Logfile of random's system information tool 1.10 (written by random/random) Run by Maarten at 2015-01-15 19:31:16 Microsoft Windows 8.1 System drive C: has 54 GB (48%) free of 114 GB Total RAM: 8072 MB (72% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:31:25, on 15/01/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17416) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\WINDOWS\syswow64\wwahost.exe C:\Program Files (x86)\Roxio 2012\Roxio Burn\Roxio Burn.exe C:\Users\Maarten\AppData\Roaming\Telegram Desktop\Telegram.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Maarten.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKCU\..\Run: [DYMOQuickPrint] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe O23 - Service: Nero Update (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: RoxMediaDB13 - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12601 bytes ======Listing Processes====== wininit.exe winlogon.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS "dwm.exe" "C:\WINDOWS\system32\nvvsvc.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\WINDOWS\system32\nvvsvc.exe -session -first C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\igfxCUIService.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Bluetooth Suite\adminservice.exe" "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe" taskhostex.exe "C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe" "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe" "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe" "C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\diMaster.dll" /prefetch:1 C:\WINDOWS\Explorer.EXE "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\diMaster.dll" /prefetch:1 C:\WINDOWS\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe" /c /a /s UserSession "C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe" /c /a /s UserSession dashost.exe {36604bc5-6eaa-4580-bb06adebbab130c1} C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\SearchIndexer.exe /Embedding C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted igfxEM.exe igfxHK.exe igfxTray.exe "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe" C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\Program Files\Acer\Acer Launch Manager\LMTray.exe" "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files\Elantech\ETDTouch.exe" "C:\Program Files\Elantech\ETDCtrlHelper.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" "C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe" /autorun "C:\Dolby PCEE4\pcee4.exe" -autostart "C:\Program Files\Acer\Acer Power Management\ePowerTray.exe" "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" C:\WINDOWS\system32\igfxext.exe -Embedding C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding "C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe" "C:\WINDOWS\syswow64\wwahost.exe" -ServerName:App.wwa C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "c:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe" "C:\Program Files (x86)\Roxio 2012\Roxio Burn\Roxio Burn.exe" E: C:\WINDOWS\system32\wbem\WmiApSrv.exe "C:\Users\Maarten\AppData\Roaming\Telegram Desktop\Telegram.exe" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-34a269f7-7249-4e1c-9837-32e5dc5c77b9 -SystemEventPortName:HostProcess-6ed0ebe7-2531-4492-9544-adaeea2d01ae -IoCancelEventPortName:HostProcess-93a34d42-cc4f-4fd6-ac09-d75c16fe3eef -NonStateChangingEventPortName:HostProcess-0a01b488-98b4-4e08-ac0c-856f7478b63e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ea91a275-5b5d-4c3d-bb9a-97d758bc6246 -DeviceGroupId:WudfDefaultDevicePool "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3872 CREDAT:267521 /prefetch:2 "C:\WINDOWS\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3213485410-438365983-1047582419-100285_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3213485410-438365983-1047582419-100285 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3872 CREDAT:1447217 /prefetch:2 "C:\Users\Maarten\AppData\Local\Microsoft\Windows\INetCache\IE\B5O69487\RSITx64.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler =========Mozilla firefox========= ProfilePath - C:\Users\Maarten\AppData\Roaming\Mozilla\Firefox\Profiles\6tzobd51.default prefs.js - "browser.startup.homepage" - "about:home" prefs.js - "keyword.URL" - "http://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 16.0.0.257 Plugin "Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] "Description"=DivX VOD Helper Plug-in "Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0] "Description"=DivX Web Player "Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@dymo.com/DymoLabelFramework] "Description"=DYMO Label Framework Plugin "Path"=C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] "Description"=This plugin updates Intel WebAPI component "Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App V2 Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 16.0.0.257 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] "Description"=DivX VOD Helper Plug-in "Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll C:\Users\Maarten\AppData\Roaming\Mozilla\Firefox\Profiles\6tzobd51.default\searchplugins\ Google.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}] CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25 66688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}] Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll [2014-07-31 916320] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-07-23 392336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-14 460712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-14 172968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720] {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll [2014-07-31 916320] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-01-13 2890056] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-03-18 13427784] "RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-03-08 1278024] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-10-03 457616] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DYMOQuickPrint"=C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [2014-03-20 1867056] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-09-05 