Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
frits.l@home.nl
Beste specialisten sind enkele dagen verstuurd mijn outlook vanzelf berichten. soms wel 200 op 1 dag. Maar ik krijg wel bericht terug dat ze niet aan zijn gekomen, en terug zijn gestuurd. Ik heb het stappenplan gevolgd en bij deze plaats ik de logjes. zou er misschien iemand even willen naar kijken?
mvg. Roy.l
# AdwCleaner v3.013 - Report created 29/11/2013 at 17:06:47
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Qing International - TARIQVAIO
# Running from : C:\Users\Qing International\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E819E7FM\adwcleaner.exe
# Option : Clean
***** *****
Service Deleted : APNMCP
***** *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Users\Qing International\AppData\Local\thinstall
Folder Deleted : C:\Users\QINGIN~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Qing International\AppData\Roaming\thinstall
***** *****
***** *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\DeviceVM
***** *****
-\\ Internet Explorer v9.0.8112.16476
-\\ Google Chrome v31.0.1650.57
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.11.29.04
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Qing International :: TARIQVAIO
Bescherming: Ingeschakeld
29-11-2013 17:11:30
MBAM-log-2013-11-29 (17-45-26).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 206980
Verstreken tijd: 6 minuut/minuten, 13 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 1
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Geen actie ondernomen.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 1
C:\Users\Qing International\AppData\Roaming\test (Stolen.Data) -> Geen actie ondernomen.
(einde)
Logfile of random's system information tool 1.09 (written by random/random)
Run by Qing International at 2013-11-29 17:46:55
Microsoft Windows 7 Home Premium
System drive C: has 213 GB (72%) free of 294 GB
Total RAM: 3758 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:47:02, on 29-11-2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Qing International.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Sopcast Toolbar BHO - {53504356-3700-A76A-76A7-7A786E7484D7} - “C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport.dll” (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Sopcast Toolbar - {53504356-3700-A76A-76A7-7A786E7484D7} - “C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport.dll” (file missing)
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\RunOnce: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: “C:\Users\Qing International\AppData\Local\Facebook\Update\FacebookUpdate.exe” /c /nocrashserver
O4 - HKCU\..\RunOnce: C:\Windows\system32\cmd.exe /q /c rmdir /s /q “C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64”
O4 - HKCU\..\RunOnce: C:\Windows\system32\cmd.exe /q /c rmdir /s /q “C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910”
O4 - HKCU\..\RunOnce: C:\Windows\system32\cmd.exe /q /c rmdir /s /q “C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64”
O4 - HKCU\..\RunOnce: C:\Windows\system32\cmd.exe /q /c rmdir /s /q “C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811”
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: Send to &Bluetooth Device… - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 13809 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
“c:\Program Files\Microsoft Security Client\MsMpEng.exe”
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe”
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe”
C:\Windows\system32\svchost.exe -k imgsvc
“C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe”
“C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe”
“taskhost.exe”
“C:\Windows\system32\Dwm.exe”
taskeng.exe {0A014E6D-B154-4321-AED9-EA5FD5AE6355}
C:\Windows\Explorer.EXE
“C:\Program Files\Sony\VAIO Power Management\SPMgr.exe” /Start
“C:\Program Files\Sony\VAIO Smart Network\VSNService.exe”
/Device:000000a1
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
“C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”
“C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe”
“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe”
WLIDSvcM.exe 2356
“C:\Program Files\Apoint\Apoint.exe”
“C:\Windows\System32\igfxtray.exe”
“C:\Windows\System32\hkcmd.exe”
“C:\Windows\System32\igfxpers.exe”
“C:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
“C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe” /FORPCEE3
“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
“C:\Program Files\Sony\VAIO Power Management\SPMService.exe”
