Logfile of random's system information tool 1.09 (written by random/random) Run by Silverwing at 2013-10-23 11:33:23 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 30 GB (39%) free of 76 GB Total RAM: 4095 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:33:30, on 23/10/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\Silverwing.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.mg1.mail.yahoo.com/dc/launch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1885161628-3878894116-3605217538-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1885161628-3878894116-3605217538-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Cobian Backup 11 Volume Shadow Copy Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9042 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe" "taskhost.exe" "C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe" C:\Windows\Explorer.EXE C:\Windows\SysWOW64\srvany.exe "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" \??\C:\Windows\system32\conhost.exe "846859521563606614-1095859680-1560843163-50696466943633275209494298-1319944729 "C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe" "C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 1956 "C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:1852 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice "C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "H:\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\Silverwing\AppData\Roaming\Mozilla\Firefox\Profiles\dgxhhpxj.default prefs.js - "browser.search.useDBForOrder" - true https://dub125.mail.live.com/default.aspx?id=64855&rru=inbox|http://www.hln.be/" prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi] "Description"=ZoneAlarm LTD Toolbar Api "Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf] "Description"= "Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF] "Description"=NitroPDF Web Browser Plugin "Path"=C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@zylom.com/ZylomGamesPlayer] "Description"=Zylom Games Player 1.00 "Path"=C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect] "Description"= "Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect] "Description"= "Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll C:\Users\Silverwing\AppData\Roaming\Mozilla\Firefox\Profiles\dgxhhpxj.default\extensions\ en-US@dictionaries.addons.mozilla.org ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-03-09 6669000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-09-26 336952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-08-13 506632] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-09-26 277560] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-08-13 441608] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-12-21 6326448] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] ""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-09-04 844656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe [2012-09-20 444904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2013-03-27 1098072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-09-04 844656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-09-04 1564528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-09-04 311152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Silverwing^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk] C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-03-09 6669000] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-10-23 11:33:23 ----D---- C:\rsit 2013-10-21 20:38:16 ----A---- C:\Windows\ntbtlog.txt 2013-10-21 20:23:09 ----D---- C:\ProgramData\Oracle 2013-10-21 20:23:05 ----A---- C:\Windows\SYSWOW64\javaws.exe 2013-10-21 20:23:01 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2013-10-21 20:23:01 ----A---- C:\Windows\SYSWOW64\javaw.exe 2013-10-21 20:23:01 ----A---- C:\Windows\SYSWOW64\java.exe 2013-10-10 10:00:06 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-10-10 10:00:06 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-10-10 