Logfile of random's system information tool 1.10 (written by random/random) Run by Hubert at 2015-04-26 10:15:59 Microsoft Windows 8.1 Pro System drive C: has 76 GB (44%) free of 171 GB Total RAM: 8091 MB (68% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:16:02, on 26/04/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\Unchecky\bin\Unchecky_bg.exe C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\HDDC3Guard.exe C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files (x86)\ScanSoft\OmniPagePro12.0\opware12.exe C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe C:\Program Files (x86)\Generic\USB Card Reader Driver v2.3\FlashIcon.exe C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe C:\Program Files (x86)\Microsoft Encarta\Microsoft Encarta Naslagbibliotheek Winkler Prins\EDICT.EXE C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe C:\Users\Hubert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe C:\Program Files (x86)\TechSmith\Snagit 9\TSCHelp.exe C:\Program Files (x86)\TechSmith\Snagit 9\SnagPriv.exe C:\Program Files (x86)\TechSmith\Snagit 9\snagiteditor.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Microsoft Office 15\Root\Office15\ONENOTEM.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Hubert.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpage.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Opware12] "C:\Program Files (x86)\ScanSoft\OmniPagePro12.0\Opware12.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [BePCSC] C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe O4 - HKLM\..\Run: [FlashIcon] C:\Program Files (x86)\Generic\USB Card Reader Driver v2.3\FlashIcon.exe O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [Spotify Web Helper] "C:\Users\Hubert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto (User 'Default user') O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 2540 series.lnk = ? O4 - Startup: Outlook 2013.lnk = C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE O8 - Extra context menu item: Formulieren Invullen - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html O8 - Extra context menu item: Formulieren opslaan - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html O8 - Extra context menu item: Menu aanpassen - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files (x86)\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\DfSdkS64.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Ashampoo HDD Control 3 Service (HDDC3Service) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\HDDC3Service.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\WINDOWS\system32\IProsetMonitor.exe (file missing) O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: panda_url_filtering Service (panda_url_filtering) - Panda Security - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: SetupARService - Unknown owner - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18835 bytes ======Listing Processes====== wininit.exe winlogon.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe" "dwm.exe" "C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe" C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\igfxCUIService.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe" "C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe" "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service "C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\HDDC3Service.exe" dashost.exe {0bf665b9-bec1-4e22-a61e59cb286c4f77} "C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe" "C:\Program Files\Intel\iCLS Client\HeciServer.exe" C:\WINDOWS\system32\IProsetMonitor.exe "C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe" "C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe" "C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe" "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe" -- "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" "C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe" C:\WINDOWS\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5e6d41a4-ddd5-4eed-a128-a3618e88deb8 -SystemEventPortName:HostProcess-9f7712be-be2b-4122-bed1-7c118ee3ff21 -IoCancelEventPortName:HostProcess-f61ac9c1-ca96-4189-8bd5-ccfb902334d0 -NonStateChangingEventPortName:HostProcess-f40e085d-0f4d-4099-94d9-46420e7fd715 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9431e0ec-d6df-4ac7-b318-623f2e32da5c -DeviceGroupId:WpdFsGroup C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\WINDOWS\Explorer.EXE "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe" Service ClassicStartMenu.exe -startup igfxEM.exe igfxHK.exe igfxTray.exe "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe" C:\WINDOWS\system32\SearchIndexer.exe /Embedding C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} C:\Windows\System32\skydrive.exe -Embedding "C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe" /HotCorners taskhostex.exe "C:\Program Files (x86)\Unchecky\bin\Unchecky_bg.exe" -start "C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" "C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Logitech\LogiOptions\LogiOptions.exe" /noui "C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\HDDC3Guard.exe" -TRAY "C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe" --background "C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe" "C:\WINDOWS\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 2540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN4BA5F92Z0604;CONNECTION=USB;MONITOR=1; "C:\Program Files (x86)\ScanSoft\OmniPagePro12.0\opware12.exe" "C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe" "C:\Program Files (x86)\Generic\USB Card Reader Driver v2.3\FlashIcon.exe" "C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" "C:\Program Files (x86)\Microsoft Encarta\Microsoft Encarta Naslagbibliotheek Winkler Prins\EDICT.EXE" -m "C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide "C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe" /hide "C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe" /RunCurUs "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe" "C:\Users\Hubert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray "C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe" C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe" "C:\Program Files (x86)\TechSmith\Snagit 9\TSCHelp.exe" "C:\Program Files (x86)\TechSmith\Snagit 9\SnagPriv.exe" "C:\Program Files (x86)\TechSmith\Snagit 9\snagiteditor.exe" /X C:\WINDOWS\splwow64.exe 12288 "C:\Program Files (x86)\Skype\Phone\Skype.exe" /tsr C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\WmiApSrv.exe "C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5960 CREDAT:267521 /prefetch:2 "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5960 CREDAT:3282263 /prefetch:2 "F:\download internet\RSITx64.exe" ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\ASC8_SkipUac_Hubert.job - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe /SkipUac C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\HP Photo Creations Communicator.job - C:\Users\Hubert\AppData\Roaming\HP Photo Creations\Communicator.exe --auto C:\WINDOWS\tasks\SpyHunter4.job - C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe -scan C:\WINDOWS\tasks\{25B58333-ECCC-42B3-97EA-08A0547E10E8}.job - C:\Program Files (x86)\Panda Security\Panda Security Protection\JobLauncher.exe {25B58333-ECCC-42B3-97EA-08A0547E10E8} =========Mozilla firefox========= ProfilePath - C:\Users\Hubert\AppData\Roaming\Mozilla\Firefox\Profiles\r447g8gy.default prefs.js - "browser.startup.homepage" - "http://www.msn.com/?pc=AV01" prefs.js - "keyword.URL" - "http://www.bing.com/search" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 17.0.0.169 Plugin "Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] "Description"=This plugin updates Intel WebAPI component "Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.72.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.72.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0] "Description"=Microsoft Lync Plug-in for Firefox "Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 17.0.0.169 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Users\Hubert\AppData\Roaming\Mozilla\Firefox\Profiles\r447g8gy.default\extensions\ iobitascsurfingprotection@iobit.com C:\Users\Hubert\AppData\Roaming\Mozilla\Firefox\Profiles\r447g8gy.default\searchplugins\ bing-avast.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}] SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll [2009-04-17 82248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-24 219296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}] ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18 796352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-03-30 22959184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-04 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-24 2334928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16 1154720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18 483520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}] SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll [2009-04-17 68936] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-04-24 153760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}] ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18 674496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-03-30 19766352] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-05 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-04 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-24 1729752] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16 1432224] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-05 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18 437440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-03-30 22959184] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16 