E-Mail verzend berichten

 • frits.l@home.nl

  Beste specialisten sind enkele dagen verstuurd mijn outlook vanzelf berichten. soms wel 200 op 1 dag. Maar ik krijg wel bericht terug dat ze niet aan zijn gekomen, en terug zijn gestuurd. Ik heb het stappenplan gevolgd en bij deze plaats ik de logjes. zou er misschien iemand even willen naar kijken?

  mvg. Roy.l

  # AdwCleaner v3.013 - Report created 29/11/2013 at 17:06:47

  # Updated 24/11/2013 by Xplode

  # Operating System : Windows 7 Home Premium (64 bits)

  # Username : Qing International - TARIQVAIO

  # Running from : C:\Users\Qing International\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E819E7FM\adwcleaner.exe

  # Option : Clean

  ***** *****

  Service Deleted : APNMCP

  ***** *****

  Folder Deleted : C:\ProgramData\apn

  Folder Deleted : C:\ProgramData\AskPartnerNetwork

  Folder Deleted : C:\ProgramData\Partner

  Folder Deleted : C:\ProgramData\StarApp

  Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork

  Folder Deleted : C:\Users\Qing International\AppData\Local\thinstall

  Folder Deleted : C:\Users\QINGIN~1\AppData\Local\Temp\apn

  Folder Deleted : C:\Users\Qing International\AppData\Roaming\thinstall

  ***** *****

  ***** *****

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS

  Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

  Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}

  Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

  Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}

  Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}

  Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}

  Key Deleted : HKCU\Software\AskPartnerNetwork

  Key Deleted : HKLM\Software\AskPartnerNetwork

  Key Deleted : HKLM\Software\DeviceVM

  Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork

  Key Deleted : HKLM\SOFTWARE\DeviceVM

  ***** *****

  -\\ Internet Explorer v9.0.8112.16476

  -\\ Google Chrome v31.0.1650.57

  *************************

  AdwCleaner.txt - -

  AdwCleaner.txt - -

  ########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########

  Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300

  www.malwarebytes.org

  Databaseversie: v2013.11.29.04

  Windows 7 x64 NTFS

  Internet Explorer 9.0.8112.16421

  Qing International :: TARIQVAIO

  Bescherming: Ingeschakeld

  29-11-2013 17:11:30

  MBAM-log-2013-11-29 (17-45-26).txt

  Scan type: Snelle scan

  Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

  Uitgeschakelde scan opties: P2P

  Objecten gescand: 206980

  Verstreken tijd: 6 minuut/minuten, 13 seconde(n)

  Geheugenprocessen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels gedetecteerd: 1

  HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Geen actie ondernomen.

  Registerwaarden gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Mappen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden gedetecteerd: 1

  C:\Users\Qing International\AppData\Roaming\test (Stolen.Data) -> Geen actie ondernomen.

  (einde)

  Logfile of random's system information tool 1.09 (written by random/random)

  Run by Qing International at 2013-11-29 17:46:55

  Microsoft Windows 7 Home Premium

  System drive C: has 213 GB (72%) free of 294 GB

  Total RAM: 3758 MB (53% free)

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 17:47:02, on 29-11-2013

  Platform: Windows 7 (WinNT 6.00.3504)

  MSIE: Internet Explorer v9.00 (9.00.8112.16476)

  Boot mode: Normal

  Running processes:

  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

  C:\Program Files (x86)\Internet Explorer\iexplore.exe

  C:\Program Files (x86)\Internet Explorer\iexplore.exe

  C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe

  C:\Program Files (x86)\Internet Explorer\iexplore.exe

  C:\Program Files (x86)\Internet Explorer\iexplore.exe

  C:\Program Files\Sony\VAIO Care\listener.exe

  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

  C:\Program Files (x86)\Internet Explorer\iexplore.exe

  C:\Program Files\trend micro\Qing International.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.nl/

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

  F2 - REG:system.ini: UserInit=userinit.exe

  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

  O2 - BHO: Sopcast Toolbar BHO - {53504356-3700-A76A-76A7-7A786E7484D7} - “C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport.dll” (file missing)

