\\ Internet Explorer v10.0.9200.16635
Het register bevat geen enkele ongeoorloofde invoer.
-\\ Google Chrome v28.0.1500.95
File : C:\Users\Gerard\AppData\Local\Google\Chrome\User Data\Default\Preferences
De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.08.08.04
Windows 7 Service Pack 1 x64 NTFS (Veilige modus/netwerkmogelijkheden)
Internet Explorer 10.0.9200.16635
Gerard :: MANKO1
Bescherming: Uitgeschakeld
8-8-2013 14:32:01
mbam-log-2013-08-08 (14-32-01).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 200096
Verstreken tijd: 6 minuut/minuten, 25 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Logfile of random's system information tool 1.09 (written by random/random)
Run by Gerard at 2013-08-08 16:45:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1 GB (1%) free of 122 GB
Total RAM: 4000 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:45:37, on 8-8-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Gerard.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121009232230.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - “C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll” (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - “C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll” (file missing)
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\ASUS\APRP\APRP.EXE”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe” -app -hosterid:1
O4 - HKLM\..\Run: “C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE” /splash
O4 - HKLM\..\RunOnce: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: “C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: “C:\Users\Gerard\AppData\Roaming\Spotify\Spotify.exe” /uri spotify:autostart
O4 - HKCU\..\Run: “C:\Users\Gerard\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
O4 - HKCU\..\Run: “C:\Users\Gerard\AppData\Local\Facebook\Update\FacebookUpdate.exe” /c /nocrashserver
O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKCU\..\RunOnce: C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex
O4 - HKCU\..\RunOnce: C:\AdwCleaner.txt
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 12230 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
“C:\Program Files\Internet Explorer\iexplore.exe”
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:756 CREDAT:209921 /prefetch:2
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe”
C:\Windows\system32\wbem\wmiprvse.exe
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:756 CREDAT:3552301 /prefetch:2
“C:\Users\Gerard\Desktop\RSITx64.exe”
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3408539280-2068026174-2983876654-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3408539280-2068026174-2983876654-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\PC Health Advisor Defrag.job
C:\Windows\tasks\PC Health Advisor.job
======Registry dump======
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121009232230.dll
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121009232230.dll
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“ETDCtrl”=C:\Program Files\Elantech\ETDCtrl.exe
“AmIcoSinglun64”=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
“RtHDVBg”=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
“KiesHelper”=C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe
“KiesPDLR”=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
“msnmsgr”=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
“Spotify”=C:\Users\Gerard\AppData\Roaming\Spotify\Spotify.exe
“Spotify Web Helper”=C:\Users\Gerard\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
“Facebook Update”=C:\Users\Gerard\AppData\Local\Facebook\Update\FacebookUpdate.exe
“Skype”=C:\Program Files (x86)\Skype\Phone\Skype.exe
“FlashPlayerUpdate”=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
“Report”=C:\AdwCleaner.txt
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
“Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“ASUSPRP”=C:\Program Files (x86)\ASUS\APRP\APRP.EXE
“ASUSWebStorage”=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
“SonicMasterTray”=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
