ik heb hier een laptop van een vriendin en die heeft wat problemen hiermee. Het icoontje van google chrome ziet er gek uit.
Word documenten opslaan lukt niet. krijg steeds de melding er is onvoldoende geheugen maar er is voldoende ruimte op de harde schijf.
Afbeeldingen van internet kunnen niet opgeslagen worden dan krijg je de melding C:/Windows/system32/config/systemprofile/Desktop verwijst naar een locatie die niet toegankelijk is.
Hieronder heb ik de logjes
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 12-5-2014
Scan Time: 20:24:24
Logfile: mbamlog.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.05.12.06
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Rochelle
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 287312
Time Elapsed: 18 min, 8 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 16
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , ,
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , ,
PUP.Optional.MixiDJToolbar.A, HKLM\SOFTWARE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, , ,
PUP.Optional.MixiDJToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, , ,
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , ,
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , ,
PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, , ,
PUP.Optional.SoftwareUpdater.A, HKLM\SOFTWARE\WOW6432NODE\SOFTWAREUPDATER, , ,
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, , ,
PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, , ,
PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, , ,
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , ,
PUP.Optional.DataMngr.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, , ,
PUP.Optional.DataMngr.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, , ,
PUP.Optional.Babylon.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , ,
PUP.Optional.SweetIM.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.BAK-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, , ,
Registry Values: 3
PUP.Optional.SoftwareUpdater.A, HKLM\SOFTWARE\WOW6432NODE\SOFTWAREUPDATER|partner_keyword, ALLFILEWINCOM, ,
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 11111111, ,
PUP.Optional.SweetIM.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, 11111111, ,
Registry Data: 1
PUP.Optional.StartPage, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=786E4C72B90DBB2B&affID=121136&tsp=4960, Good: (http://www.google.com), Bad: (http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=786E4C72B90DBB2B&affID=121136&tsp=4960),,
Folders: 3
PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater, , ,
PUP.Optional.PutLocker.A, C:\Program Files (x86)\PutLockerDownloader, , ,
PUP.Optional.PutLockerDownloader.A, C:\Program Files (x86)\PutLockerDownloader.com, , ,
Files: 11
Trojan.ELEX, C:\Users\Rochelle\Downloads\yet_another_cleaner.exe, , ,
PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\KeyGen.dll, , ,
PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe, , ,
PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe.config, , ,
PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\config.xml, , ,
PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\Interop.Shell32.dll, , ,
PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\translations.xml, , ,
PUP.Optional.BrowserDefender.A, C:\Users\Rochelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage, , ,
PUP.Optional.PutLocker.A, C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx, , ,
PUP.Optional.PutLockerDownloader.A, C:\Program Files (x86)\PutLockerDownloader.com\PTLextsetup.exe, , ,
PUP.Optional.PutLockerDownloader.A, C:\Program Files (x86)\PutLockerDownloader.com\PutLockerDownloader.exe, , ,
Physical Sectors: 0
(No malicious items detected)
(end)
Logfile of random's system information tool 1.09 (written by random/random)
