Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
jevoo
Logfile of random's system information tool 1.09 (written by random/random)
Run by Eigenaar at 2014-01-12 15:18:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 847 GB (89%) free of 954 GB
Total RAM: 1789 MB (19% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:18:29, on 12-1-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16750)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\spotify.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Alcatel\SpeedTouch USB\dragdiag.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Eigenaar\AppData\Local\Temp\~nsu.tmp\Au_.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Eigenaar.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: NetAssistantBHO Class - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files (x86)\Freeze.com\NetAssistant\NetAssistant.dll
R3 - URLSearchHook: (no name) - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - (no file)
O1 - Hosts: 54.225.95.126 achhmapmjlcjlomcbmbicbgkihghgnie
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll (file missing)
O2 - BHO: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file)
O2 - BHO: IE BHO Utility - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL (file missing)
O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files (x86)\Freeze.com\NetAssistant\NetAssistant.dll
O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll (file missing)
O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll (file missing)
O3 - Toolbar: (no name) - {0DFC36E8-EAE8-484F-A89C-F565849A210F} - (no file)
O4 - HKLM\..\Run: “C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Alcatel\SpeedTouch USB\Dragdiag.exe” /icon
O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Winamp\winampa.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe /Debug
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe
O4 - HKCU\..\Run: C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: “C:\Users\Eigenaar\AppData\Local\Facebook\Update\FacebookUpdate.exe” /c /nocrashserver
O4 - HKCU\..\Run: “C:\Users\Eigenaar\AppData\Roaming\Spotify\Spotify.exe” /uri spotify:autostart
O4 - HKCU\..\Run: “C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: “C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe” /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra ‘Tools’ menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Mummys Gold Flash Casino - {b4838b4d-a75d-4396-b388-8a6724d11ba9} - https://mummysgold.gameassists.co.uk/MUMMYSGOLD/Default.aspx?BTAG=O%3a2144304957A%3a1004116457V%3a731391906&TrackingGUID=f4cf962e-ded0-4b63-959f-ae302482279c?BTAG=O:2144304957A:1004116457V:731391906&TrackingGUID=f4cf962e-ded0-4b63-959f-ae302482279c (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET-statusservice (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GfKLSPService - GfK - C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 14700 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”
“C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe”
“C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe”
“C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe”
“C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe”
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe”
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe”
“C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe”
C:\Windows\SysWOW64\IoctlSvc.exe
“C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe”
C:\Windows\system32\svchost.exe -k imgsvc
“C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”
“C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe”
WLIDSvcM.exe 1144
“C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE”
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“C:\Windows\System32\WUDFHost.exe” -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-23ed0aae-cc3f-4dd7-840a-e5a7d1110956 -SystemEventPortName:HostProcess-3a8a68f2-d2dd-42c5-acbe-62f9dd17c287 -IoCancelEventPortName:HostProcess-de7f6fb6-dd39-46ae-b2c0-664317371d28 -NonStateChangingEventPortName:HostProcess-54d15357-bd7a-4c05-b0b0-a2b15f4f4254 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:255a4bfa-4783-42a1-8065-563af3ccaf41 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
“taskhost.exe”
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe” /starttray
“C:\Windows\system32\Dwm.exe”
C:\Windows\Explorer.EXE
taskeng.exe {91454091-E1FF-4859-A228-B7196396DC7D}
“C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe” /hide /waitservice
“C:\Windows\WindowsMobile\wmdc.exe”
“C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe” -autorun
“C:\Windows\System32\hkcmd.exe”
“C:\Windows\System32\igfxpers.exe”
“C:\Users\Eigenaar\AppData\Roaming\Spotify\spotify.exe” /uri spotify:autostart
“C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
“C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe” Run
“C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe” /MINIMIZED
“C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe”
“C:\Program Files (x86)\Alcatel\SpeedTouch USB\dragdiag.exe” /icon
“C:\Program Files (x86)\iTunes\iTunesHelper.exe”
“C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe” /Debug
“C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe” -quickstart
“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
“C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe”
“C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe” “-quickstart” “-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program”
“C:\Program Files\iPod\bin\iPodService.exe”