1154720] {553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18 796352] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-04 256456] {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-04-17 211272] {724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-03-30 19766352] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16 1432224] {553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18 674496] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-04 194504] {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10 115224] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 518960] "Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-01-18 161984] "CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-04-22 13874392] "LogiOptionsAppBroker"=C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2014-08-21 648984] "Ashampoo HDD Control 3 Guard"=C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\HDDC3Guard.exe [2014-11-17 3387240] "vspdfprsrv.exe"=C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe [2013-05-17 10019328] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928] "RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-03-30 110160] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "Opware12"=C:\Program Files (x86)\ScanSoft\OmniPagePro12.0\Opware12.exe [2002-08-01 49152] "Adobe Photo Downloader"=C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\apdproxy.exe [2005-09-16 57344] "BePCSC"=C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe [2005-11-07 45129] "FlashIcon"=C:\Program Files (x86)\Generic\USB Card Reader Driver v2.3\FlashIcon.exe [2004-07-13 49152] "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584] "AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-01-10 1104496] "LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-13 204136] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] "IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048] "Spotify Web Helper"=C:\Users\Hubert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-10-07 1514040] "TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-04-18 6398168] "PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2015-02-27 40184] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056] C:\Users\Hubert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Inktwaarschuwingen controleren - HP Deskjet 2540 series.lnk - C:\WINDOWS\system32\RunDll32.exe Outlook 2013.lnk - C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE Verzenden naar OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMPCHelper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tvnserver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLinkedConnections"=1 "SoftwareSASGeneration"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=91 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "VIDC.I420"=lvcod64.dll "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux3"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-04-26 08:28:14 ----A---- C:\WINDOWS\system32\drivers\PSKMAD.sys 2015-04-24 10:31:18 ----D---- C:\Program Files\Microsoft Office 15 2015-04-22 10:42:24 ----D---- C:\Program Files (x86)\ShowMyPCService 2015-04-22 10:26:13 ----A---- C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-04-22 10:09:21 ----A---- C:\WINDOWS\system32\drivers\TeeDriverx64.sys 2015-04-22 10:08:52 ----A---- C:\WINDOWS\system32\YamahaAE2.dll 2015-04-22 10:08:52 ----A---- C:\WINDOWS\system32\tossaemaxapo64.dll 2015-04-22 10:08:51 ----A---- C:\WINDOWS\SYSWOW64\SRCOM.dll 2015-04-22 10:08:51 ----A---- C:\WINDOWS\system32\SRRPTR64.dll 2015-04-22 10:08:51 ----A---- C:\WINDOWS\system32\SRCOM64.dll 2015-04-22 10:08:51 ----A---- C:\WINDOWS\system32\SRCOM.dll 2015-04-22 10:08:51 ----A---- C:\WINDOWS\system32\SRAPO64.dll 2015-04-22 10:08:51 ----A---- C:\WINDOWS\system32\sltech64.dll 2015-04-22 10:08:51 ----A---- C:\WINDOWS\system32\slprp64.dll 2015-04-22 10:08:51 ----A---- C:\WINDOWS\system32\slcnt64.dll 2015-04-22 10:08:51 ----A---- C:\WINDOWS\system32\sl3apo64.dll 2015-04-22 10:08:50 ----A---- C:\WINDOWS\SYSWOW64\SECOMN32.DLL 2015-04-22 10:08:50 ----A---- C:\WINDOWS\system32\SEHDRA64.dll 2015-04-22 10:08:50 ----A---- C:\WINDOWS\system32\SECOMN64.dll 2015-04-22 10:08:50 ----A---- C:\WINDOWS\system32\SEAPO64.dll 2015-04-22 10:08:50 ----A---- C:\WINDOWS\system32\RtPgEx64.dll 2015-04-22 10:08:50 ----A---- C:\WINDOWS\system32\RtkApi64.dll 2015-04-22 10:08:50 ----A---- C:\WINDOWS\system32\drivers\RTKVHD64.sys 2015-04-22 10:08:49 ----A---- C:\WINDOWS\SYSWOW64\RltkAPO.dll 2015-04-22 10:08:49 ----A---- C:\WINDOWS\system32\RtDataProc64.dll 2015-04-22 10:08:49 ----A---- C:\WINDOWS\system32\RTCOM64.dll 2015-04-22 10:08:49 ----A---- C:\WINDOWS\system32\RltkAPO64.dll 2015-04-22 10:08:49 ----A---- C:\WINDOWS\system32\RCoRes64.dat 2015-04-22 10:08:49 ----A---- C:\WINDOWS\system32\RCoInstII64.dll 2015-04-22 10:08:49 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT 2015-04-22 10:08:48 ----A---- C:\WINDOWS\system32\NAHIMICV2apo.dll 