Run by Rochelle at 2014-05-12 20:33:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 130 GB (65%) free of 200 GB
Total RAM: 5980 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:33:46, on 12-5-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Rochelle.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - (no file)
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\18.1.0.443\AVG Nation toolbar_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\18.1.0.443\AVG Nation toolbar_toolbar.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG\AVG2014\avgui.exe” /TRAYONLY
O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe” /s
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Nation toolbar\vprot.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\RunOnce: “C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe” “C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware”
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Spotify\Spotify.exe” /uri spotify:autostart
O4 - HKCU\..\Run: “C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Rochelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 9778 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=eac3a802-3c0c-4f6f-9338-195854b0f07b /coreSdkOptions=4382 /logConfFile=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\fb7e9671-0308-4809-b5ca-c83c54ef5914-1dc-oopp.tmp” /loggerName=AVG.RS.Core /binaryPath=“C:\Program Files (x86)\AVG\AVG2014\” /tempPath=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\” /logPath=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\”
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”
“C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe”
“C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe”
“C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe” /service
“C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe” /service
“C:\Program Files (x86)\Launch Manager\dsiwmis.exe”
“C:\Program Files (x86)\Launch Manager\LMutilps32.exe” –system-level-mutex=“Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}” –enable-wmi-window
C:\Windows\system32\svchost.exe -k imgsvc
“C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe”
“C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”
WLIDSvcM.exe 1284
“C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe” 72648 “C:\ProgramData\AVG Secure Search\Logger\logger.properties”
\??\C:\Windows\system32\conhost.exe "-1229512238-1289935368549670463631783624-1502201531-1258674192-1221229926-573990625
“C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe”
“C:\Program Files (x86)\AVG\AVG2014\avgemca.exe”
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“taskhost.exe”
“C:\Windows\system32\Dwm.exe”
C:\Windows\Explorer.EXE
“C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe”
“C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe”
C:\Windows\system32\SearchIndexer.exe /Embedding
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe”
“C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe”
“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”
“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –type=gpu-process –channel=“4032.0.348586318\1308466720” –disable-d3d11 –supports-dual-gpus=false –gpu-driver-bug-workarounds=0,1,5,14,28 –disable-accelerated-video-decode –gpu-vendor-id=0x8086 –gpu-device-id=0x0106 –gpu-driver-vendor=“Intel Corporation” –gpu-driver-version=8.15.10.2653 –ignored=“ –type=renderer ” /prefetch:822062411
“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –type=renderer –lang=nl –force-fieldtrials=“AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/PrePeriod_Hivemind_A3_Stable_R5/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/” –renderer-print-preview –enable-threaded-compositing –enable-delegated-renderer –enable-deadline-scheduling –disable-accelerated-video-decode –enable-software-compositing –channel=“4032.3.345481757\255951027” /prefetch:673131151
