Logfile of random's system information tool 1.10 (written by random/random) Run by RON12 at 2015-08-11 17:49:10 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 138 GB (30%) free of 469 GB Total RAM: 4095 MB (61% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:49:21, on 11-8-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17910) Boot mode: Normal Running processes: C:\Users\RON\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files\trend micro\RON12.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: SafeSearchBHO - {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} - C:\Program Files (x86)\Internetbeveiliging\apps\SafeSearch\IE\FSSafeSearch.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: F-Secure Search Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\Internetbeveiliging\apps\SafeSearch\IE\FSSafeSearch.dll O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure Hoster (45123)] "C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe" -app -hosterid:1 O4 - HKCU\..\Run: [uTorrent] C:\Users\RON\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED O4 - HKUS\S-1-5-21-1255420860-2708843325-1920694139-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'RON') O4 - HKUS\S-1-5-21-1255420860-2708843325-1920694139-1000\..\Run: [Spotify Web Helper] "C:\Users\RON\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" (User 'RON') O4 - HKUS\S-1-5-21-1255420860-2708843325-1920694139-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'RON') O4 - HKUS\S-1-5-21-1255420860-2708843325-1920694139-1000\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart (User 'RON') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9983 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k utcsvc "C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" "C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe" -hosterid:0 "C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe" "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" "C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe" "C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE" /service /stopevent=720 /ipcexch=772 "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2024 "C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE" "C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe" 3 812 816 820 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7cec8f3a-9e4a-490b-9621-9cc8d00aee79 -SystemEventPortName:HostProcess-0b8f150e-741e-4848-8ab9-25e4b08ab5b4 -IoCancelEventPortName:HostProcess-2202aef4-038f-4c24-af28-f3bcfc682753 -NonStateChangingEventPortName:HostProcess-a17d0098-9365-4895-bda5-e8e519e0da5e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d27a0b4a-c7aa-4c18-a707-edade3b33265 -DeviceGroupId:WpdFsGroup oid 1.3.6.1.4.1.2213.11.1.27.64 HosterGroupType 0 "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Users\RON\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE" /splash "C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe" -app -hosterid:1 C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Windows\system32\GWX\GWX.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe58_ Global\UsGthrCtrlFltPipeMssGthrPipe58 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 "C:\Users\RON\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\Scheduled scanning task.job - C:\PROGRA~2\INTERN~2\apps\COMPUT~1\ANTI-V~1\fsav.exe /HARD /POLICY /SCHED /REPORT="C:\PROGRA~2\INTERN~2\apps\COMPUT~1\ANTI-V~1\report.txt" ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{690EF1CF-5775-4CB3-A5B8-85A63FD0262B}] F-Secure Search - C:\Program Files (x86)\Internetbeveiliging\apps\SafeSearch\IE\FSSafeSearch64.dll [2014-06-23 506920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}] Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-11-25 202080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{690EF1CF-5775-4CB3-A5B8-85A63FD0262B}] F-Secure Search - C:\Program Files (x86)\Internetbeveiliging\apps\SafeSearch\IE\FSSafeSearch.dll [2014-06-23 367656] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18 256456] {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - F-Secure Search Toolbar - C:\Program Files (x86)\Internetbeveiliging\apps\SafeSearch\IE\FSSafeSearch64.dll [2014-06-23 506920] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25 1496408] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18 194504] {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - F-Secure Search Toolbar - C:\Program Files (x86)\Internetbeveiliging\apps\SafeSearch\IE\FSSafeSearch.dll [2014-06-23 367656] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=C:\Users\RON\AppData\Roaming\uTorrent\uTorrent.exe [2015-02-18 1742416] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2010-02-05 128296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-12 261888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 2184520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-18 629280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-08-06 349480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2010-02-09 181480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-20 7981088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-27 39408] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2010-02-05 128296] "F-Secure Manager"=C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE [2015-06-12 310312] "F-Secure Hoster (45123)"=C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe [2015-02-09 187432] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableSecureUIAPath"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave4"=wdmaud.drv "mixer4"=wdmaud.drv "vidc.mjpg"=bdmjpeg64.dll "vidc.mpeg"=bdmpegv64.dll "msacm.bdmpeg"=bdmpega64.acm "wave5"=wdmaud.drv "mixer5"=wdmaud.drv "wave6"=wdmaud.drv "mixer6"=wdmaud.drv "wave7"=wdmaud.drv "mixer7"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2015-07-28 17:34:39 ----A---- C:\Windows\system32\invagent.dll 2015-07-28 17:34:39 ----A---- C:\Windows\system32\generaltel.dll 2015-07-28 17:34:39 ----A---- C:\Windows\system32\devinv.dll 2015-07-28 17:34:39 ----A---- C:\Windows\system32\appraiser.dll 2015-07-28 17:34:39 ----A---- C:\Windows\system32\aeinv.dll 2015-07-28 17:34:39 ----A---- C:\Windows\system32\acmigration.dll 2015-07-28 17:34:38 ----A---- C:\Windows\system32\CompatTelRunner.exe 2015-07-28 17:34:38 ----A---- C:\Windows\system32\aepdu.dll 2015-07-21 03:29:52 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2015-07-21 03:29:52 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2015-07-21 03:29:52 ----A---- C:\Windows\system32\lpk.dll 2015-07-21 03:29:52 ----A---- C:\Windows\system32\dciman32.dll 2015-07-21 03:29:52 ----A---- C:\Windows\system32\atmlib.dll 2015-07-21 03:29:52 ----A---- C:\Windows\system32\atmfd.dll 2015-07-21 03:29:51 ----A---- C:\Windows\SYSWOW64\lpk.dll 2015-07-21 03:29:51 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2015-07-21 03:29:51 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2015-07-21 03:29:51 ----A---- C:\Windows\system32\fontsub.dll 2015-07-15 03:52:11 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2015-07-15 03:52:10 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2015-07-15 03:52:10 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2015-07-15 03:52:10 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2015-07-15 03:52:10 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2015-07-15 03:52:10 ----A---- C:\Windows\system32\iernonce.dll 2015-07-15 03:52:10 ----A---- C:\Windows\system32\ieetwproxystub.dll 2015-07-15 03:52:10 ----A---- C:\Windows\system32\ieetwcollector.exe 2015-07-15 03:52:10 ----A---- C:\Windows\system32\ie4uinit.exe 2015-07-15 03:52:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-07-15 03:52:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-07-15 03:52:09 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2015-07-15 03:52:09 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2015-07-15 03:52:09 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-07-15 03:52:08 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2015-07-15 03:52:08 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-07-15 03:52:08 ----A---- C:\Windows\system32\iedkcs32.dll 2015-07-15 03:52:06 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2015-07-15 03:52:06 ----A---- C:\Windows\SYSWOW64\jscript.dll 2015-07-15 03:52:06 