  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL

  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

  O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

  O3 - Toolbar: Sopcast Toolbar - {53504356-3700-A76A-76A7-7A786E7484D7} - “C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport.dll” (file missing)

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”

  O4 - HKLM\..\RunOnce: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

  O4 - HKCU\..\Run: “C:\Users\Qing International\AppData\Local\Facebook\Update\FacebookUpdate.exe” /c /nocrashserver

  O4 - HKCU\..\RunOnce: C:\Windows\system32\cmd.exe /q /c rmdir /s /q “C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64”

  O4 - HKCU\..\RunOnce: C:\Windows\system32\cmd.exe /q /c rmdir /s /q “C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910”

  O4 - HKCU\..\RunOnce: C:\Windows\system32\cmd.exe /q /c rmdir /s /q “C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64”

  O4 - HKCU\..\RunOnce: C:\Windows\system32\cmd.exe /q /c rmdir /s /q “C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811”

  O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)

  O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)

  O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105

  O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000

  O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

  O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe

  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

  O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

  O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

  O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

  O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

  O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

  O9 - Extra ‘Tools’ menuitem: Send to &Bluetooth Device… - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O11 - Options group: Accelerated graphics

  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

  O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

  O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

  O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

  O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

  O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

  O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

  O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe

  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

  O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

  O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

  O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

  O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

  O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

  O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

  O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe

  O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe

  O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe

  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

  O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

  O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

  O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

  O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe

  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

  O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

  O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe

  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

  End of file - 13809 bytes

  ======Listing Processes======

  \SystemRoot\System32\smss.exe

  %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

  wininit.exe

  %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

  C:\Windows\system32\services.exe

  C:\Windows\system32\lsass.exe

  C:\Windows\system32\lsm.exe

  winlogon.exe

  C:\Windows\system32\svchost.exe -k DcomLaunch

  C:\Windows\system32\svchost.exe -k RPCSS

  “c:\Program Files\Microsoft Security Client\MsMpEng.exe”

  C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

  C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

  C:\Windows\system32\svchost.exe -k netsvcs

  C:\Windows\system32\svchost.exe -k LocalService

  C:\Windows\system32\svchost.exe -k NetworkService

  C:\Windows\System32\spoolsv.exe

  C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

  “C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe”

  C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

  “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe”

  C:\Windows\system32\svchost.exe -k imgsvc

  “C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe”

  “C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe”

  “taskhost.exe”

  “C:\Windows\system32\Dwm.exe”

  taskeng.exe {0A014E6D-B154-4321-AED9-EA5FD5AE6355}

  C:\Windows\Explorer.EXE

  “C:\Program Files\Sony\VAIO Power Management\SPMgr.exe” /Start

  “C:\Program Files\Sony\VAIO Smart Network\VSNService.exe”

  /Device:000000a1

  C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}

  “C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”

  “C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe”

  “C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe”

  WLIDSvcM.exe 2356

  “C:\Program Files\Apoint\Apoint.exe”

  “C:\Windows\System32\igfxtray.exe”

  “C:\Windows\System32\hkcmd.exe”

  “C:\Windows\System32\igfxpers.exe”

  “C:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey

  “C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe” /FORPCEE3

  “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”

  “C:\Program Files\Sony\VAIO Power Management\SPMService.exe”

  C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

  “C:\Program Files\Apoint\ApMsgFwd.exe” -s{05FA8492-C047-4207-BE65-780D8591C113}

  “C:\Windows\System32\WUDFHost.exe” -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5305162f-d27a-44b5-80d1-58dcc405def9 -SystemEventPortName:HostProcess-e65380c8-6af5-42d9-957b-7f1fa80e677a -IoCancelEventPortName:HostProcess-57ee7503-bef3-4c67-ab95-eee28599abb9 -NonStateChangingEventPortName:HostProcess-dfcea4bb-2b23-43d3-85ce-43d080fb0698 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6490554c-88c1-431b-92c0-7245ed93dbde -DeviceGroupId:WpdFsGroup

