Logfile of random's system information tool 1.10 (written by random/random) Run by Pïerre at 2015-07-14 18:39:24 Microsoft Windows 8.1 System drive C: has 162 GB (68%) free of 238 GB Total RAM: 16327 MB (89% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:39:28, on 14/07/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17840) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\VIA_XHCI\usb3Monitor.exe C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Pïerre.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1436890039 O4 - Global Startup: Killer Network Manager.lnk = ? O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Bricsys\BricsCAD V13\BrxProtIE.dll O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10699 bytes ======Listing Processes====== wininit.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "C:\Windows\system32\nvvsvc.exe" "dwm.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\System32\spoolsv.exe taskhostex.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service C:\Windows\System32\svchost.exe -k utcsvc dashost.exe {b76708d5-d419-4369-aa144755ed214f1f} "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe" "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" "C:\Program Files (x86)\Online Games Manager\ogmservice.exe" --service-run "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" "C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 473b75e4-e6ce-4674-b00e-3fe4bf96bed5 1 "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe 0x4 \??\C:\Windows\system32\conhost.exe 0x4 "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2c46ed17-629a-473e-b504-7c3aefacb534 -SystemEventPortName:HostProcess-457371d8-9763-4bd4-91af-9a6d1c8dec1f -IoCancelEventPortName:HostProcess-aeebd8ef-a4e9-4873-87bc-aca6ff18e4fc -NonStateChangingEventPortName:HostProcess-fba07be1-48b3-4d38-a8a5-7801839e49eb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a51fe9ad-dcec-44c6-ad7b-c1375c6a5e69 -DeviceGroupId:WpdFsGroup ngservice.exe pipeserver "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Windows\System32\rundll32.exe" C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 "C:\VIA_XHCI\usb3Monitor.exe" "C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe" -minimize "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r "C:\Windows\system32\GWX\GWX.exe" "C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" taskhost.exe $(Arg0) "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=12&ct=1432577679&rver=6.4.6456.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1043&id=64855&mkt=nl-nl&cbcxt=mai "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6084.0.1903480778\1935440149" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44,53 --gpu-vendor-id=0x10de --gpu-device-id=0x1380 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.5012 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_81/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6084 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6084.1.326002754\1869052863" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6084.4.1353393631\2061369990" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568 "C:\Users\Pïerre\Downloads\RSITx64.exe" ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1EF09B1C-018B-48E2-A8D4-9A1BF085395B}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19 219304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-15 551848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-17 662672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28 2334936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-15 212904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-15 460712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-17 565304] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-15 172968] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-12-06 7506136] "MBCfg64"=C:\Windows\system32\MBCfg64.dll [2013-08-29 40576] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-04-09 2673296] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-04-09 1570672] "VIAxHCUtl"=C:\VIA_XHCI\usb3Monitor.exe [2012-07-04 331776] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392] "Corel Update Helper"=c:\Program Files\Corel\Corel PaintShop Pro X7 (64-bit)\pua.exe [2015-05-19 2004312] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeBridge"= [] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Adobe Speed Launcher"=1436890039 [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Sound Blaster Cinema"=C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [2013-08-16 711680] "UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112] "Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2013-11-12 1047536] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 335232] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-03 1021128] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-11 5515496] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312] "Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-10-31 2072928] "Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2013-12-27 570880] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Killer Network Manager.lnk - C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "SoftwareSASGeneration"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] ""= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.yuy2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "vidc.yvyu"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "vidc.uyvy"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .scr - open - C:\Windows\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 month====== 2015-07-14 18:39:24 ----D---- C:\rsit 2015-07-13 23:58:26 ----D---- C:\Program Files (x86)\ESET 2015-06-30 00:44:37 ----D---- C:\ProgramData\Trymedia 2015-06-25 01:25:04 ----A---- C:\Windows\ntbtlog.txt 2015-06-25 01:21:41 ----D---- C:\zoek_backup 2015-06-25 01:16:35 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2015-06-25 01:16:27 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-06-25 01:03:16 ----D---- C:\ProgramData\4e15dd4500005979 2015-06-25 00:52:39 ----D---- C:\Users\Pïerre\AppData\Roaming\LightningDownloader 2015-06-25 00:50:57 ----D---- C:\Program Files (x86)\Highlight to Search 2015-06-25 00:50:27 ----D---- C:\Program Files (x86)\CutThePriiCE 2015-06-25 00:49:17 ----D---- C:\ProgramData\{88a8caa9-2779-5be2-88a8-8caa92772aa4} ======List of files/folders modified in the last 1 month====== 2015-07-14 18:39:28 ----D---- C:\Program Files\trend micro 2015-07-14 18:22:01 ----D---- C:\Windows\Temp 2015-07-14 18:13:58 ----RD---- C:\Windows\System32 2015-07-14 18:13:58 ----D---- C:\Windows\Inf 2015-07-14 18:13:58 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-07-14 18:07:00 ----D---- C:\ProgramData\NVIDIA 2015-07-14 13:26:03 ----HD---- C:\Program Files\WindowsApps 2015-07-14 09:57:20 ----D---- C:\Windows\AppReadiness 2015-07-14 09:43:07 ----D---- C:\Windows\system32\config 2015-07-14 09:39:29 ----D---- C:\Windows\Prefetch 2015-07-14 09:37:53 ----D---- C:\Windows\Microsoft.NET 2015-07-13 23:58:26 ----RD---- C:\Program Files (x86) 2015-07-11 14:59:16 ----D---- C:\Windows\system32\catroot2 2015-07-09 10:46:14 ----D---- C:\Windows\WinSxS 2015-07-09 10:46:14 ----D---- C:\Windows\SysWOW64 2015-07-09 10:46:14 ----D---- C:\Windows\CbsTemp 2015-07-09 10:46:10 ----SHD---- C:\System Volume Information 2015-07-06 23:24:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-06-30 00:44:37 ----HD---- C:\ProgramData 2015-06-27 06:50:50 ----D---- C:\Windows\system32\drivers 2015-06-25 07:05:49 ----D---- C:\Windows\debug 2015-06-25 01:50:27 ----D---- C:\Windows\system32\NDF 2015-06-25 01:25:07 ----D---- C:\Windows 2015-06-25 01:25:03 ----D---- C:\Windows\SoftwareDistribution 2015-06-25 01:16:29 ----D---- C:\Users\Pïerre\AppData\Roaming\Malwarebytes 2015-06-25 01:16:28 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2015-06-25 01:06:29 ----D---- C:\Users\Pïerre\AppData\Roaming\uTorrent 2015-06-25 00:55:41 ----D---- C:\Windows\Tasks 2015-06-25 00:55:41 ----D---- C:\Windows\system32\Tasks 2015-06-25 00:52:54 ----SD---- C:\Users\Pïerre\AppData\Roaming\Microsoft 2015-06-25 00:50:57 ----D---- C:\ProgramData\14900317688443960907 2015-06-24 06:41:30 ----SHD---- C:\Windows\Installer 2015-06-24 06:41:14 ----RSD---- C:\Windows\assembly 2015-06-24 06:41:12 ----D---- C:\ProgramData\regid.1991-06.com.microsoft 2015-06-24 06:40:38 ----D---- C:\Program Files\Microsoft Office 15 2015-06-23 20:40:13 ----D---- C:\Program Files (x86)\Corel 2015-06-21 09:08:50 ----D---- C:\Windows\system32\sru 2015-06-17 07:21:28 ----D---- C:\Windows\system32\DriverStore ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 asstor64;asstor64; C:\Windows\System32\drivers\asstor64.sys [2013-11-25 82232] R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-05-02 65736] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-05-02 272248] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-05-02 93528] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-05-02 1047320] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-26 442264] R1 BfLwf;@oem6.inf,%BfLwf_Desc%;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bwcW8x64.sys [2013-11-08 80592] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2015-01-15 71680] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-05-02 29168] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-05-02 89944] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-05-02 137288] R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-05-02 273824] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-10 3771352] R3 Ke2200;@oem5.inf,%L1C.Service.DispName%;NDIS Miniport Driver for the Killer e2200 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\e22w8x64.sys [2013-03-20 163536] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816] R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344] R3 MEIx64;@oem13.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288] R3 NVHDA;@oem18.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-20 195728] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-04-09 10423952] R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-04-09 19600] R3 nvvad_WaveExtensible;@oem20.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-09 38032] R3 NVVADARM;@oem16.inf,%NVVADARM.SvcDesc%;NVIDIA Miracast Audio; C:\Windows\system32\drivers\nvvadarm.sys [2015-04-09 39056] R3 VUSB3HUB;@oem21.inf,%VUSB3HUB.SVCDESC%;VIA USB 3 Root Hub Service; C:\Windows\System32\drivers\ViaHub3.sys [2012-07-04 204800] S3 A38CCID;@oem30.inf,%ACS.ACSCCID.DevDesc%;CCID USB Smart Card Reader; C:\Windows\system32\DRIVERS\a38ccid.sys [2014-11-13 62976] S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 64216] S3 netr7364;@netr7364.inf,%General.Service.DispName%;Stuurprogramma voor RT73 USB Extensible draadloze LAN-kaart; C:\Windows\system32\DRIVERS\netr7364.sys [2013-06-18 729152] S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2014-11-21 44544] S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2013-08-22 78848] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088] R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-02 343336] R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-05-19 2739888] R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792] R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-04-09 1152144] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616] R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-09-09 161776] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-04-09 1878672] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-04-09 22995600] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-04-08 936264] R2 ogmservice;Online Games Manager; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2014-03-27 581568] R2 PSI_SVC_2;Corel License Validation Service V2, Powered by arvato; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2014-04-30 277360] R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-04-30 337776] R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2014-01-22 344576] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-04-08 410952] R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-03-30 5448464] R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-05-02 4034896] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [] S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-05-11 1432400] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-21 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc [] S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-03-31 150600] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] -----------------EOF-----------------