C:\Windows\system32\svchost.exe -k SDRSVC
“C:\Windows\system32\config\systemprofile\Desktop\RSITx64 (1).exe”
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4247244868-4280345956-1845474204-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4247244868-4280345956-1845474204-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Rochelle.job
======Registry dump======
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
AVG Nation toolbar - C:\Program Files (x86)\AVG Nation toolbar\18.1.0.443\AVG Nation toolbar_toolbar.dll
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Nation toolbar - C:\Program Files (x86)\AVG Nation toolbar\18.1.0.443\AVG Nation toolbar_toolbar.dll
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“Persistence”=C:\Windows\system32\igfxpers.exe
“*Restore”=C:\Windows\System32\rstrui.exe
“Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe
“Spotify”=C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Spotify\Spotify.exe
“Spotify Web Helper”=C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
“USB3MON”=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
“AVG_UI”=C:\Program Files (x86)\AVG\AVG2014\avgui.exe
“IAStorIcon”=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
“LManager”=C:\Program Files (x86)\Launch Manager\LManager.exe
“Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“YouCam Service”=C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
“vProt”=C:\Program Files (x86)\AVG Nation toolbar\vprot.exe
“SunJavaUpdateSched”=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
“Malwarebytes Anti-Malware (cleanup)”=C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
C:\Windows\system32\igfxdev.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=0
“ConsentPromptBehaviorUser”=3
“EnableLUA”=0
“EnableUIADesktopToggle”=0
“PromptOnSecureDesktop”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoDriveTypeAutoRun”=145
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
“MSVideo8”=VfWWDM32.dll
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 3 months======
2014-05-12 20:33:41 —-D—- C:\Program Files\trend micro
2014-05-12 20:33:40 —-D—- C:\rsit
2014-05-12 20:26:03 —-A—- C:\Windows\system32\drivers\wbelkjxi.sys
2014-05-12 20:04:57 —-A—- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-05-12 20:04:19 —-D—- C:\ProgramData\Malwarebytes
2014-05-12 20:04:19 —-D—- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-12 20:04:19 —-A—- C:\Windows\system32\drivers\mwac.sys
2014-05-12 20:04:19 —-A—- C:\Windows\system32\drivers\mbamchameleon.sys
2014-05-12 20:04:19 —-A—- C:\Windows\system32\drivers\mbam.sys
2014-05-06 20:54:12 —-SD—- C:\Windows\system32\CompatTel
2014-05-06 15:52:16 —-A—- C:\Windows\system32\aepdu.dll
2014-05-06 15:52:16 —-A—- C:\Windows\system32\aeinv.dll
2014-05-03 21:16:01 —-A—- C:\Windows\system32\mshtml.dll
2014-05-03 21:15:59 —-A—- C:\Windows\SYSWOW64\mshtml.dll
2014-04-28 18:38:26 —-D—- C:\ProgramData\AVG Secure Search
2014-04-18 18:10:28 —-D—- C:\ProgramData\Oracle
2014-04-18 18:10:16 —-A—- C:\Windows\SYSWOW64\javaws.exe
2014-04-18 18:10:11 —-A—- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-04-18 18:10:11 —-A—- C:\Windows\SYSWOW64\java.exe
2014-04-18 17:35:12 —-A—- C:\Windows\SYSWOW64\ieui.dll
2014-04-18 17:35:12 —-A—- C:\Windows\system32\ieui.dll
2014-04-18 17:35:08 —-A—- C:\Windows\SYSWOW64\vbscript.dll
2014-04-18 17:35:08 —-A—- C:\Windows\system32\vbscript.dll
2014-04-18 17:35:04 —-A—- C:\Windows\system32\iernonce.dll
2014-04-18 17:35:04 —-A—- C:\Windows\system32\ie4uinit.exe
2014-04-18 17:35:03 —-A—- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-18 17:35:03 —-A—- C:\Windows\system32\ieetwcollectorres.dll
2014-04-18 17:35:02 —-A—- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-18 17:35:02 —-A—- C:\Windows\system32\jscript9diag.dll
2014-04-18 17:35:02 —-A—- C:\Windows\system32\dxtrans.dll