2015-04-22 10:08:47 ----A---- C:\WINDOWS\system32\MaxxVoiceAPO4064.dll 2015-04-22 10:08:47 ----A---- C:\WINDOWS\system32\MaxxVoiceAPO3064.dll 2015-04-22 10:08:47 ----A---- C:\WINDOWS\system32\MaxxAudioAPO7064.dll 2015-04-22 10:08:46 ----A---- C:\WINDOWS\system32\MaxxAudioAPO6064.dll 2015-04-22 10:08:46 ----A---- C:\WINDOWS\system32\ICEsoundAPO64.dll 2015-04-22 10:08:45 ----A---- C:\WINDOWS\system32\FMAPO64.dll 2015-04-22 10:08:44 ----A---- C:\WINDOWS\system32\DDPP64AF3.dll 2015-04-22 10:08:44 ----A---- C:\WINDOWS\system32\DDPP64A.dll 2015-04-22 10:08:44 ----A---- C:\WINDOWS\system32\DDPO64AF3.dll 2015-04-22 10:08:44 ----A---- C:\WINDOWS\system32\DDPO64A.dll 2015-04-22 10:08:44 ----A---- C:\WINDOWS\system32\DDPD64AF3.dll 2015-04-22 10:08:44 ----A---- C:\WINDOWS\system32\DDPD64A.dll 2015-04-22 10:08:44 ----A---- C:\WINDOWS\system32\DDPA64F3.dll 2015-04-22 10:08:44 ----A---- C:\WINDOWS\system32\DDPA64.dll 2015-04-22 10:08:44 ----A---- C:\WINDOWS\system32\CX64APO.dll 2015-04-22 10:08:34 ----D---- C:\Intel 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\IntelOpenCL32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\IntelCpHeciSvc.exe 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\iglhsip32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\iglhcp32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igfxexps32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igfxcmrt32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igfxcmjit32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igfx11cmrt32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igdusc32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igdumdim32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igdrcl32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igdmd32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igdfcl32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igdde32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igdbcl32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igdail32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\SYSWOW64\igd10iumd32.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiVAD64.exe 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiUtils64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiUMS64.exe 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiMux64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiMCUMD64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiLogServer64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelWiDiAAC64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\IntelOpenCL64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\iglhsip64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\iglhcp64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxTray.exe 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxOSP.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxLHMLibv2_0.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxLHMLib.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxLHM.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxHK.exe 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxext.exe 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxexps.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxEMLibv2_0.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxEMLib.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxEM.exe 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxDTCM.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxDILibv2_0.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxDILib.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxDI.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxDHLibv2_0.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxDHLib.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxDH.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxCUIServicePS.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxCUIService.exe 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxCoIn_v4176.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxcmrt64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfxcmjit64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igfx11cmrt64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igdusc64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igdumdim64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igdrcl64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igdmd64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igdfcl64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igdde64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igdbcl64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igdail64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\igd10iumd64.dll 2015-04-22 10:08:19 ----A---- C:\WINDOWS\system32\drivers\igdkmd64.sys 2015-04-22 10:08:18 ----A---- C:\WINDOWS\SYSWOW64\ig7icd32.dll 2015-04-22 10:08:18 ----A---- C:\WINDOWS\system32\ig7icd64.dll 