  C:\Windows\system32\wbem\wmiprvse.exe

  C:\Windows\system32\SearchIndexer.exe /Embedding

  “C:\Program Files\Windows Media Player\wmpnetwk.exe”

  “C:\Program Files\Apoint\Apvfb.exe”

  “Apntex.exe”

  \??\C:\Windows\system32\conhost.exe "11044970221982989199063248721932411307-8233138215067640018982224791344282775

  C:\Windows\System32\svchost.exe -k LocalServicePeerNet

  C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

  “c:\Program Files\Microsoft Security Client\NisSrv.exe”

  “C:\Program Files (x86)\Internet Explorer\iexplore.exe”

  “C:\Program Files (x86)\Internet Explorer\iexplore.exe” SCODEF:4580 CREDAT:203009

  C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -Embedding

  “C:\Program Files (x86)\Internet Explorer\iexplore.exe” SCODEF:4580 CREDAT:203011

  “C:\Program Files (x86)\Internet Explorer\iexplore.exe” SCODEF:4580 CREDAT:137478

  taskeng.exe {C13DEA36-9832-47F8-8426-6AE04FE42618}

  “C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe” /Stationary

  “C:\Program Files\Sony\VAIO Update\VUAgent.exe”

  “C:\Program Files\Sony\VAIO Care\VCPerfService.exe” “/service” “/sstates” “/sampleinterval=5000” “/procinterval=5” “/dllinterval=120” “/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1” “/counter=\Network Interface(*)\Bytes Total/sec:1” “/expandcounter=\Processor Information(*)\Processor Frequency:1” “/expandcounter=\Processor(*)\% Idle Time:1” “/expandcounter=\Processor(*)\% C1 Time:1” “/expandcounter=\Processor(*)\% C2 Time:1” “/expandcounter=\Processor(*)\% C3 Time:1” “/expandcounter=\Processor(*)\% Processor Time:1” “/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata”

  C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0

  “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe”

  “C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe”

  “C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe”

  “C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe” /starttray

  “C:\Windows\system32\wuauclt.exe”

  “C:\Program Files\Sony\VAIO Care\VCsystray.exe”

  “C:\Program Files\Sony\VAIO Care\VCService.exe”

  “C:\Program Files\Sony\VAIO Care\VCAgent.exe”

  C:\Windows\System32\vds.exe

  C:\Windows\servicing\TrustedInstaller.exe

  taskhost.exe C:\Windows\system32\defrag.exe -c

  “C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”

  “C:\Windows\system32\SearchFilterHost.exe” 0 516 520 528 65536 524

  “C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1584167696-3898691115-1716437680-10017_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1584167696-3898691115-1716437680-10017 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon” “1”

  “C:\Program Files (x86)\Internet Explorer\iexplore.exe” SCODEF:4580 CREDAT:203021

  “C:\Users\Qing International\Downloads\RSITx64.exe”

  C:\Windows\system32\wbem\wmiprvse.exe

  ======Scheduled tasks folder======

  C:\Windows\tasks\Adobe Flash Player Updater.job

  C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1584167696-3898691115-1716437680-1001Core.job

  C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1584167696-3898691115-1716437680-1001UA.job

  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

  ======Registry dump======

  Sopcast Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport_x64.dll

  Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL

  Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL

  Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll

  Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

  Sopcast Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport.dll

  Groove GFS Browser Helper - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL

  Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

  Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

  Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

  {53504356-3700-A76A-76A7-7A786E7484D7} - Sopcast Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport_x64.dll

  {53504356-3700-A76A-76A7-7A786E7484D7} - Sopcast Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SPCV7\Passport.dll