2014-04-18 17:35:02 —-A—- C:\Windows\system32\dxtmsft.dll
2014-04-18 17:35:01 —-A—- C:\Windows\SYSWOW64\msrating.dll
2014-04-18 17:35:01 —-A—- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-18 17:35:01 —-A—- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-18 17:35:01 —-A—- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-18 17:35:01 —-A—- C:\Windows\system32\msrating.dll
2014-04-18 17:35:01 —-A—- C:\Windows\system32\msfeeds.dll
2014-04-18 17:35:01 —-A—- C:\Windows\system32\jsproxy.dll
2014-04-18 17:35:00 —-A—- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-18 17:35:00 —-A—- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-18 17:35:00 —-A—- C:\Windows\SYSWOW64\iesetup.dll
2014-04-18 17:35:00 —-A—- C:\Windows\SYSWOW64\iernonce.dll
2014-04-18 17:35:00 —-A—- C:\Windows\system32\ieUnatt.exe
2014-04-18 17:35:00 —-A—- C:\Windows\system32\iesetup.dll
2014-04-18 17:34:57 —-A—- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-18 17:34:57 —-A—- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-18 17:34:56 —-A—- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-18 17:34:56 —-A—- C:\Windows\system32\ieetwproxystub.dll
2014-04-18 17:34:56 —-A—- C:\Windows\system32\ieetwcollector.exe
2014-04-18 17:34:56 —-A—- C:\Windows\system32\ieapfltr.dll
2014-04-18 17:34:55 —-A—- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-18 17:34:54 —-A—- C:\Windows\SYSWOW64\wininet.dll
2014-04-18 17:34:54 —-A—- C:\Windows\SYSWOW64\urlmon.dll
2014-04-18 17:34:54 —-A—- C:\Windows\SYSWOW64\iertutil.dll
2014-04-18 17:34:54 —-A—- C:\Windows\system32\wininet.dll
2014-04-18 17:34:54 —-A—- C:\Windows\system32\urlmon.dll
2014-04-18 17:34:54 —-A—- C:\Windows\system32\iertutil.dll
2014-04-18 17:34:53 —-A—- C:\Windows\system32\ieframe.dll
2014-04-18 17:34:52 —-A—- C:\Windows\SYSWOW64\ieframe.dll
2014-04-18 17:34:51 —-A—- C:\Windows\system32\jscript9.dll
2014-04-18 17:34:50 —-A—- C:\Windows\SYSWOW64\jscript9.dll
2014-04-18 15:01:56 —-A—- C:\Windows\system32\drivers\avgidsdrivera.sys
2014-04-17 17:24:18 —-D—- C:\Windows\system32\config\systemprofile\AppData\Roaming\Adobe
2014-04-17 17:24:02 —-D—- C:\Windows\system32\config\systemprofile\AppData\Roaming\Identities
2014-04-10 18:00:38 —-A—- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-10 18:00:38 —-A—- C:\Windows\system32\iologmsg.dll
2014-04-10 18:00:38 —-A—- C:\Windows\system32\drivers\storport.sys
2014-04-10 18:00:38 —-A—- C:\Windows\system32\drivers\msiscsi.sys
2014-04-10 18:00:38 —-A—- C:\Windows\system32\drivers\Diskdump.sys
2014-04-10 18:00:36 —-A—- C:\Windows\SYSWOW64\setup16.exe
2014-04-10 18:00:36 —-A—- C:\Windows\SYSWOW64\kernel32.dll
2014-04-10 18:00:36 —-A—- C:\Windows\system32\wow64win.dll
2014-04-10 18:00:36 —-A—- C:\Windows\system32\wow64.dll
2014-04-10 18:00:36 —-A—- C:\Windows\system32\kernel32.dll
2014-04-10 18:00:35 —-A—- C:\Windows\SYSWOW64\wow32.dll
2014-04-10 18:00:35 —-A—- C:\Windows\SYSWOW64\user.exe
2014-04-10 18:00:35 —-A—- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-10 18:00:35 —-A—- C:\Windows\SYSWOW64\instnm.exe
2014-04-10 18:00:35 —-A—- C:\Windows\system32\wow64cpu.dll
2014-04-10 18:00:35 —-A—- C:\Windows\system32\ntvdm64.dll
2014-04-10 18:00:35 —-A—- C:\Windows\system32\drivers\ntfs.sys
2014-03-31 16:20:54 —-A—- C:\Windows\system32\drivers\avgtdia.sys
2014-03-31 16:06:26 —-A—- C:\Windows\system32\drivers\avgmfx64.sys
2014-03-27 22:14:26 —-A—- C:\Windows\system32\drivers\avgidsha.sys
2014-03-27 22:14:24 —-A—- C:\Windows\system32\drivers\avgdiska.sys
2014-03-27 22:07:10 —-A—- C:\Windows\system32\drivers\avgldx64.sys
2014-03-27 22:05:02 —-A—- C:\Windows\system32\drivers\avgloga.sys
2014-03-27 22:03:16 —-A—- C:\Windows\system32\drivers\avgrkx64.sys
2014-03-16 19:08:20 —-A—- C:\Windows\system32\wwansvc.dll
2014-03-16 19:08:20 —-A—- C:\Windows\system32\wer.dll
2014-03-16 19:08:19 —-A—- C:\Windows\SYSWOW64\wer.dll
2014-03-16 19:08:19 —-A—- C:\Windows\system32\win32k.sys