10:00:06 ----A---- C:\Windows\system32\drivers\usbohci.sys 2013-10-10 10:00:06 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-10-10 10:00:06 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-10-10 10:00:06 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-10-10 10:00:06 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-10-10 09:37:53 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-10-10 09:37:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-10-10 09:37:52 ----A---- C:\Windows\system32\ieui.dll 2013-10-10 09:37:51 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-10-10 09:37:51 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-10-10 09:37:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-10-10 09:37:51 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-10-10 09:37:51 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-10 09:37:51 ----A---- C:\Windows\system32\iesysprep.dll 2013-10-10 09:37:51 ----A---- C:\Windows\system32\iesetup.dll 2013-10-10 09:37:51 ----A---- C:\Windows\system32\iertutil.dll 2013-10-10 09:37:51 ----A---- C:\Windows\system32\iernonce.dll 2013-10-10 09:37:51 ----A---- C:\Windows\system32\ie4uinit.exe 2013-10-10 09:37:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-10-10 09:37:50 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-10-10 09:37:50 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-10 09:37:50 ----A---- C:\Windows\system32\jscript.dll 2013-10-10 09:37:49 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-10-10 09:37:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-10-10 09:37:49 ----A---- C:\Windows\system32\jscript9.dll 2013-10-10 09:37:48 ----A---- C:\Windows\system32\urlmon.dll 2013-10-10 09:37:47 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-10-10 09:37:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-10-10 09:37:47 ----A---- C:\Windows\system32\wininet.dll 2013-10-10 09:37:47 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-10 09:37:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-10-10 09:37:46 ----A---- C:\Windows\system32\ieframe.dll 2013-10-10 09:37:44 ----A---- C:\Windows\system32\mshtml.dll 2013-10-10 09:37:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-10-10 09:33:32 ----A---- C:\Windows\SYSWOW64\WebClnt.dll 2013-10-10 09:33:32 ----A---- C:\Windows\SYSWOW64\davclnt.dll 2013-10-10 09:33:32 ----A---- C:\Windows\system32\WebClnt.dll 2013-10-10 09:33:32 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-10 09:33:32 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2013-10-10 09:33:32 ----A---- C:\Windows\system32\davclnt.dll 2013-10-10 09:33:31 ----A---- C:\Windows\SYSWOW64\lpk.dll 2013-10-10 09:33:31 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2013-10-10 09:33:31 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2013-10-10 09:33:31 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-10 09:33:31 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-10 09:33:31 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-10 09:33:31 ----A---- C:\Windows\system32\lpk.dll 2013-10-10 09:33:31 ----A---- C:\Windows\system32\fontsub.dll 2013-10-10 09:33:31 ----A---- C:\Windows\system32\dciman32.dll 2013-10-10 09:33:31 ----A---- C:\Windows\system32\comctl32.dll 2013-10-10 09:33:31 ----A---- C:\Windows\system32\atmlib.dll 2013-10-10 09:33:31 ----A---- C:\Windows\system32\atmfd.dll 2013-10-10 09:33:30 ----A---- C:\Windows\system32\drivers\usbscan.sys 2013-10-10 09:33:30 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-10 09:33:30 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-10 09:33:30 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-10 09:33:29 ----A---- C:\Windows\SYSWOW64\tdh.dll 2013-10-10 09:33:29 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-10-10 09:33:29 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-10-10 09:33:29 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-10-10 09:33:29 ----A---- C:\Windows\SYSWOW64\advapi32.dll 2013-10-10 09:33:29 ----A---- C:\Windows\system32\tdh.dll 