  “Apoint”=C:\Program Files\Apoint\Apoint.exe

  “IgfxTray”=C:\Windows\system32\igfxtray.exe

  “HotKeysCmds”=C:\Windows\system32\hkcmd.exe

  “Persistence”=C:\Windows\system32\igfxpers.exe

  “MSC”=c:\Program Files\Microsoft Security Client\msseces.exe

  “RtHDVBg_Dolby”=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

  “BCSSync”=C:\Program Files\Microsoft Office\Office14\BCSSync.exe

  “Facebook Update”=C:\Users\Qing International\AppData\Local\Facebook\Update\FacebookUpdate.exe

  “Uninstall C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64”=C:\Windows\system32\cmd.exe

  “Uninstall C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910”=C:\Windows\system32\cmd.exe

  “Uninstall C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64”=C:\Windows\system32\cmd.exe

  “Uninstall C:\Users\Qing International\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811”=C:\Windows\system32\cmd.exe

  C:\Users\Qing International\AppData\Roaming\ACEStream\engine\ace_engine.exe

  c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

  c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

  C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

  C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

  C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

  C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe

  C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED

  c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

  C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun

  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

  C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

  C:\Users\Qing International\AppData\Local\Temp\.exe

  C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe

  “SunJavaUpdateSched”=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

  “Malwarebytes Anti-Malware”=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

  C:\Windows\system32\igfxdev.dll

  WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

  “{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL

  “{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL

  “SecurityProviders”=credssp.dll

  “ConsentPromptBehaviorAdmin”=5

  “ConsentPromptBehaviorUser”=0

  “EnableUIADesktopToggle”=0

  “dontdisplaylastusername”=0

  “legalnoticecaption”=

  “legalnoticetext”=

  “shutdownwithoutlogon”=1

  “undockwithoutlogon”=1

  “EnableLinkedConnections”=1

  “NoActiveDesktop”=1

  “NoActiveDesktopChanges”=1

  “ForceActiveDesktopOn”=0

  “vidc.mrle”=msrle32.dll

  “vidc.msvc”=msvidc32.dll

  “msacm.imaadpcm”=imaadp32.acm

  “msacm.msg711”=msg711.acm

  “msacm.msgsm610”=msgsm32.acm

  “msacm.msadpcm”=msadp32.acm

  “midimapper”=midimap.dll

  “wavemapper”=msacm32.drv

  “VIDC.UYVY”=msyuv.dll

  “VIDC.YUY2”=msyuv.dll

  “VIDC.YVYU”=msyuv.dll

  “VIDC.IYUV”=iyuv_32.dll

  “vidc.i420”=iyuv_32.dll

  “VIDC.YVU9”=tsbyuv.dll

  “msacm.l3acm”=C:\Windows\System32\l3codeca.acm

  “MSVideo8”=VfWWDM32.dll

  “wave2”=wdmaud.drv

  “midi2”=wdmaud.drv

  “mixer2”=wdmaud.drv

  “wave1”=wdmaud.drv

  “midi1”=wdmaud.drv

  “mixer1”=wdmaud.drv

  “aux1”=wdmaud.drv

  “wave”=wdmaud.drv

  “midi”=wdmaud.drv

  “mixer”=wdmaud.drv

  “aux”=wdmaud.drv

  ======File associations======

  .js - edit - C:\Windows\System32\Notepad.exe %1

  .js - open - C:\Windows\System32\WScript.exe “%1” %*

  ======List of files/folders created in the last 1 month======

  2013-11-29 17:46:56 —-D—- C:\Program Files\trend micro

  2013-11-29 17:46:55 —-D—- C:\rsit

  2013-11-29 17:10:30 —-D—- C:\Users\Qing International\AppData\Roaming\Malwarebytes

  2013-11-29 17:10:22 —-D—- C:\ProgramData\Malwarebytes

  2013-11-29 17:10:20 —-D—- C:\Program Files (x86)\Malwarebytes' Anti-Malware

  2013-11-29 17:10:20 —-A—- C:\Windows\system32\drivers\mbam.sys

  2013-11-29 17:05:44 —-D—- C:\AdwCleaner

  2013-11-29 03:01:36 —-D—- C:\Windows\system32\SPReview

  2013-11-27 19:39:25 —-D—- C:\Program Files (x86)\Pearl Harbor Encounter

  2013-11-27 18:42:44 —-D—- C:\Users\Qing International\AppData\Roaming\AlawarEntertainment