958576] "RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe [2011-07-13 293360] "ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2010-05-21 324976] "CPMonitor"=C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe [2011-07-08 84464] "Desktop Disc Tool"=C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe [2011-06-12 506352] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208] "DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2013-12-23 450560] "DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-11-15 1861968] "BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2012-09-25 1163264] "ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712] C:\Users\Maarten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\system32\nvinitx.dll" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLinkedConnections"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave4"=wdmaud.drv "mixer4"=wdmaud.drv "midi4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-01-15 19:31:16 ----D---- C:\rsit 2015-01-14 17:56:49 ----A---- C:\WINDOWS\system32\profsvc.dll 2015-01-14 17:56:48 ----A---- C:\WINDOWS\system32\TSWbPrxy.exe 2015-01-14 17:56:47 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys 2015-01-14 17:56:47 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys 2015-01-14 17:56:46 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll 2015-01-14 17:56:46 ----A---- C:\WINDOWS\system32\nlasvc.dll 2015-01-14 17:56:46 ----A---- C:\WINDOWS\system32\nlaapi.dll 2015-01-14 17:56:46 ----A---- C:\WINDOWS\system32\ncsi.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe 2015-01-14 17:56:45 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe 2015-01-14 17:56:45 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe 2015-01-14 17:56:45 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\SYSWOW64\wer.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\wermgr.exe 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\WerFault.exe 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\wer.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\Faultrep.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\EncDump.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\ci.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\audiosrv.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\AudioSes.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\AudioEng.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-01-14 17:56:45 ----A---- C:\WINDOWS\system32\audiodg.exe 2015-01-13 13:00:14 ----D---- C:\Program Files\Speccy 2015-01-04 16:00:14 ----D---- C:\Users\Maarten\AppData\Roaming\Apowersoft 2015-01-04 16:00:14 ----A---- C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys 2015-01-03 01:18:15 ----D---- C:\ProgramData\YTD Video Downloader 2014-12-29 20:46:50 ----D---- C:\Users\Maarten\AppData\Roaming\DVD Flick 2014-12-29 20:44:55 ----D---- C:\Program Files (x86)\DVD Flick 2014-12-29 17:30:15 ----A---- C:\WINDOWS\SYSWOW64\ssubtmr6.dll ======List of files/folders modified in the last 1 month====== 2015-01-15 19:31:24 ----D---- C:\Program Files\trend micro 2015-01-15 19:31:18 ----D---- C:\WINDOWS\Prefetch 2015-01-15 19:02:00 ----D---- C:\WINDOWS\system32\sru 2015-01-15 19:00:25 ----D---- C:\Users\Maarten\AppData\Roaming\vlc 2015-01-15 17:51:48 ----D---- C:\WINDOWS\Temp 2015-01-15 15:32:12 ----RD---- C:\WINDOWS\System32 2015-01-15 15:32:12 ----D---- C:\WINDOWS\Inf 2015-01-15 15:32:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2015-01-15 14:05:38 ----HD---- C:\Program Files\WindowsApps 2015-01-15 14:01:08 ----D---- C:\WINDOWS\AppReadiness 2015-01-15 13:55:49 ----D---- C:\WINDOWS\system32\MRT 2015-01-15 13:55:45 ----A---- C:\WINDOWS\system32\MRT.exe 2015-01-14 23:28:44 ----SHD---- C:\System Volume Information 2015-01-14 19:55:43 ----D---- C:\WINDOWS\system32\config 2015-01-14 19:45:16 ----D---- C:\WINDOWS\WinSxS 2015-01-14 19:44:31 ----D---- C:\WINDOWS\SysWOW64 2015-01-14 19:44:31 ----D---- C:\WINDOWS\system32\drivers 2015-01-14 19:44:31 ----D---- C:\WINDOWS\system32\CodeIntegrity 2015-01-14 17:56:29 ----D---- C:\Windows 2015-01-14 17:56:28 ----D---- C:\WINDOWS\CbsTemp 2015-01-13 21:02:59 ----D---- C:\WINDOWS\Microsoft.NET 2015-01-13 18:39:36 ----D---- C:\Program Files (x86)\Internet Explorer 2015-01-13 16:06:32 ----RD---- C:\Program Files (x86) 2015-01-13 16:04:48 ----D---- C:\Program Files\Elantech 2015-01-13 16:04:21 ----D---- C:\WINDOWS\system32\DriverStore 2015-01-13 16:04:21 ----D---- C:\WINDOWS\system32\catroot 2015-01-13 13:00:14 ----RD---- C:\Program Files 2015-01-10 03:46:38 ----D---- C:\Users\Maarten\AppData\Roaming\dvdcss 2015-01-08 17:15:29 ----D---- C:\Users\Maarten\AppData\Roaming\Telegram Desktop 2015-01-07 18:46:46 ----D---- C:\Users\Maarten\AppData\Roaming\Audacity 2015-01-07 01:00:12 ----D---- C:\WINDOWS\system32\FxsTmp 2015-01-06 01:08:45 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe 2015-01-04 16:00:19 ----RSD---- C:\WINDOWS\assembly 2015-01-03 14:54:35 ----D---- C:\WINDOWS\SoftwareDistribution 2015-01-03 01:18:15 ----HD---- C:\ProgramData 2015-01-03 01:10:09 ----D---- C:\Program Files (x86)\NCH Software 2015-01-03 01:10:08 ----D---- C:\Users\Maarten\AppData\Roaming\NCH Software 2015-01-03 01:10:08 ----A---- C:\Users\Maarten\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2015-01-03 01:10:08 ----A---- C:\Users\Maarten\AppData\Roaming\trace_FilterInstaller.txt 2015-01-03 01:04:30 ----DC---- C:\WINDOWS\Panther 2015-01-03 01:04:30 ----D---- C:\WINDOWS\debug 2014-12-30 00:22:41 ----D---- C:\WINDOWS\system32\NDF 2014-12-29 21:40:09 ----A---- C:\Users\Maarten\AppData\Roaming\trace_FilterInstaller.1.txt 2014-12-29 17:50:40 ----D---- C:\Users\Maarten\AppData\Roaming\Roxio 2014-12-29 17:43:26 ----SHD---- C:\WINDOWS\Installer 2014-12-29 17:43:26 ----HD---- C:\Config.Msi 2014-12-16 15:44:43 ----D---- C:\WINDOWS\system32\catroot2 2014-12-16 14:47:42 ----D---- C:\WINDOWS\twain_32 2014-12-16 09:45:10 ----SHD---- C:\$Recycle.Bin ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-01-31 652784] R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-09-05 30496] R0 PxHlpa64;PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [2011-05-24 55952] R0 Sahdad64;HDD Filter Driver; C:\WINDOWS\System32\Drivers\Sahdad64.sys [2011-02-09 27120] R0 Saibad64;Volume Filter