“C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe” –type=renderer –js-flags=–harmony-proxies –no-sandbox –lang=en-US –lang=en-US –log-severity=disable –disable-accelerated-2d-canvas –channel=“4080.0.524266504\361159704” /prefetch:673131151
“C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe” –type=renderer –js-flags=–harmony-proxies –no-sandbox –lang=en-US –lang=en-US –log-severity=disable –disable-accelerated-2d-canvas –channel=“4080.1.2070728416\3582613” /prefetch:673131151
“C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe” –type=renderer –js-flags=–harmony-proxies –no-sandbox –lang=en-US –lang=en-US –log-severity=disable –disable-accelerated-2d-canvas –channel=“4080.2.639096462\1202137745” /prefetch:673131151
“C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe” –type=renderer –js-flags=–harmony-proxies –no-sandbox –lang=en-US –lang=en-US –log-severity=disable –disable-accelerated-2d-canvas –channel=“4080.3.1373687364\1402672182” /prefetch:673131151
“C:\Program Files (x86)\Registry Dr\RegistryDr.exe” true
“C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyHelper.exe” –type=gpu-process –channel=“4080.4.179573876\1145982056” –no-sandbox –lang=en-US –log-severity=disable –supports-dual-gpus=false –gpu-driver-bug-workarounds=0,9,19 –gpu-vendor-id=0x8086 –gpu-device-id=0x2e32 –gpu-driver-vendor=“Intel Corporation” –gpu-driver-version=8.15.10.2302 –lang=en-US –log-severity=disable /prefetch:822062411
C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe {0798FFC3-1AE5-48B6-BDD1-B30810E18200}
C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}
“C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe”
“C:\Users\Eigenaar\AppData\Local\Temp\~nsu.tmp\Au_.exe” _?=C:\Users\Eigenaar\AppData\Local\Instant Savings App\
C:\Windows\system32\svchost.exe -k SDRSVC
“C:\Program Files (x86)\Internet Explorer\IELowutil.exe” -embedding
“C:\Program Files\Internet Explorer\iexplore.exe” http://www.nationzoom.com/?type=sc&ts=1389521867&from=amt&uid=WDCXWD10EARS-00Y5B1_WD-WCAV5E96477164771
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:2464 CREDAT:267521 /prefetch:2
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:2464 CREDAT:1971474 /prefetch:2
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe -Embedding
“C:\Windows\system32\RunDll32.exe” “C:\Windows\system32\WerConCpl.dll”, LaunchErcApp -queuereporting
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:2464 CREDAT:529742 /prefetch:2
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”
“C:\Users\Eigenaar\Downloads\RSITx64.exe”
“C:\Windows\system32\SearchFilterHost.exe” 0 520 524 532 65536 528
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3692924274-1164822798-617781585-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3692924274-1164822798-617781585-1000UA.job
C:\Windows\tasks\FinalTorrent Update Checker.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\l6imisps.default
prefs.js - “browser.startup.homepage” - “http://www.nationzoom.com/?type=hp&ts=1389521867&from=amt&uid=WDCXWD10EARS-00Y5B1_WD-WCAV5E96477164771”
“Description”=Adobe® Flash® Player 11.9.900.170 Plugin
“Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
“Description”=Adobe Shockwave Player
“Path”=C:\Windows\system32\Adobe\Director\np32dsw.dll
“Description”=
“Path”=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
“Description”=
“Path”=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
“Description”=Google Earth in your browser
“Path”=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
“Description”=Java™ Deployment Toolkit
“Path”=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
“Description”=Oracle® Next Generation Java™ Plug-In
“Path”=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
“Description”=McAfee Mss Plugin
“Path”=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll
“Description”=
“Path”=C:\Windows\system32\Wat\npWatWeb.dll
“Description”=Ag Player Plugin
“Path”=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
“Description”=Microsoft SharePoint Plug-in for Firefox
“Path”=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
“Description”=
“Path”=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
“Description”=Adobe® Flash® Player 11.9.900.170 Plugin
“Path”=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
“Description”=
“Path”=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
“Description”=
“Path”=C:\Windows\system32\Wat\npWatWeb.dll
“Description”=Ag Player Plugin
“Path”=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
“Description”=
“Path”=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npPDFXCviewNPPlugin.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
fcmdSrch.xml
nationzoom.xml
======Registry dump======
Instant Savings App BHO - C:\Program Files (x86)\Instant Savings App\FrameworkBHO64.dll
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
Wincore Mediabar - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll
Fast Search by Surf Canyon - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
DataMngr - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL
MediaBar - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
NetAssistantBHO Class - C:\Program Files (x86)\Freeze.com\NetAssistant\NetAssistant.dll
{28387537-e3f9-4ed7-860c-11e69af4a8a0} - Wincore Mediabar - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - MediaBar - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll
{0DFC36E8-EAE8-484F-A89C-F565849A210F}
“egui”=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
“Windows Mobile Device Center”=C:\Windows\WindowsMobile\wmdc.exe