2015-04-22 10:08:18 ----A---- C:\WINDOWS\system32\Gfxv4_0.exe 2015-04-22 10:08:18 ----A---- C:\WINDOWS\system32\Gfxv2_0.exe 2015-04-22 10:08:18 ----A---- C:\WINDOWS\system32\GfxUIEx.exe 2015-04-22 10:08:18 ----A---- C:\WINDOWS\system32\DPTopologyAppv2_0.exe 2015-04-22 10:08:18 ----A---- C:\WINDOWS\system32\DPTopologyApp.exe 2015-04-22 10:08:18 ----A---- C:\WINDOWS\system32\difx64.exe 2015-04-22 10:08:18 ----A---- C:\WINDOWS\system32\CustomModeAppv2_0.exe 2015-04-22 10:08:18 ----A---- C:\WINDOWS\system32\CustomModeApp.exe 2015-04-19 11:53:26 ----D---- C:\ProgramData\HP Photo Creations 2015-04-19 11:53:26 ----D---- C:\Program Files (x86)\HP Photo Creations 2015-04-19 10:09:10 ----D---- C:\Users\Hubert\AppData\Roaming\RegistryKeys 2015-04-18 12:07:16 ----D---- C:\ProgramData\Unchecky 2015-04-18 12:07:14 ----D---- C:\Program Files (x86)\Unchecky 2015-04-17 11:56:49 ----D---- C:\Users\Hubert\AppData\Roaming\HP Photo Creations 2015-04-17 11:49:59 ----N---- C:\WINDOWS\system32\HPDiscoPMC211.dll 2015-04-14 10:18:30 ----D---- C:\Users\Hubert\AppData\Roaming\HpUpdate 2015-04-08 10:36:40 ----D---- C:\Program Files (x86)\Hewlett-Packard 2015-04-06 10:41:47 ----A---- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys 2015-04-06 10:41:47 ----A---- C:\WINDOWS\system32\drivers\VBoxDrv.sys 2015-04-06 10:36:17 ----DC---- C:\WINDOWS\system32\DRVSTORE 2015-03-31 15:56:17 ----D---- C:\AdwCleaner 2015-03-30 10:41:02 ----D---- C:\Program Files (x86)\Remo Outlook Backup & Migrate 2015-03-30 10:19:17 ----A---- C:\WINDOWS\SYSWOW64\pstscannerx32.dll 2015-03-30 10:19:15 ----A---- C:\WINDOWS\SYSWOW64\pstscanner32.dll 2015-03-30 10:19:14 ----A---- C:\WINDOWS\system32\pstscannerx64.dll 2015-03-30 10:19:14 ----A---- C:\WINDOWS\system32\pstscanner64.dll 2015-03-30 10:19:13 ----D---- C:\Program Files\PST Scanner 2015-03-30 09:30:24 ----A---- C:\WINDOWS\system32\vsmon1.dll 2015-03-30 09:30:17 ----D---- C:\Users\Hubert\AppData\Roaming\Expert PDF 9 2015-03-30 09:30:17 ----D---- C:\ProgramData\Avanquest 2015-03-30 09:30:17 ----D---- C:\Program Files\Avanquest 2015-03-29 12:36:34 ----D---- C:\ProgramData\panda_url_filtering 2015-03-29 12:36:33 ----D---- C:\ProgramData\Panda Security URL Filtering 2015-03-29 12:35:58 ----D---- C:\Program Files (x86)\pandasecuritytb 2015-03-29 12:35:48 ----D---- C:\Users\Hubert\AppData\Roaming\Panda Security 2015-03-29 12:35:41 ----D---- C:\Program Files (x86)\Panda Security 2015-03-29 12:27:58 ----D---- C:\ProgramData\Panda Security 2015-03-29 12:21:08 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft 2015-03-29 12:16:47 ----D---- C:\Program Files (x86)\CoolUtils Outlook Viewer 2015-03-28 13:27:45 ----D---- C:\Users\Hubert\AppData\Roaming\{248F1BE4-252B-4B1E-9BD2-7D0DF3818792} 2015-03-28 13:21:55 ----D---- C:\Program Files (x86)\trend micro 2015-03-28 10:05:57 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys ======List of files/folders modified in the last 1 month====== 2015-04-26 10:16:01 ----D---- C:\Program Files\trend micro 2015-04-26 10:05:59 ----D---- C:\WINDOWS\Temp 2015-04-26 10:05:53 ----D---- C:\WINDOWS\Prefetch 2015-04-26 10:05:50 ----D---- C:\Windows 2015-04-26 10:00:00 ----D---- C:\WINDOWS\system32\sru 2015-04-26 09:52:58 ----D---- C:\Users\Hubert\AppData\Roaming\Skype 2015-04-26 09:51:47 ----D---- C:\WINDOWS\system32\catroot2 2015-04-26 09:26:00 ----SHD---- C:\WINDOWS\Installer 2015-04-26 09:25:58 ----RD---- C:\Program Files (x86)\Skype 2015-04-26 09:25:57 ----D---- C:\ProgramData\Skype 2015-04-26 08:54:34 ----SHD---- C:\System Volume Information 2015-04-26 08:45:23 ----D---- C:\WINDOWS\Microsoft.NET 2015-04-26 08:34:24 ----D---- C:\WINDOWS\System32 2015-04-26 08:34:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2015-04-26 08:28:14 ----D---- C:\WINDOWS\system32\drivers 2015-04-26 08:28:07 ----D---- C:\WINDOWS\debug 2015-04-25 12:07:31 ----D---- C:\WINDOWS\SoftwareDistribution 2015-04-25 11:53:30 ----D---- C:\WINDOWS\Inf 2015-04-25 11:45:08 ----RSD---- C:\WINDOWS\assembly 2015-04-25 10:25:16 ----D---- C:\ProgramData\ProductData 2015-04-24 10:46:15 ----D---- C:\ProgramData\regid.1991-06.com.microsoft 2015-04-24 10:46:13 ----D---- C:\ProgramData\Microsoft Help 2015-04-24 10:35:32 ----D---- C:\Program Files (x86)\Microsoft Office 2015-04-24 10:31:18 ----D---- C:\Program Files 2015-04-23 16:24:41 ----HD---- C:\Program Files\WindowsApps 2015-04-23 16:24:41 ----D---- C:\WINDOWS\AppReadiness 2015-04-22 10:52:41 ----D---- C:\WINDOWS\Logs 2015-04-22 10:42:24 ----RD---- C:\Program Files (x86) 2015-04-22 10:25:30 ----D---- C:\WINDOWS\SysWOW64 2015-04-22 10:23:47 ----D---- C:\WINDOWS\system32\catroot 2015-04-22 10:09:35 ----D---- C:\WINDOWS\system32\DriverStore 2015-04-22 10:09:04 ----D---- C:\WINDOWS\LastGood 2015-04-22 10:09:02 ----D---- C:\WINDOWS\SYSWOW64\RTCOM 2015-04-22 10:01:00 ----D---- C:\WINDOWS\system32\Tasks 2015-04-21 11:51:32 ----D---- C:\Users\Hubert\AppData\Roaming\Audacity 2015-04-21 10:43:37 ----SD---- C:\ProgramData\Microsoft 2015-04-21 