“ATKOSD2”=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
“ATKMEDIA”=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
“HControlUser”=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
“Wireless Console 3”=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
“QuickTime Task”=C:\Program Files (x86)\QuickTime\QTTask.exe
“KiesTrayAgent”=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
“APSDaemon”=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
“iTunesHelper”=C:\Program Files (x86)\iTunes\iTunesHelper.exe
“F-Secure Hoster (45123)”=C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
“F-Secure Manager”=C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE
“Malwarebytes Anti-Malware”=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
FancyStart daemon.lnk - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Users\Gerard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Windows\system32\igfxdev.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“DisableTaskMgr”=0
“EnableLinkedConnections”=1
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“NoRun”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“MSVideo8”=VfWWDM32.dll
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2013-08-08 16:45:33 —-D—- C:\Program Files\trend micro
2013-08-08 16:45:32 —-D—- C:\rsit
2013-08-08 14:40:07 —-D—- C:\Program Files (x86)\ESET
2013-08-08 14:38:24 —-D—- C:\Users\Gerard\AppData\Roaming\ParetoLogic
2013-08-08 14:38:24 —-D—- C:\Users\Gerard\AppData\Roaming\DriverCure
2013-08-08 14:38:12 —-D—- C:\ProgramData\ParetoLogic
2013-08-08 14:38:12 —-D—- C:\Program Files (x86)\ParetoLogic
2013-08-08 14:31:13 —-D—- C:\Users\Gerard\AppData\Roaming\Malwarebytes
2013-08-08 14:31:07 —-D—- C:\ProgramData\Malwarebytes
2013-08-08 14:31:07 —-A—- C:\Windows\system32\drivers\mbam.sys
2013-08-08 14:31:06 —-D—- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-08 14:21:49 —-A—- C:\AdwCleaner.txt
2013-08-07 19:23:41 —-A—- C:\Windows\ntbtlog.txt
2013-07-16 14:33:48 —-A—- C:\Windows\system32\drivers\fsbts.sys
2013-07-16 14:27:41 —-A—- C:\Windows\SYSWOW64\drivers\fsbts.sys
2013-07-16 14:27:24 —-A—- C:\Windows\prodsett_copy.ini
2013-07-16 14:20:20 —-D—- C:\Windows\Minidump
2013-07-16 14:02:23 —-D—- C:\Program Files (x86)\Internetbeveiliging
2013-07-16 13:59:40 —-D—- C:\ProgramData\F-Secure
2013-07-13 01:01:20 —-A—- C:\Windows\SYSWOW64\ieui.dll
2013-07-13 01:01:19 —-A—- C:\Windows\system32\ieui.dll
2013-07-13 01:01:18 —-A—- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-13 01:01:18 —-A—- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-13 01:01:18 —-A—- C:\Windows\SYSWOW64\iesetup.dll
2013-07-13 01:01:18 —-A—- C:\Windows\SYSWOW64\iertutil.dll
2013-07-13 01:01:18 —-A—- C:\Windows\SYSWOW64\iernonce.dll
2013-07-13 01:01:18 —-A—- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-13 01:01:18 —-A—- C:\Windows\system32\iesysprep.dll
2013-07-13 01:01:18 —-A—- C:\Windows\system32\iesetup.dll
2013-07-13 01:01:18 —-A—- C:\Windows\system32\iertutil.dll
2013-07-13 01:01:18 —-A—- C:\Windows\system32\iernonce.dll
2013-07-13 01:01:18 —-A—- C:\Windows\system32\ie4uinit.exe
2013-07-13 01:01:17 —-A—- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-13 01:01:17 —-A—- C:\Windows\system32\msfeeds.dll
2013-07-13 01:01:16 —-A—- C:\Windows\SYSWOW64\jscript.dll
2013-07-13 01:01:16 —-A—- C:\Windows\system32\jscript.dll
2013-07-13 01:01:15 —-A—- C:\Windows\SYSWOW64\jscript9.dll
2013-07-13 01:01:15 —-A—- C:\Windows\system32\jscript9.dll
2013-07-13 01:01:14 —-A—- C:\Windows\SYSWOW64\urlmon.dll
2013-07-13 01:01:14 —-A—- C:\Windows\system32\urlmon.dll
2013-07-13 01:01:12 —-A—- C:\Windows\SYSWOW64\wininet.dll
2013-07-13 01:01:12 —-A—- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-13 01:01:12 —-A—- C:\Windows\system32\jsproxy.dll
2013-07-13 01:01:11 —-A—- C:\Windows\system32\wininet.dll
2013-07-13 01:01:10 —-A—- C:\Windows\SYSWOW64\ieframe.dll
2013-07-13 01:01:08 —-A—- C:\Windows\system32\ieframe.dll
2013-07-13 01:01:07 —-A—- C:\Windows\system32\mshtml.dll
2013-07-13 01:01:04 —-A—- C:\Windows\SYSWOW64\mshtml.dll