  2013-11-27 15:22:10 —-A—- C:\Windows\SYSWOW64\D3DX9_42.dll

  2013-11-27 15:22:08 —-A—- C:\Windows\SYSWOW64\d3dx9_31.dll

  2013-11-27 15:21:06 —-D—- C:\Users\Qing International\AppData\Roaming\Winamp

  2013-11-27 15:21:06 —-D—- C:\Program Files (x86)\Winamp

  2013-11-20 12:30:07 —-D—- C:\ProgramData\DVD Shrink

  2013-11-20 12:30:06 —-D—- C:\Program Files (x86)\DVD Shrink

  2013-11-05 21:23:31 —-D—- C:\ProgramData\Oracle

  2013-11-05 21:23:23 —-A—- C:\Windows\SYSWOW64\javaws.exe

  2013-11-05 21:23:17 —-A—- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

  2013-11-05 21:23:17 —-A—- C:\Windows\SYSWOW64\javaw.exe

  2013-11-05 21:23:17 —-A—- C:\Windows\SYSWOW64\java.exe

  2013-11-04 17:39:39 —-D—- C:\Program Files (x86)\Surgeon Simulator 2013 MULTi13 RIP

  ======List of files/folders modified in the last 1 month======

  2013-11-29 17:47:02 —-D—- C:\Windows\Prefetch

  2013-11-29 17:46:56 —-RD—- C:\Program Files

  2013-11-29 17:46:44 —-D—- C:\Windows\Temp

  2013-11-29 17:39:34 —-D—- C:\Windows\system32\config

  2013-11-29 17:15:12 —-D—- C:\Windows\System32

  2013-11-29 17:15:12 —-D—- C:\Windows\inf

  2013-11-29 17:15:12 —-A—- C:\Windows\system32\PerfStringBackup.INI

  2013-11-29 17:10:22 —-HD—- C:\ProgramData

  2013-11-29 17:10:20 —-RD—- C:\Program Files (x86)