09:56:26 ----D---- C:\Users\Hubert\AppData\Roaming\ClassicShell 2015-04-20 11:08:46 ----AD---- C:\ProgramData\TEMP 2015-04-19 11:53:26 ----HD---- C:\ProgramData 2015-04-18 11:38:59 ----D---- C:\WINDOWS\Tasks 2015-04-18 11:38:58 ----D---- C:\Program Files (x86)\Common Files 2015-04-18 11:31:32 ----D---- C:\Program Files\Recuva 2015-04-17 11:56:58 ----D---- C:\Users\Hubert\AppData\Roaming\Visan 2015-04-17 11:49:28 ----D---- C:\WINDOWS\twain_32 2015-04-17 11:49:28 ----D---- C:\Program Files (x86)\HP 2015-04-17 11:32:17 ----D---- C:\ProgramData\HP 2015-04-16 17:03:57 ----D---- C:\ProgramData\ClassicShell 2015-04-15 11:31:29 ----D---- C:\WINDOWS\system32\MRT 2015-04-15 11:28:55 ----A---- C:\WINDOWS\system32\MRT.exe 2015-04-15 11:27:55 ----A---- C:\WINDOWS\win.ini 2015-04-14 10:59:17 ----RSD---- C:\WINDOWS\Fonts 2015-04-11 11:28:57 ----D---- C:\WINDOWS\system32\NDF 2015-04-08 10:35:52 ----D---- C:\Program Files\HP 2015-04-05 11:12:44 ----D---- C:\Users\Hubert\AppData\Roaming\Replay Video Capture 7 2015-03-30 12:33:30 ----D---- C:\Program Files (x86)\IObit 2015-03-30 12:10:56 ----D---- C:\Users\Hubert\AppData\Roaming\IObit 2015-03-30 12:01:25 ----D---- C:\ProgramData\IObit 2015-03-29 12:23:37 ----D---- C:\ProgramData\AVAST Software 2015-03-28 11:48:14 ----D---- C:\Users\Hubert\AppData\Roaming\Spotify 2015-03-27 17:29:14 ----D---- C:\Program Files\Speccy 2015-03-27 17:25:13 ----D---- C:\Program Files\CCleaner ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2014-07-14 108832] R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2014-10-28 21184] R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2014-07-14 233760] R0 tib;Acronis TIB Manager; C:\WINDOWS\system32\DRIVERS\tib.sys [2014-07-14 1120032] R0 tib_mounter;Acronis TIB Mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [2014-07-14 183224] R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-14 26528] R1 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys [2014-11-21 93400] R1 NNSALPC;NNSAlpc; C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys [2015-02-09 93968] R1 NNSHTTP;NNSHttp; C:\WINDOWS\system32\DRIVERS\NNSHttp.sys [2015-02-09 202000] R1 NNSHTTPS;NNSHttps; C:\WINDOWS\system32\DRIVERS\NNSHttps.sys [2015-02-09 110864] R1 NNSIDS;NNSids; C:\WINDOWS\system32\DRIVERS\NNSIds.sys [2015-02-09 116496] R1 NNSNAHSL;@oem9.inf,%NNSNAHSL_Desc%;Network Activity Hook Server LightWeight Filter Driver; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [2014-12-31 49936] R1 NNSPICC;NNSPicc; C:\WINDOWS\system32\DRIVERS\NNSPicc.sys [2015-02-09 99600] R1 NNSPIHSW;NNSPihsw; C:\WINDOWS\system32\DRIVERS\NNSPihsw.sys [2015-02-09 69904] R1 NNSPOP3;NNSPop3; C:\WINDOWS\system32\DRIVERS\NNSPop3.sys [2015-02-09 124176] R1 NNSPROT;NNSProt; C:\WINDOWS\system32\DRIVERS\NNSProt.sys [2015-02-09 299792] R1 NNSPRV;NNSPrv; C:\WINDOWS\system32\DRIVERS\NNSPrv.sys [2015-02-09 166160] R1 NNSSMTP;NNSSmtp; C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys [2015-02-09 113424] R1 NNSSTRM;NNSStrm; C:\WINDOWS\system32\DRIVERS\NNSStrm.sys [2015-02-09 257296] R1 NNSTLSC;NNSTlsc; C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys [2015-02-09 106256] R1 PSINKNC;PSINKnc; C:\WINDOWS\system32\DRIVERS\psinknc.sys [2015-02-25 197392] R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2012-09-20 258848] R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2014-05-05 231376] R2 PSINAflt;PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [2015-02-25 163088] R2 PSINFile;PSINFile; C:\WINDOWS\system32\DRIVERS\PSINFile.sys [2015-02-25 121616] R2 PSINProc;PSINProc; C:\WINDOWS\system32\DRIVERS\PSINProc.sys [2015-02-25 124176] R2 PSINProt;PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [2015-02-25 133904] R2 PSINReg;PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [2015-02-25 107792] R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [2013-04-18 11576] R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2014-07-14 367200] R3 athur;@oem17.inf,%ATHR.Service.DispName%;Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athurx.sys [2010-01-05 1847296] R3 e1cexpress;@oem77.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c64x64.sys [2014-12-28 468752] R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-09-09 15920] R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-04-22 3787704] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-04-22 4425816] R3 IntcDAud;@oem62.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-11-05 454416] R3 iwdbus;@oem15.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-11-04 27032] R3 LVRS64;@oem63.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs64.sys [2012-10-26 351520] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-11-21 25816] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-04-26 129752] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-11-21 64216] R3 MEIx64;@oem44.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2015-04-22 129312] R3 panda_url_filteringd;panda_url_filteringd driver; \??