2013-07-11 11:27:35 —-A—- C:\Windows\SYSWOW64\qedit.dll
2013-07-11 11:27:35 —-A—- C:\Windows\system32\qedit.dll
2013-07-11 11:27:33 —-A—- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-11 11:27:33 —-A—- C:\Windows\system32\WMVDECOD.DLL
2013-07-11 11:27:27 —-A—- C:\Windows\system32\win32k.sys
2013-07-11 11:27:18 —-A—- C:\Windows\system32\DWrite.dll
2013-07-11 11:27:17 —-A—- C:\Windows\SYSWOW64\DWrite.dll
======List of files/folders modified in the last 1 month======
2013-08-08 16:45:33 —-RD—- C:\Program Files
2013-08-08 14:40:07 —-RD—- C:\Program Files (x86)
2013-08-08 14:38:27 —-D—- C:\Windows\Tasks
2013-08-08 14:38:12 —-HD—- C:\ProgramData
2013-08-08 14:38:12 —-D—- C:\Program Files (x86)\Common Files
2013-08-08 14:31:07 —-D—- C:\Windows\system32\drivers
2013-08-08 14:29:51 —-D—- C:\Windows
2013-08-08 14:26:45 —-D—- C:\Windows\SysWOW64
2013-08-08 14:24:06 —-HD—- C:\ASUS.DAT
2013-08-08 14:11:31 —-D—- C:\Windows\Temp
2013-08-07 19:27:48 —-D—- C:\Users\Gerard\AppData\Roaming\Skype
2013-08-07 19:27:44 —-D—- C:\Users\Gerard\AppData\Roaming\Spotify
2013-08-07 17:14:48 —-D—- C:\Windows\system32\config
2013-08-07 11:30:23 —-D—- C:\Windows\Prefetch
2013-08-07 11:19:24 —-A—- C:\Windows\SYSWOW64\log.txt
2013-08-07 11:17:26 —-A—- C:\Windows\system32\AutoRunFilter.ini
2013-08-07 11:14:34 —-A—- C:\Windows\system32\ServiceFilter.ini
2013-08-07 11:11:50 —-D—- C:\Users\Gerard\AppData\Roaming\uTorrent
2013-08-03 21:49:32 —-D—- C:\Users\Gerard\AppData\Roaming\vlc
2013-07-22 14:17:36 —-SHD—- C:\System Volume Information
2013-07-16 14:33:48 —-D—- C:\Windows\system32\catroot
2013-07-16 14:27:41 —-SHD—- C:\Windows\Installer
2013-07-16 14:27:41 —-D—- C:\Windows\SYSWOW64\drivers
2013-07-16 14:13:32 —-D—- C:\Windows\inf
2013-07-16 14:02:38 —-D—- C:\Windows\winsxs
2013-07-13 13:27:54 —-RSD—- C:\Windows\assembly
2013-07-13 13:27:54 —-D—- C:\Windows\Microsoft.NET
2013-07-13 11:55:05 —-D—- C:\Program Files\Microsoft Silverlight
2013-07-13 11:55:03 —-D—- C:\Program Files (x86)\Microsoft Silverlight
2013-07-13 11:53:45 —-D—- C:\Windows\System32
2013-07-13 11:53:45 —-D—- C:\Program Files\Windows Defender
2013-07-13 11:53:45 —-D—- C:\Program Files (x86)\Windows Defender
2013-07-13 11:53:45 —-D—- C:\Program Files (x86)\Internet Explorer
2013-07-13 11:53:44 —-D—- C:\Program Files\Windows Journal
2013-07-13 11:53:44 —-D—- C:\Program Files\Internet Explorer
2013-07-13 11:53:20 —-D—- C:\Users\Gerard\AppData\Roaming\SoftGrid Client
2013-07-13 01:08:24 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-07-13 01:02:35 —-A—- C:\Windows\system32\MRT.exe
2013-07-13 01:01:36 —-D—- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys
S1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
S1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\HIPS\drivers\fshs.sys
S1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
S2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys
S3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
S3 fsni;fsni; \??\C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Scanning\fsni64.sys
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys
S3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys
S3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys
S3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys
S3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys
S3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM); C:\Windows\system32\DRIVERS\ssceserd.sys
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
S2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
S2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
S2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
S2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
S2 fshoster;F-Secure Dll Hoster; C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
S2 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe
S2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
S2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
S3 FSMA;F-Secure Management Agent; C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
S3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
—————–EOF—————–