2013-10-10 09:33:29 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-10-10 09:33:29 ----A---- C:\Windows\system32\ntdll.dll 2013-10-10 09:33:29 ----A---- C:\Windows\system32\advapi32.dll 2013-10-10 09:33:28 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-10-10 09:33:28 ----A---- C:\Windows\SYSWOW64\user.exe 2013-10-10 09:33:28 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-10-10 09:33:28 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-10-10 09:33:28 ----A---- C:\Windows\SYSWOW64\mswsock.dll 2013-10-10 09:33:28 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-10-10 09:33:28 ----A---- C:\Windows\system32\wow64.dll 2013-10-10 09:33:28 ----A---- C:\Windows\system32\mswsock.dll 2013-10-10 09:33:28 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-10 09:33:28 ----A---- C:\Windows\system32\drivers\afd.sys 2013-10-10 09:33:26 ----A---- C:\Windows\system32\scavengeui.dll 2013-10-10 09:33:24 ----A---- C:\Windows\system32\win32k.sys 2013-10-10 09:33:23 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 09:33:23 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 09:32:56 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2013-10-06 13:41:31 ----D---- C:\Program Files (x86)\Gabest 2013-10-05 14:58:35 ----D---- C:\Users\Silverwing\AppData\Roaming\WinAVI 2013-10-01 16:01:03 ----D---- C:\Users\Silverwing\AppData\Roaming\vlc 2013-10-01 15:30:31 ----D---- C:\Users\Silverwing\AppData\Roaming\DVDVideoSoftIEHelpers 2013-10-01 15:30:11 ----D---- C:\Users\Silverwing\AppData\Roaming\DVDVideoSoft 2013-10-01 15:30:11 ----D---- C:\Program Files (x86)\DVDVideoSoft 2013-10-01 13:40:49 ----A---- C:\Windows\SYSWOW64\Partizan.exe 2013-10-01 13:23:45 ----D---- C:\Users\Silverwing\AppData\Roaming\SuperMP3Download 2013-10-01 13:23:45 ----D---- C:\ProgramData\SuperMP3Download 2013-10-01 13:20:47 ----D---- C:\Program Files (x86)\SuperMp3Download 2013-10-01 13:19:22 ----A---- C:\Windows\SYSWOW64\PARTIZAN.TXT 2013-10-01 13:16:43 ----A---- C:\Windows\system32\Partizan.exe 2013-10-01 13:09:53 ----A---- C:\Windows\SYSWOW64\drivers\Partizan.sys 2013-10-01 13:06:52 ----RASHOT---- C:\Windows\winstart.bat 2013-10-01 13:06:49 ----A---- C:\Windows\SYSWOW64\drivers\UnHackMeDrv.sys 2013-10-01 11:05:15 ----D---- C:\Program Files (x86)\Mozilla Firefox ======List of files/folders modified in the last 1 month====== 2013-10-23 11:33:28 ----D---- C:\Program Files\trend micro 2013-10-23 11:32:26 ----D---- C:\Windows\Temp 2013-10-23 10:10:12 ----D---- C:\Windows\System32 2013-10-23 10:10:12 ----D---- C:\Windows\inf 2013-10-23 10:10:12 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-23 10:06:00 ----D---- C:\ProgramData\NVIDIA 2013-10-23 09:22:38 ----D---- C:\Windows\system32\config 2013-10-23 09:19:32 ----D---- C:\Windows 2013-10-22 17:37:39 ----D---- C:\Users\Silverwing\AppData\Roaming\Nitro PDF 2013-10-21 20:23:09 ----HD---- C:\ProgramData 2013-10-21 20:23:06 ----SHD---- C:\Windows\Installer 2013-10-21 20:23:05 ----D---- C:\Windows\SysWOW64 2013-10-21 20:23:01 ----D---- C:\Program Files (x86)\Java 2013-10-21 20:22:26 ----SHD---- C:\System Volume Information 2013-10-21 20:17:44 ----RD---- C:\Program Files (x86) 2013-10-21 19:57:22 ----D---- C:\Windows\Tasks 2013-10-21 19:57:22 ----D---- C:\Windows\system32\wfp 2013-10-21 19:57:21 ----D---- C:\Windows\system32\wbem 2013-10-21 19:55:32 ----D---- C:\Windows\SYSWOW64\drivers 2013-10-21 19:55:32 ----D---- C:\Windows\system32\DriverStore 2013-10-21 19:55:32 ----D---- C:\Windows\system32\drivers 2013-10-21 19:55:32 ----D---- C:\Windows\system32\catroot2 2013-10-21 19:55:31 ----D---- C:\Windows\AppCompat 2013-10-21 19:55:31 ----D---- C:\Users\Silverwing\AppData\Roaming\Winamp 2013-10-21 19:55:30 ----D---- C:\Windows\registration 2013-10-21 19:55:19 ----D---- C:\ProgramData\VSO 2013-10-21 13:41:02 ----D---- C:\Windows\Panther 2013-10-21 13:41:01 ----D---- C:\Windows\debug 2013-10-10 10:50:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-10-10 10:38:30 ----D---- C:\Windows\rescache 2013-10-10 10:08:35 ----D---- C:\Windows\Microsoft.NET 2013-10-10 10:07:55 ----RSD---- C:\Windows\assembly 2013-10-10 10:02:39 ----D---- C:\Windows\winsxs 2013-10-10 09:59:58 ----D---- C:\Windows\system32\catroot 2013-10-10 09:49:00 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-10 09:48:59 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-10 09:47:57 ----D---- C:\Windows\AppPatch 2013-10-10 09:47:57 ----D---- C:\Program Files\Internet Explorer 2013-10-10 09:47:57 ----D---- C:\Program Files (x86)\Internet Explorer 2013-10-10 09:41:53 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2013-10-10 09:41:14 ----D---- C:\ProgramData\Microsoft Help 2013-10-10 09:40:36 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2013-10-10 09:40:28 ----D---- C:\temp 2013-10-10 09:35:48 ----D---- C:\Windows\system32\MRT 2013-10-10 09:34:22 ----A---- C:\Windows\system32\MRT.exe 2013-10-10 09:34:06 ----D---- C:\Windows\system32\nl-NL 2013-10-10 09:34:06 ----D---- C:\Windows\system32\en-US 2013-10-05 14:49:29 ----D---- C:\Program Files (x86)\WinAVI 2013-10-01 16:00:18 ----D---- C:\Program Files (x86)\VideoLAN 2013-10-01 13:40:50 ----D---- C:\Windows\system32\Tasks 2013-10-01 13:19:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-30 20:37:10 ----AD---- C:\ProgramData\TEMP 2013-09-30 13:18:04 ----RD---- C:\Program Files 2013-09-24 16:41:24 ----D---- C:\Users\Silverwing\AppData\Roaming\Mipony 2013-09-24 08:21:45 ----SHD---- C:\$RECYCLE.BIN ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amd_xata;amd_xata; C:\Windows\system32\drivers\amd_xata.sys [2012-04-11 42624] R0 DC3410;DC3410; C:\Windows\system32\drivers\DC3410.sys [2011-05-02 48328] R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-12-21 57904] R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2012-06-29 26072] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888] R0 mv61xx;mv61xx; C:\Windows\system32\drivers\mv61xx.sys [2012-05-23 183144] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\drivers\SiWinAcc.sys [2007-10-03 22056] R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\drivers\SiRemFil.sys [2007-10-03 17448] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-12-21 213416] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-12-21 150616] R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-12-21 59440] R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-12-21 190232] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-08-27 4120464] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2010-03-29 64040] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-09-17 196384] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880] S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys [] S3 2310_00;2310_00; C:\Windows\system32\drivers\2310_00.sys [2009-06-12 170528] S3 272x_1x;272x_1x; C:\Windows\system32\drivers\272x_1x.sys [2012-04-24 612672] S3 274x_3x;274x_3x; C:\Windows\system32\drivers\274x_3x.sys [2012-04-24 240960] S3 ahcix64s;ahcix64s; C:\Windows\system32\drivers\ahcix64s.sys [2011-12-29 292136] S3 amd_sata;amd_sata; C:\Windows\system32\drivers\amd_sata.sys [2012-04-11 82560] S3 arcm_a64;arcm_a64; C:\Windows\system32\drivers\arcm_a64.sys [2009-11-09 52768] S3 asahci64;asahci64; C:\Windows\system32\drivers\asahci64.sys [2012-01-06 49760] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-09-05 552960] S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-09-05 80384] S3 cpuz135;cpuz135; \??