Driver; C:\WINDOWS\System32\Drivers\Saibad64.sys [2011-02-09 19952] R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360x64\1506000.020\SYMDS64.SYS [2013-09-10 493656] R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360x64\1506000.020\SYMEFA64.SYS [2014-03-04 1148120] R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [2015-01-06 1622744] R1 ccSet_N360;N360 Settings Manager; C:\WINDOWS\system32\drivers\N360x64\1506000.020\ccSetx64.sys [2013-09-26 162392] R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\WINDOWS\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [2013-09-27 162392] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-11 487216] R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150114.001\IDSvia64.sys [2015-01-14 668888] R1 SaibVdAd64;Virtual Disk Driver; C:\WINDOWS\System32\Drivers\SaibVdAd64.sys [2011-02-09 27632] R1 SRTSP;Symantec Real Time Storage Protection x64; C:\WINDOWS\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [2014-08-26 876248] R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\WINDOWS\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [2014-08-26 37592] R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360x64\1506000.020\Ironx64.SYS [2014-08-06 266968] R1 SymNetS;Symantec Network Security WFP Driver; C:\WINDOWS\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [2014-02-18 593112] R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256] R3 BTATH_HCRP;@oem13.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-01-25 179432] R3 BTATH_RCP;@oem17.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-01-25 136424] R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-24 118272] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-09-24 81920] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 142640] R3 ETD;@oem1.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-01-13 370504] R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-10-03 4753336] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-03-19 3363016] R3 iwdbus;@oem43.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-09-19 27000] R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984] R3 LMDriver;@oem34.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2013-01-10 21360] R3 MEIx64;@oem4.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-23 64624] R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150114.038\ENG64.SYS [2014-12-09 129752] R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150114.038\EX64.SYS [2014-12-09 2137304] R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-09-05 11273504] R3 RadioShim;@oem34.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2013-01-10 15704] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2014-09-24 167424] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-08-05 177752] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224] S0 SymELAM;Symantec ELAM Driver; C:\WINDOWS\system32\drivers\N360x64\1506000.020\SymELAM.sys [2013-09-10 23568] S3 Apowersoft_AudioDevice;@oem45.inf,%DriverFile%;Apowersoft_AudioDevice; C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys [2014-04-09 31920] S3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-01-25 89168] S3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-01-25 346192] S3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-01-25 115280] S3 BTATH_LWFLT;@oem22.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-01-25 77464] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-09-24 1200640] S3 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [2012-05-26 168608] S3 dot4;@oem20.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-09-25 151968] S3 Dot4Print;@oem21.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-09-25 27040] S3 dot4usb;@oem20.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-09-25 49056] S3 intaud_WaveExtensible;@oem42.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-09-19 38264] S3 IntcDAud;@oem36.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-03-27 442368] S3 RSPCIESTOR;@oem3.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2013-03-14 353864] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-02-09 457200] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640] R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456] R2 Bonjour Service;Bonjour-service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376] R2 BOT4Service;BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-07-15 21488] R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-02-27 2615368] R2 DymoPnpService;DYMO PnP Service; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2014-03-20 33072] R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-10-03 329104] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-30 167736] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-30 364856] R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2013-06-18 431656] R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [2014-09-21 265040] R2 NAUpdate;Nero Update; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432] R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [2014-07-31 130104] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-08-29 920864] R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968] R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-03-15 662088] R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-12 116648] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768] S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768] S2 RoxWatch12;Roxio Hard Drive Watcher 12; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-07-13 340976] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13 267440] S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-10-03 279952] S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2013-05-01 470056] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-12 116648] S3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2013-08-22 31552] S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408] S3 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2013-01-28 4230016] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 RoxMediaDB13;RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-07-13 1095664] -----------------EOF-----------------