2014-03-16 19:07:38 —-A—- C:\Windows\SYSWOW64\qedit.dll
2014-03-16 19:07:38 —-A—- C:\Windows\system32\qedit.dll
2014-03-16 19:07:37 —-A—- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-16 19:07:37 —-A—- C:\Windows\system32\WindowsCodecs.dll
2014-02-27 04:13:38 —-D—- C:\Windows\Migration
======List of files/folders modified in the last 3 months======
2014-05-12 20:33:41 —-RD—- C:\Program Files
2014-05-12 20:26:44 —-D—- C:\Windows\Temp
2014-05-12 20:26:03 —-D—- C:\Windows\system32\drivers
2014-05-12 20:26:03 —-D—- C:\Windows\ehome
2014-05-12 20:26:02 —-RD—- C:\Program Files (x86)
2014-05-12 20:11:26 —-D—- C:\Windows\system32\config
2014-05-12 20:04:19 —-HD—- C:\ProgramData
2014-05-12 19:56:07 —-D—- C:\Windows\system32\wbem
2014-05-12 19:56:07 —-D—- C:\Windows
2014-05-12 19:54:36 —-D—- C:\Program Files (x86)\AVG Nation toolbar
2014-05-12 19:54:33 —-D—- C:\Program Files (x86)\Internet Explorer
2014-05-12 19:54:31 —-D—- C:\Program Files\Internet Explorer
2014-05-12 19:54:30 —-D—- C:\ProgramData\MFAData
2014-05-12 19:54:22 —-D—- C:\Windows\AppPatch
2014-05-12 19:54:18 —-D—- C:\Windows\inf
2014-05-12 19:54:17 —-SHD—- C:\Windows\Installer
2014-05-12 19:54:16 —-D—- C:\Windows\PolicyDefinitions
2014-05-12 19:54:15 —-D—- C:\Windows\SYSWOW64\cache
2014-05-12 19:54:15 —-D—- C:\Windows\system32\Tasks
2014-05-12 19:54:15 —-D—- C:\Windows\system32\nl-NL
2014-05-12 19:54:15 —-D—- C:\Windows\system32\en-US
2014-05-12 19:54:15 —-D—- C:\Windows\system32\DriverStore
2014-05-12 19:54:15 —-D—- C:\Windows\system32\CodeIntegrity
2014-05-12 19:54:15 —-D—- C:\Windows\system32\catroot2
2014-05-12 19:54:15 —-D—- C:\Windows\System32
2014-05-12 19:53:34 —-D—- C:\Windows\SYSWOW64\en-US
2014-05-12 19:53:34 —-D—- C:\Windows\SysWOW64
2014-05-12 19:53:33 —-D—- C:\Windows\winsxs
2014-05-12 19:53:33 —-D—- C:\Windows\Tasks
2014-05-12 19:53:33 —-D—- C:\Windows\SYSWOW64\nl-NL
2014-05-12 19:53:15 —-D—- C:\Windows\registration
2014-05-12 19:48:28 —-SHD—- C:\System Volume Information
2014-05-06 15:47:44 —-D—- C:\Windows\system32\catroot
2014-04-18 18:10:22 —-D—- C:\Program Files (x86)\Common Files
2014-04-18 18:10:11 —-D—- C:\Program Files (x86)\Java
2014-04-17 17:51:12 —-RD—- C:\Program Files (x86)\Skype
2014-04-17 17:24:11 —-SD—- C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft
2014-04-16 19:49:27 —-D—- C:\Users
2014-04-11 18:24:41 —-A—- C:\Windows\system32\PerfStringBackup.INI
2014-04-11 18:03:04 —-D—- C:\ProgramData\Microsoft Help
2014-04-11 18:02:10 —-D—- C:\Windows\system32\MRT
2014-04-11 18:00:12 —-A—- C:\Windows\system32\MRT.exe
2014-03-17 17:41:55 —-D—- C:\Program Files\Microsoft Silverlight
2014-03-17 17:41:53 —-D—- C:\Program Files (x86)\Microsoft Silverlight
2014-03-11 20:09:32 —-D—- C:\ProgramData\Skype
2014-03-06 22:31:32 —-D—- C:\Windows\system32\NDF
2014-03-02 17:37:01 —-D—- C:\Windows\Microsoft.NET
2014-03-02 14:24:08 —-A—- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-27 19:26:08 —-RSD—- C:\Windows\assembly
2014-02-27 04:13:38 —-SD—- C:\ProgramData\Microsoft
2014-02-26 18:07:55 —-D—- C:\Program Files (x86)\Electronic Arts
2014-02-26 18:07:49 —-HD—- C:\Program Files (x86)\InstallShield Installation Information
2014-02-24 17:34:04 —-HD—- C:\$AVG
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys
R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hcs.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys
R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3xhc.sys
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x64.sys
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys
R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys
S0 nkhwl;nkhwl; C:\Windows\System32\drivers\wbelkjxi.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys
S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
R2 vToolbarUpdater18.1.0;vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
—————–EOF—————–