\C:\Users\SILVER~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [] S3 DC133;DC133; C:\Windows\system32\drivers\DC133.sys [2011-05-02 39320] S3 DC150;DC150; C:\Windows\system32\drivers\DC150.sys [2011-05-02 39832] S3 DC154;DC154; C:\Windows\system32\drivers\DC154.sys [2011-05-02 48136] S3 DC300e;DC300e; C:\Windows\system32\drivers\DC300e.sys [2011-05-02 40344] S3 DC324e;DC324e; C:\Windows\system32\drivers\DC324e.sys [2011-05-02 49752] S3 DC4300;DC4300; C:\Windows\system32\drivers\DC4300.sys [2011-05-02 48360] S3 DC600e;DC600e; C:\Windows\system32\drivers\DC600e.sys [2011-05-02 40744] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-21 103448] S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-03-20 37344] S3 hptiop;hptiop; C:\Windows\system32\drivers\hptiop.sys [2009-05-25 17440] S3 hptmv;hptmv; C:\Windows\system32\drivers\hptmv.sys [2006-09-18 93472] S3 hptmv6;hptmv6; C:\Windows\system32\drivers\hptmv6.sys [2007-11-01 152096] S3 iaStor;iaStor; C:\Windows\system32\drivers\iaStor.sys [2011-10-17 559384] S3 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2012-06-21 578008] S3 iaStorS;iaStorS; C:\Windows\system32\drivers\iaStorS.sys [2012-06-29 651224] S3 iteatapi;iteatapi; C:\Windows\system32\drivers\iteatapi.sys [2008-05-14 38680] S3 iteraid;iteraid; C:\Windows\system32\drivers\iteraid.sys [2007-05-02 32768] S3 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2011-05-19 120920] S3 megasas2;megasas2; C:\Windows\system32\drivers\megasas2.sys [2012-02-28 51496] S3 megasr1;megasr1; C:\Windows\system32\drivers\MegaSR1.sys [2009-04-16 461320] S3 mv91cons;mv91cons; C:\Windows\system32\drivers\mv91cons.sys [2012-02-23 27440] S3 mvs91xx;mvs91xx; C:\Windows\system32\drivers\mvs91xx.sys [2012-02-23 317744] S3 nvrd64;nvrd64; C:\Windows\system32\drivers\nvrd64.sys [2010-04-09 175720] S3 nvstor64;nvstor64; C:\Windows\system32\drivers\nvstor64.sys [2010-04-09 244328] S3 Pnp680;Pnp680; C:\Windows\system32\drivers\pnp680.sys [2007-11-13 80424] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 rr172x;rr172x; C:\Windows\system32\drivers\rr172x.sys [2007-11-01 124448] S3 rr174x;rr174x; C:\Windows\system32\drivers\rr174x.sys [2007-11-01 159264] S3 rr2210;rr2210; C:\Windows\system32\drivers\rr2210.sys [2007-11-01 153632] S3 rr232x;rr232x; C:\Windows\system32\drivers\rr232x.sys [2008-05-05 152096] S3 rr2340;rr2340; C:\Windows\system32\drivers\rr2340.sys [2009-12-31 162400] S3 rr2522;rr2522; C:\Windows\system32\drivers\rr2522.sys [2009-12-31 168032] S3 rr276x;rr276x; C:\Windows\system32\drivers\rr276x.sys [2012-04-24 241472] S3 rr278x;rr278x; C:\Windows\system32\drivers\rr278x.sys [2012-04-24 240960] S3 rr62x;rr62x; C:\Windows\system32\drivers\rr62x.sys [2010-06-16 156256] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656] S3 SI3112r;SI3112r; C:\Windows\system32\drivers\SI3112r.sys [2007-02-01 164656] S3 SI3114;SI3114; C:\Windows\system32\drivers\SI3114.sys [2006-11-10 99120] S3 SI3114r;SI3114r; C:\Windows\system32\drivers\SI3114R.sys [2007-04-11 163632] S3 SI3124;SI3124; C:\Windows\system32\drivers\SI3124.sys [2006-11-02 113456] S3 Si3124r5;Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [2006-09-20 334640] S3 SI3132;SI3132; C:\Windows\system32\drivers\SI3132.sys [2007-10-03 90664] S3 Si3531;Si3531; C:\Windows\system32\drivers\Si3531.sys [2009-02-09 333864] S3 speccy;speccy; \??\C:\Users\SILVER~1\AppData\Local\Temp\93512d70-cc07-43ad-a662-6f1a8ccb06c0 [] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-21 203672] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960] S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248] S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viamrx64;viamrx64; C:\Windows\system32\drivers\viamrx64.sys [2010-12-02 161904] S3 videX64;videX64; C:\Windows\system32\drivers\videX64.sys [2010-02-11 15000] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760] S3 vmci;vmci; C:\Windows\system32\drivers\vmci.sys [2012-01-17 116336] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [2013-03-07 67584] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-12-21 1333424] R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-27 185688] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-03-25 230408] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-17 1364256] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-10-08 2365792] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856] S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 50921648] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-01 118680] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] -----------------EOF-----------------