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2015-07-15 03:52:06 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2015-07-15 03:52:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2015-07-15 03:52:06 ----A---- C:\Windows\system32\msfeeds.dll 2015-07-15 03:52:06 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2015-07-15 03:52:06 ----A---- C:\Windows\system32\dxtrans.dll 2015-07-15 03:52:05 ----A---- C:\Windows\system32\iesetup.dll 2015-07-15 03:52:05 ----A---- C:\Windows\system32\ieapfltr.dll 2015-07-15 03:52:03 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2015-07-15 03:52:03 ----A---- C:\Windows\system32\vbscript.dll 2015-07-15 03:52:02 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-07-15 03:52:02 ----A---- C:\Windows\system32\jsproxy.dll 2015-07-15 03:52:02 ----A---- C:\Windows\system32\ieUnatt.exe 2015-07-15 03:52:01 ----A---- C:\Windows\SYSWOW64\msrating.dll 2015-07-15 03:52:01 ----A---- C:\Windows\system32\dxtmsft.dll 2015-07-15 03:52:00 ----A---- C:\Windows\system32\mshtmled.dll 2015-07-15 03:51:59 ----A---- C:\Windows\system32\mshtmlmedia.dll 2015-07-15 03:51:59 ----A---- C:\Windows\system32\jscript.dll 2015-07-15 03:51:57 ----A---- C:\Windows\system32\wininet.dll 2015-07-15 03:51:57 ----A---- C:\Windows\system32\msrating.dll 2015-07-15 03:51:57 ----A---- C:\Windows\system32\MshtmlDac.dll 2015-07-15 03:48:26 ----A---- C:\Windows\SYSWOW64\cewmdm.dll 2015-07-15 03:48:26 ----A---- C:\Windows\system32\cewmdm.dll 2015-07-15 03:48:19 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2015-07-15 03:48:19 ----A---- C:\Windows\SYSWOW64\wups.dll 2015-07-15 03:48:19 ----A---- C:\Windows\SYSWOW64\wudriver.dll 2015-07-15 03:48:19 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2015-07-15 03:48:19 ----A---- C:\Windows\SYSWOW64\wuapi.dll 2015-07-15 03:48:19 ----A---- C:\Windows\system32\wucltux.dll 2015-07-15 03:48:19 ----A---- C:\Windows\system32\wuauclt.exe 2015-07-15 03:48:19 ----A---- C:\Windows\system32\wuapp.exe 2015-07-15 03:48:19 ----A---- C:\Windows\system32\wuapi.dll 2015-07-15 03:48:19 ----A---- C:\Windows\system32\WinSetupUI.dll 2015-07-15 03:48:18 ----A---- C:\Windows\system32\wuwebv.dll 2015-07-15 03:48:18 ----A---- C:\Windows\system32\wups2.dll 2015-07-15 03:48:18 ----A---- C:\Windows\system32\wups.dll 2015-07-15 03:48:18 ----A---- C:\Windows\system32\wudriver.dll 2015-07-15 03:48:18 ----A---- C:\Windows\system32\wuaueng.dll 2015-07-15 03:48:18 ----A---- C:\Windows\system32\wu.upgrade.ps.dll 2015-07-15 03:48:08 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-07-15 03:48:08 ----A---- C:\Windows\system32\rdpcorets.dll 2015-07-15 03:48:06 ----A---- C:\Windows\system32\win32k.sys 2015-07-15 03:48:05 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2015-07-15 03:48:05 ----A---- C:\Windows\system32\gdi32.dll 2015-07-15 03:48:04 ----A---- C:\Windows\system32\jscript9diag.dll 2015-07-15 03:48:03 ----A---- C:\Windows\system32\jscript9.dll 2015-07-15 03:48:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2015-07-15 03:48:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-07-15 03:47:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-07-15 03:47:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-07-15 03:47:52 ----A---- C:\Windows\SYSWOW64\ieui.dll 2015-07-15 03:47:47 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-07-15 03:47:46 ----A---- C:\Windows\system32\urlmon.dll 2015-07-15 03:47:46 ----A---- C:\Windows\system32\ieui.dll 2015-07-15 03:47:46 ----A---- C:\Windows\system32\ieframe.dll 2015-07-15 03:47:45 ----A---- C:\Windows\system32\mshtml.dll 2015-07-15 03:47:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-07-15 03:47:43 ----A---- C:\Windows\system32\iertutil.dll 2015-07-15 03:46:21 ----A---- C:\Windows\SYSWOW64\ole32.dll 2015-07-15 03:46:21 ----A---- C:\Windows\system32\ole32.dll 2015-07-15 03:46:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2015-07-15 03:46:05 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2015-07-15 03:46:05 ----A---- C:\Windows\system32\cryptsvc.dll 2015-07-15 03:46:04 ----A---- C:\Windows\system32\crypt32.dll 2015-07-15 03:46:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2015-07-15 03:46:02 