\C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [2014-03-19 51288] R3 PSKMAD;PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [2015-01-29 61712] R3 SBFWIMCLMP;@oem39.inf,%SBFWIMCLMP_Desc%;GFI Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\SBFWIM.sys [2012-09-12 120064] R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Stuurprogramma voor seriële digitale fotocamera; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776] S0 ifubqt;ifubqt; C:\WINDOWS\System32\drivers\aaaskc.sys [] S3 ACSSCR;@oem37.inf,%ACS.ACR38.DevDesc%;ACR38 Smart Card Reader; C:\WINDOWS\system32\DRIVERS\a38usb.sys [2013-11-07 62592] S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Stuurprogramma I voor Intel(R) PRO/1000 PCI Express-netwerkverbinding; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288] S3 EfiInvoker;Efi Invoker Service; \??\C:\Windows\SysWOW64\Drivers\invoker64.sys [2013-12-04 13080] S3 intaud_WaveExtensible;@oem14.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-11-04 38296] S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848] S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 31800] S3 RtlWlanu;@netrtwlanu.inf,%RtlWlanu.DeviceDesc.DispName%;Realtek draadloze LAN 802.11n USB 2.0-netwerkadapter; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [2013-07-31 1975000] S3 SBFWIMCL;@oem38.inf,%SBFWIMCLService_Desc%;GFI Software Firewall NDIS IM Filter Service; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2012-09-12 120064] S3 sbhips;sbhips; C:\WINDOWS\system32\drivers\sbhips.sys [2012-09-20 61216] S3 sbwtis;sbwtis; C:\WINDOWS\system32\DRIVERS\sbwtis.sys [2012-09-20 86816] S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2014-07-14 1462560] S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048] S4 RsFx0105;RsFx0105 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0105.sys [2011-09-22 311144] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144144] R2 AdobeActiveFileMonitor4.0;Adobe Active File Monitor V4; C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [2005-10-03 102400] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2014-11-04 815392] R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-07-14 3791864] R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-03-18 2719928] R2 HDDC3Service;Ashampoo HDD Control 3 Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\HDDC3Service.exe [2014-11-17 322920] R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840] R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-04-22 319080] R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160] R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [2013-11-01 241416] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-04-29 154584] R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-01-16 2724128] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-04-29 398296] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016] R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2014-07-12 58387104] R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-02-27 142584] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208] R2 panda_url_filtering;panda_url_filtering Service; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [2014-09-19 296760] R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-09 66808] R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-02-27 38136] R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200] R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752] R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928] R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2015-03-28 1026432] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2011-09-22 154984] R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2015-01-05 1056544] R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-03-26 7090600] R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe [2013-12-16 247968] R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe [2013-12-16 193696] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-23 116648] S2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768] S2 SetupARService;SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [2014-07-15 10752] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464] S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-04-22 280680] S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3\DfSdkS64.exe [2009-08-24 544768] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-23 116648] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-23 194032] S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752] S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-04-11 119408] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-03-31 150600] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2014-07-12 441504] S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2011-09-22 255336] -----------------EOF-----------------