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“C:\Program Files\Apoint\ApMsgFwd.exe” -s{05FA8492-C047-4207-BE65-780D8591C113}
“C:\Windows\System32\WUDFHost.exe” -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5305162f-d27a-44b5-80d1-58dcc405def9 -SystemEventPortName:HostProcess-e65380c8-6af5-42d9-957b-7f1fa80e677a -IoCancelEventPortName:HostProcess-57ee7503-bef3-4c67-ab95-eee28599abb9 -NonStateChangingEventPortName:HostProcess-dfcea4bb-2b23-43d3-85ce-43d080fb0698 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6490554c-88c1-431b-92c0-7245ed93dbde -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
“C:\Program Files\Apoint\Apvfb.exe”
“Apntex.exe”
\??\C:\Windows\system32\conhost.exe "11044970221982989199063248721932411307-8233138215067640018982224791344282775
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
“c:\Program Files\Microsoft Security Client\NisSrv.exe”
“C:\Program Files (x86)\Internet Explorer\iexplore.exe”
“C:\Program Files (x86)\Internet Explorer\iexplore.exe” SCODEF:4580 CREDAT:203009
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -Embedding
“C:\Program Files (x86)\Internet Explorer\iexplore.exe” SCODEF:4580 CREDAT:203011
“C:\Program Files (x86)\Internet Explorer\iexplore.exe” SCODEF:4580 CREDAT:137478
taskeng.exe {C13DEA36-9832-47F8-8426-6AE04FE42618}
“C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe” /Stationary
“C:\Program Files\Sony\VAIO Update\VUAgent.exe”
“C:\Program Files\Sony\VAIO Care\VCPerfService.exe” “/service” “/sstates” “/sampleinterval=5000” “/procinterval=5” “/dllinterval=120” “/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1” “/counter=\Network Interface(*)\Bytes Total/sec:1” “/expandcounter=\Processor Information(*)\Processor Frequency:1” “/expandcounter=\Processor(*)\% Idle Time:1” “/expandcounter=\Processor(*)\% C1 Time:1” “/expandcounter=\Processor(*)\% C2 Time:1” “/expandcounter=\Processor(*)\% C3 Time:1” “/expandcounter=\Processor(*)\% Processor Time:1” “/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata”
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe”
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe”
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe”
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe” /starttray
“C:\Windows\system32\wuauclt.exe”
“C:\Program Files\Sony\VAIO Care\VCsystray.exe”
“C:\Program Files\Sony\VAIO Care\VCService.exe”
“C:\Program Files\Sony\VAIO Care\VCAgent.exe”
C:\Windows\System32\vds.exe
C:\Windows\servicing\TrustedInstaller.exe
taskhost.exe C:\Windows\system32\defrag.exe -c
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”
“C:\Windows\system32\SearchFilterHost.exe” 0 516 520 528 65536 524
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1584167696-3898691115-1716437680-10017_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1584167696-3898691115-1716437680-10017 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon” “1”
“C:\Program Files (x86)\Internet Explorer\iexplore.exe” SCODEF:4580 CREDAT:203021
“C:\Users\Qing International\Downloads\RSITx64.exe”
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1584167696-3898691115-1716437680-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1584167696-3898691115-1716437680-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
Sopcast Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport_x64.dll
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll
Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Sopcast Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport.dll
Groove GFS Browser Helper - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
{53504356-3700-A76A-76A7-7A786E7484D7} - Sopcast Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport_x64.dll
{53504356-3700-A76A-76A7-7A786E7484D7} - Sopcast Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport.dll
“Apoint”=C:\Program Files\Apoint\Apoint.exe
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“Persistence”=C:\Windows\system32\igfxpers.exe
“MSC”=c:\Program Files\Microsoft Security Client\msseces.exe
“RtHDVBg_Dolby”=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
“BCSSync”=C:\Program Files\Microsoft Office\Office14\BCSSync.exe
“Facebook Update”=C:\Users\Qing International\AppData\Local\Facebook\Update\FacebookUpdate.exe
“Uninstall C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64”=C:\Windows\system32\cmd.exe
“Uninstall C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910”=C:\Windows\system32\cmd.exe
“Uninstall C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64”=C:\Windows\system32\cmd.exe
“Uninstall C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811”=C:\Windows\system32\cmd.exe