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2015-07-15 03:46:02 ----A---- C:\Windows\system32\wintrust.dll 2015-07-15 03:46:02 ----A---- C:\Windows\system32\cryptnet.dll 2015-07-15 03:45:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2015-07-15 03:45:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2015-07-15 03:45:24 ----A---- C:\Windows\system32\rpcrt4.dll 2015-07-15 03:45:24 ----A---- C:\Windows\system32\msv1_0.dll 2015-07-15 03:45:24 ----A---- C:\Windows\system32\kerberos.dll 2015-07-15 03:45:24 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2015-07-15 03:45:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2015-07-15 03:45:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2015-07-15 03:45:23 ----A---- C:\Windows\SYSWOW64\schannel.dll 2015-07-15 03:45:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2015-07-15 03:45:23 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2015-07-15 03:45:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll 2015-07-15 03:45:23 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2015-07-15 03:45:23 ----A---- C:\Windows\system32\wdigest.dll 2015-07-15 03:45:23 ----A---- C:\Windows\system32\TSpkg.dll 2015-07-15 03:45:23 ----A---- C:\Windows\system32\sspisrv.dll 2015-07-15 03:45:23 ----A---- C:\Windows\system32\sspicli.dll 2015-07-15 03:45:23 ----A---- C:\Windows\system32\schannel.dll 2015-07-15 03:45:23 ----A---- C:\Windows\system32\ncrypt.dll 2015-07-15 03:45:23 ----A---- C:\Windows\system32\lsass.exe 2015-07-15 03:45:23 ----A---- C:\Windows\system32\lsasrv.dll 2015-07-15 03:45:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2015-07-15 03:45:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2015-07-15 03:45:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2015-07-15 03:45:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2015-07-15 03:45:23 ----A---- C:\Windows\system32\cryptbase.dll 2015-07-15 03:45:23 ----A---- C:\Windows\system32\auditpol.exe 2015-07-15 03:45:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2015-07-15 03:45:22 ----A---- C:\Windows\SYSWOW64\secur32.dll 2015-07-15 03:45:22 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2015-07-15 03:45:22 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2015-07-15 03:45:22 ----A---- C:\Windows\SYSWOW64\credssp.dll 2015-07-15 03:45:22 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2015-07-15 03:45:22 ----A---- C:\Windows\system32\secur32.dll 2015-07-15 03:45:22 ----A---- C:\Windows\system32\msobjs.dll 2015-07-15 03:45:22 ----A---- C:\Windows\system32\msaudite.dll 2015-07-15 03:45:22 ----A---- C:\Windows\system32\credssp.dll 2015-07-15 03:45:22 ----A---- C:\Windows\system32\adtschema.dll 2015-07-15 03:44:30 ----A---- C:\Windows\SYSWOW64\msi.dll 2015-07-15 03:44:30 ----A---- C:\Windows\system32\msi.dll 2015-07-15 03:44:30 ----A---- C:\Windows\system32\authui.dll 2015-07-15 03:44:29 ----A---- C:\Windows\SYSWOW64\msimsg.dll 2015-07-15 03:44:29 ----A---- C:\Windows\SYSWOW64\msihnd.dll 2015-07-15 03:44:29 ----A---- C:\Windows\SYSWOW64\msiexec.exe 2015-07-15 03:44:29 ----A---- C:\Windows\SYSWOW64\authui.dll 2015-07-15 03:44:29 ----A---- C:\Windows\system32\msimsg.dll 2015-07-15 03:44:29 ----A---- C:\Windows\system32\msihnd.dll 2015-07-15 03:44:29 ----A---- C:\Windows\system32\msiexec.exe 2015-07-15 03:44:29 ----A---- C:\Windows\system32\consent.exe 2015-07-15 03:44:29 ----A---- C:\Windows\system32\appinfo.dll ======List of files/folders modified in the last 1 month====== 2015-08-11 17:49:21 ----D---- C:\Windows\temp 2015-08-11 17:49:12 ----D---- C:\Program Files\trend micro 2015-08-11 15:54:59 ----D---- C:\Windows\system32\config 2015-08-11 14:54:57 ----D---- C:\Config.Msi 2015-08-11 14:52:53 ----SHD---- C:\Windows\Installer 2015-08-11 14:52:35 ----D---- C:\Windows\SysWOW64 2015-08-11 14:52:35 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2015-08-11 14:52:29 ----D---- C:\Windows\inf 2015-08-11 14:52:26 ----D---- C:\Windows\System32 2015-08-11 14:52:26 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-08-11 14:51:18 ----SHD---- C:\System Volume Information 2015-08-08 23:05:57 ----D---- C:\Windows\system32\NDF 2015-08-07 03:53:27 ----D---- C:\Windows\system32\catroot2 2015-08-01 15:39:28 ----HD---- C:\$Windows.