“fssui”=C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“Persistence”=C:\Windows\system32\igfxpers.exe
“HyvesDesktop.exe”=C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe
“MobileDocuments”=C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
“Facebook Update”=C:\Users\Eigenaar\AppData\Local\Facebook\Update\FacebookUpdate.exe
“Spotify”=C:\Users\Eigenaar\AppData\Roaming\Spotify\Spotify.exe
“Spotify Web Helper”=C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
“”=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
“uTorrent”=C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe
“NBKeyScan”=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
“SpeedTouch USB Diagnostics”=C:\Program Files (x86)\Alcatel\SpeedTouch USB\Dragdiag.exe
“AppleSyncNotifier”=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
“APSDaemon”=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
“WinampAgent”=C:\Program Files (x86)\Winamp\winampa.exe
“Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“iTunesHelper”=C:\Program Files (x86)\iTunes\iTunesHelper.exe
“QuickTime Task”=C:\Program Files (x86)\QuickTime\QTTask.exe
“GfK-WatchDog”=C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe
“SunJavaUpdateSched”=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
“KiesTrayAgent”=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
“mobilegeni daemon”=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2 .lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
OpenOffice.org 3.3 .lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
“AppInit_DLLs”=“ ”
C:\Windows\system32\igfxdev.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“SecurityProviders”=credssp.dll
“LogonHoursAction”=2
“DontDisplayLogonHoursWarnings”=1
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoDriveTypeAutoRun”=145
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“vidc.uyvy”=msyuv.dll
“vidc.yuy2”=msyuv.dll
“vidc.yvyu”=msyuv.dll
“vidc.iyuv”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“vidc.yvu9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2014-01-12 15:18:14 —-D—- C:\Program Files\trend micro
2014-01-12 15:18:13 —-D—- C:\rsit
2014-01-12 12:50:35 —-D—- C:\Users\Eigenaar\AppData\Roaming\Malwarebytes
2014-01-12 12:49:33 —-D—- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-12 12:25:02 —-D—- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-12 12:16:05 —-A—- C:\autoexec.bat
2014-01-12 12:15:19 —-D—- C:\Program Files\Enigma Software Group
2014-01-12 11:53:25 —-SHD—- C:\Config.Msi
2014-01-12 11:23:17 —-SHD—- C:\Windows\SYSWOW64\AI_RecycleBin
2014-01-12 11:22:37 —-D—- C:\Program Files (x86)\Registry Dr
2014-01-12 11:19:06 —-D—- C:\Program Files (x86)\Mobogenie
2014-01-12 11:18:43 —-D—- C:\ProgramData\IePluginService
2014-01-12 11:18:41 —-D—- C:\Program Files (x86)\SupTab
2014-01-12 11:18:33 —-D—- C:\ProgramData\WPM
2014-01-12 09:37:45 —-D—- C:\Program Files (x86)\Bench
2014-01-12 09:34:26 —-D—- C:\Users\Eigenaar\AppData\Roaming\uTorrent
2014-01-11 16:31:09 —-A—- C:\ScrubRetValFile.txt
2014-01-09 15:17:09 —-D—- C:\Program Files (x86)\InstantPhotoSketch
2013-12-20 15:09:50 —-D—- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-01-12 15:18:15 —-D—- C:\Windows\Temp
2014-01-12 15:18:14 —-RD—- C:\Program Files
2014-01-12 15:14:20 —-D—- C:\Program Files (x86)
2014-01-12 15:14:02 —-HD—- C:\ProgramData
2014-01-12 15:12:07 —-D—- C:\Users\Eigenaar\AppData\Roaming\Spotify
2014-01-12 15:08:10 —-D—- C:\Windows\system32\config
2014-01-12 14:48:32 —-D—- C:\Program Files (x86)\FunWebProducts
2014-01-12 14:48:12 —-D—- C:\Windows\system32\Tasks
2014-01-12 14:48:06 —-D—- C:\Windows\Tasks
2014-01-12 14:48:05 —-D—- C:\Users\Eigenaar\AppData\Roaming\Papevo
2014-01-12 12:49:34 —-D—- C:\Windows\system32\drivers
2014-01-12 12:36:50 —-D—- C:\Program Files (x86)\iMesh Applications
2014-01-12 12:32:40 —-SHD—- C:\Windows\Installer
2014-01-12 12:25:02 —-D—- C:\Windows
2014-01-12 12:14:56 —-D—- C:\Program Files (x86)\Common Files
2014-01-12 11:53:30 —-D—- C:\Windows\SysWOW64
2014-01-12 11:53:30 —-D—- C:\Windows\System32
2014-01-12 11:41:00 —-D—- C:\ProgramData\Tarma Installer
2014-01-12 11:39:10 —-D—- C:\Windows\Prefetch
2014-01-12 11:29:12 —-D—- C:\Program Files (x86)\Winamp
2014-01-12 09:38:04 —-D—- C:\Windows\SYSWOW64\GroupPolicy
2014-01-11 16:53:25 —-D—- C:\Users\Eigenaar\AppData\Roaming\SoftGrid Client
2014-01-11 14:34:52 —-SD—- C:\Users\Eigenaar\AppData\Roaming\Microsoft
2014-01-09 15:17:56 —-D—- C:\Windows\winsxs
2014-01-07 19:38:44 —-A—- C:\Windows\system32\PerfStringBackup.INI
2014-01-07 19:38:43 —-D—- C:\Windows\inf
2013-12-22 13:06:19 —-D—- C:\ProgramData\tmp
2013-12-21 13:55:59 —-D—- C:\Windows\system32\NDF
2013-12-21 05:54:41 —-D—- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 23:51:19 —-D—- C:\Windows\system32\catroot2
2013-12-16 17:54:12 —-D—- C:\Windows\system32\MRT
2013-12-16 00:49:39 —-A—- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys
R2 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys
S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\drivers\usb8023x.sys
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys
S3 usbbus;LGE CDMA Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys
S3 UsbDiag;LGE CDMA USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys
S3 USBModem;LGE CDMA USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
R2 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
R2 GfKLSPService;GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
S2 .EsetTrialReset;Eset Trial Reset; C:\Windows\system32\regedt32.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
—————–EOF—————–