C:\Users\Qing International\AppData\Roaming\ACEStream\engine\ace_engine.exe
c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED
c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Qing International\AppData\Local\Temp\.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
“SunJavaUpdateSched”=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
“Malwarebytes Anti-Malware”=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\igfxdev.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
“{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=0
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableLinkedConnections”=1
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“MSVideo8”=VfWWDM32.dll
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2013-11-29 17:46:56 —-D—- C:\Program Files\trend micro
2013-11-29 17:46:55 —-D—- C:\rsit
2013-11-29 17:10:30 —-D—- C:\Users\Qing International\AppData\Roaming\Malwarebytes
2013-11-29 17:10:22 —-D—- C:\ProgramData\Malwarebytes
2013-11-29 17:10:20 —-D—- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-29 17:10:20 —-A—- C:\Windows\system32\drivers\mbam.sys
2013-11-29 17:05:44 —-D—- C:\AdwCleaner
2013-11-29 03:01:36 —-D—- C:\Windows\system32\SPReview
2013-11-27 19:39:25 —-D—- C:\Program Files (x86)\Pearl Harbor Encounter
2013-11-27 18:42:44 —-D—- C:\Users\Qing International\AppData\Roaming\AlawarEntertainment
2013-11-27 15:22:10 —-A—- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-11-27 15:22:08 —-A—- C:\Windows\SYSWOW64\d3dx9_31.dll
2013-11-27 15:21:06 —-D—- C:\Users\Qing International\AppData\Roaming\Winamp
2013-11-27 15:21:06 —-D—- C:\Program Files (x86)\Winamp
2013-11-20 12:30:07 —-D—- C:\ProgramData\DVD Shrink
2013-11-20 12:30:06 —-D—- C:\Program Files (x86)\DVD Shrink
2013-11-05 21:23:31 —-D—- C:\ProgramData\Oracle
2013-11-05 21:23:23 —-A—- C:\Windows\SYSWOW64\javaws.exe
2013-11-05 21:23:17 —-A—- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-11-05 21:23:17 —-A—- C:\Windows\SYSWOW64\javaw.exe
2013-11-05 21:23:17 —-A—- C:\Windows\SYSWOW64\java.exe
2013-11-04 17:39:39 —-D—- C:\Program Files (x86)\Surgeon Simulator 2013 MULTi13 RIP
======List of files/folders modified in the last 1 month======
2013-11-29 17:47:02 —-D—- C:\Windows\Prefetch
2013-11-29 17:46:56 —-RD—- C:\Program Files
2013-11-29 17:46:44 —-D—- C:\Windows\Temp
2013-11-29 17:39:34 —-D—- C:\Windows\system32\config
2013-11-29 17:15:12 —-D—- C:\Windows\System32
2013-11-29 17:15:12 —-D—- C:\Windows\inf
2013-11-29 17:15:12 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-11-29 17:10:22 —-HD—- C:\ProgramData
2013-11-29 17:10:20 —-RD—- C:\Program Files (x86)
2013-11-29 17:10:20 —-D—- C:\Windows\system32\drivers
2013-11-29 17:07:55 —-A—- C:\Windows\SYSWOW64\log.txt
2013-11-29 03:00:32 —-SHD—- C:\System Volume Information
2013-11-28 18:24:17 —-D—- C:\Users\Qing International\AppData\Roaming\vlc
2013-11-28 12:23:10 —-D—- C:\Users\Qing International\AppData\Roaming\GrabIt
2013-11-28 03:06:59 —-SHD—- C:\Windows\Installer
2013-11-28 03:06:54 —-SHD—- C:\Config.Msi
2013-11-27 15:22:10 —-D—- C:\Windows\SysWOW64
2013-11-27 15:21:40 —-D—- C:\Windows\Logs
2013-11-27 03:26:40 —-D—- C:\Windows\system32\catroot
2013-11-27 03:16:49 —-D—- C:\Windows\Microsoft.NET
2013-11-27 03:16:48 —-RSD—- C:\Windows\assembly
2013-11-27 03:10:50 —-D—- C:\ProgramData\Microsoft Help
2013-11-27 03:10:42 —-A—- C:\Windows\win.ini
2013-11-25 03:00:33 —-D—- C:\Windows\system32\catroot2
2013-11-25 00:35:30 —-D—- C:\Windows
2013-11-20 12:46:52 —-D—- C:\Users\Qing International\AppData\Roaming\dvdcss
2013-11-20 03:02:08 —-D—- C:\Program Files\Microsoft Security Client
2013-11-20 03:02:08 —-D—- C:\Program Files (x86)\Microsoft Security Client
2013-11-19 11:21:41 —-N—- C:\Windows\system32\MpSigStub.exe
2013-11-18 20:16:24 —-D—- C:\Windows\debug
2013-11-14 03:01:51 —-D—- C:\Windows\system32\MRT
2013-11-14 03:01:48 —-A—- C:\Windows\system32\MRT.exe
2013-11-06 03:00:18 —-D—- C:\Windows\system32\wdi
2013-11-05 21:23:26 —-D—- C:\Program Files (x86)\Common Files
2013-11-05 21:23:17 —-D—- C:\Program Files (x86)\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys
R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hcs.sys
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys
R2 risdpcie;risdpcie; C:\Windows\system32\DRIVERS\risdpe64.sys
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys
S2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys
S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys
S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys
S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe
R3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
—————–EOF—————–