~BT 2015-08-01 15:25:14 ----D---- C:\Windows\Panther 2015-08-01 14:23:28 ----D---- C:\Windows\Logs 2015-07-28 18:55:13 ----SD---- C:\Windows\system32\CompatTel 2015-07-28 17:30:40 ----D---- C:\Windows\winsxs 2015-07-28 17:30:14 ----D---- C:\Windows\SoftwareDistribution 2015-07-25 10:36:26 ----SD---- C:\Windows\system32\GWX 2015-07-23 14:56:29 ----D---- C:\TEMP 2015-07-23 13:43:42 ----D---- C:\Windows\system32\catroot 2015-07-23 13:34:15 ----D---- C:\Windows 2015-07-23 13:33:17 ----A---- C:\Windows\prodsett_copy.ini 2015-07-23 13:32:54 ----D---- C:\ProgramData\f-secure 2015-07-16 10:28:20 ----RD---- C:\Program Files (x86) 2015-07-16 10:28:16 ----D---- C:\Windows\Tasks 2015-07-16 07:18:42 ----SD---- C:\Windows\SYSWOW64\GWX 2015-07-15 18:13:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-07-15 05:57:08 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-07-15 05:57:08 ----D---- C:\Windows\system32\nl-NL 2015-07-15 05:57:08 ----D---- C:\Windows\PolicyDefinitions 2015-07-15 05:57:07 ----D---- C:\Windows\SYSWOW64\en-US 2015-07-15 05:57:07 ----D---- C:\Windows\system32\en-US 2015-07-15 05:57:07 ----D---- C:\Program Files\Internet Explorer 2015-07-15 05:57:07 ----D---- C:\Program Files (x86)\Internet Explorer 2015-07-15 05:57:03 ----D---- C:\Windows\system32\drivers 2015-07-15 05:57:02 ----D---- C:\Windows\system32\wbem 2015-07-15 05:57:02 ----D---- C:\Windows\system32\appraiser 2015-07-15 05:57:01 ----D---- C:\Windows\AppPatch 2015-07-15 04:13:44 ----D---- C:\ProgramData\Microsoft Help 2015-07-15 04:08:33 ----D---- C:\Windows\system32\MRT ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2015-07-23 55336] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2015-07-07 71080] R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2015-06-12 13352] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464] R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2012/04/26 17:18:11]; \??\C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [2010-02-09 146928] R3 athr;Wireless PCI Adapter Driver Service; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-23 1579520] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504] R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y62x64.sys [2009-06-12 287960] R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2015-07-23 208424] R3 fsni;fsni; \??\C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Scanning\bin\fsni64.sys [2015-07-27 97832] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-20 1831968] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432] R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-07-17 201472] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [2014-04-09 31920] S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-04 114192] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 48488] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-12-13 36720] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver; C:\Windows\system32\DRIVERS\RTL85n64.sys [2009-07-03 452128] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2014-09-11 9216] R2 fshoster;F-Secure Dll Hoster; C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe [2015-02-09 187432] R2 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe [2015-03-09 60456] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-12-13 194416] R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-06 311592] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 FSMA;FSMA; C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE [2015-06-12 216104] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 150648] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736] S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864] S4 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496] S4 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840] S4 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104] S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-28 935208] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-13 62208] S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-02-16 247152] S4 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------