  2013-11-29 17:10:20 —-D—- C:\Windows\system32\drivers

  2013-11-29 17:07:55 —-A—- C:\Windows\SYSWOW64\log.txt

  2013-11-29 03:00:32 —-SHD—- C:\System Volume Information

  2013-11-28 18:24:17 —-D—- C:\Users\Qing International\AppData\Roaming\vlc

  2013-11-28 12:23:10 —-D—- C:\Users\Qing International\AppData\Roaming\GrabIt

  2013-11-28 03:06:59 —-SHD—- C:\Windows\Installer

  2013-11-28 03:06:54 —-SHD—- C:\Config.Msi

  2013-11-27 15:22:10 —-D—- C:\Windows\SysWOW64

  2013-11-27 15:21:40 —-D—- C:\Windows\Logs

  2013-11-27 03:26:40 —-D—- C:\Windows\system32\catroot

  2013-11-27 03:16:49 —-D—- C:\Windows\Microsoft.NET

  2013-11-27 03:16:48 —-RSD—- C:\Windows\assembly

  2013-11-27 03:10:50 —-D—- C:\ProgramData\Microsoft Help

  2013-11-27 03:10:42 —-A—- C:\Windows\win.ini

  2013-11-25 03:00:33 —-D—- C:\Windows\system32\catroot2

  2013-11-25 00:35:30 —-D—- C:\Windows

  2013-11-20 12:46:52 —-D—- C:\Users\Qing International\AppData\Roaming\dvdcss

  2013-11-20 03:02:08 —-D—- C:\Program Files\Microsoft Security Client

  2013-11-20 03:02:08 —-D—- C:\Program Files (x86)\Microsoft Security Client

  2013-11-19 11:21:41 —-N—- C:\Windows\system32\MpSigStub.exe

  2013-11-18 20:16:24 —-D—- C:\Windows\debug

  2013-11-14 03:01:51 —-D—- C:\Windows\system32\MRT

  2013-11-14 03:01:48 —-A—- C:\Windows\system32\MRT.exe

  2013-11-06 03:00:18 —-D—- C:\Windows\system32\wdi

  2013-11-05 21:23:26 —-D—- C:\Program Files (x86)\Common Files

  2013-11-05 21:23:17 —-D—- C:\Program Files (x86)\Java

  ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys

  R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hcs.sys

  R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys

  R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys

  R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys

  R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys

  R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys

  R2 risdpcie;risdpcie; C:\Windows\system32\DRIVERS\risdpe64.sys

  R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys

  R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys

  R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys

  R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys

  R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys

  R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys

  R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys

  R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys

  R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys

  S2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys

  S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

  S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys

  S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys

  S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys

  S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys

  S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys

  S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys

  S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys

  S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys

  S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys

  S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys

  S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys

  S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys

  S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys

  S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys

  S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys

  S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys

  S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys

  S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys

  S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys

  S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys

  S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys

  ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

  R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

  R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

  R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

  R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

  R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe

  R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe

  R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

  R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

  R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe

  R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

  R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

  R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe

  R3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe

  R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe

  R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe

  S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

  S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

  S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

  S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

  S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

  S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

  S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

  S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

  S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

  S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

  S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

  S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

  S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe

  S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

  S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

  S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

  S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

  S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe

  S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

  S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

  S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

  —————–EOF—————–

 • Ben

  Hallo,

  Je heb het waarschijnlijk over de oude Hotmail:

  1. Begin met volgende: open jouw Hotmail

  o Ga naar Opties \ Meer opties (helemaal rechtsboven).

  o Vervolgens klik je op Persoonlijke gegevens bekijken en bewerken, onder Account beheren.

  o Voer je wachtwoord in.

  o Nu zie je jouw gegevens staan.

  o Klik op Wijzigen naast Wachtwoord, onder Wachtwoordgegevens.

  o Geef een nieuw en goed wachtwoord op.

  o Klik aansluitend op Bevestigen.

  Download

  Zoek.zip naar het bureaublad.

  Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.

  Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".

  Dubbelklik vervolgens op Zoek.exe om de tool te starten.

  Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

  Kopieer nu onderstaande code en plak die in het grote invulvenster:

  Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  firefoxlook;

  emptyclsid;

  torpigcheck;

  emptyfolderscheck;delete

  chromelook;

  standardsearch;

  filesrcm;

  autoclean;

  startupall;

  Klik nu op de knop "Run script".

  Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  Post het geopende logje in het volgende bericht.

 • Jos H

  Frits, en dan je profiel wijzigen zodat je mailadres niet meer zichtbaar is.

  Mailadres op een open forum is vragen om nog meer ellende.

 • frits.l@home.nl

  Hmmm vreemd hotmail gebruik ik al een paar jaar niet meer

 • Ben

  Hallo,

  Welke outlook gebruik, die in office zit?

  Voer zoek.exe nog even uit.

 • frits.l@home.nl

  MS Outlook 2010 ja en die zit in office

 • Ben

  Hallo,

  Zou je het volgende willen doen wat Jos H aangaf:

  Frits, en dan je profiel wijzigen zodat je mailadres niet meer zichtbaar is.

  Mailadres op een open forum is vragen om nog meer ellende.

  En voer nu zoek.exe uit.

 • Jos H

  Profiel wijzigen doe je door op de blauwe balk boven dit bericht op mijn profiel te klikken en kies voor wijzigen .voer een naam in die iedereen mag lezen i.p.v je mailadres. Opslaan

 • fazantje

  Omdat er geen reactie meer volgt wordt dit topic gesloten.

  Wilt U Uw topic als nog weer openen, stuur dan een prive bericht naar Ben of Huib (fazantje).

  Zij zullen dan het “slotje” er van af halen en het topic is weer geopend.

  Het AV team.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.