dion

Logfile of random's system information tool 1.10 (written by random/random) Run by administraaror at 2014-08-20 09:51:23 Microsoft Windows 8 Pro System drive C: has 78 GB (47%) free of 165 GB Total RAM: 3054 MB (38% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:51:25, on 20-8-2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.17028) Boot mode: Normal Running processes: C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA ANTIVIRUS PRO 2014\WebProxy.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\ZooToolbar\WBrokerSockets.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\ADMINI~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\administraaror.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fRrvugmxlJOT40l3ePPj8-059HVvGjtksvRS5aNdwvQREAWYh-OuJd7Eabt6VqBBcrl01-8tyMsgnvW6-FEEQnLKnilEwCwj6RL-wGPwN0LnSSNESDPz-ZYUcUkNDkp4Gg_bZp5t4SCCjWO9uTnXdWUVtv-pYHmMx0acyiLrdu3js_YLGOLDnweR92Jsk0Y,&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Max Start Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = V9 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1389673782&from=tugs&uid=WDCXWD2500JS-60NCB1_WD-WCANK882271822718&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1389673782&from=tugs&uid=WDCXWD2500JS-60NCB1_WD-WCANK882271822718&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Speedial Search R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fRrvugmxlJOT40l3ePPj8-059HVvGjtksvRS5aNdwvQREAWYh-OuJd7Eabt6VqBBcrl01-8tyMsgnvW6-FEEQnLKnilEwCwj6RL-wGPwN0LnSSNESDPz-ZYUcUkNDkp4Gg_bZp5t4SCCjWO9uTnXdWUVtv-pYHmMx0acyiLrdu3js_YLGOLDnweR92Jsk0Y,&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fRrvugmxlJOT40l3ePPj8-059HVvGjtksvRS5aNdwvQREAWYh-OuJd7Eabt6VqBBcrl01-8tyMsgnvW6-FEEQnLKnilEwCwj6RL-wGPwN0LnSSNESDPz-ZYUcUkNDkp4Gg_bZp5t4SCCjWO9uTnXdWUVtv-pYHmMx0acyiLrdu3js_YLGOLDnweR92Jsk0Y,&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe, O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~2\ArcSoft\VIDEOD~1\ARCURL~1.DLL (file missing) O2 - BHO: Speed Test 127 - {11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} - (no file) O2 - BHO: Bizzybolt - {13070af0-bc6c-4185-8baa-40a4cf05b323} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: ToolbarBHO Class - {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll (file missing) O2 - BHO: Free Games 111 - {C45EC9F0-8333-465D-9728-074BD41985C9} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (file missing) O3 - Toolbar: RAW Thumbnail Viewer - {F301665A-12F8-4331-804A-5BCBD379668C} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll (file missing) O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (file missing) O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\Inicio.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [AppSafe] C:\Program Files (x86)\AppSafe\AppSafe.exe O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512" O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user') O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\pavsrvx86.exe O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PskSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\TPSrvWow.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16713 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PskSvc.exe" "dwm.exe" "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\TPSrvWow.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs "C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA ANTIVIRUS PRO 2014\WebProxy.exe" oso_XGCGLR C:\Windows\system32\svchost.exe -k LocalService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe" "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe" "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PavFnSvr.exe" "C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe" "C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe" C:\Windows\system32\svchost.exe -k imgsvc taskeng.exe {2C29CC21-0A4A-4D1C-9F34-720DC1978218} taskhostex.exe C:\Windows\Explorer.EXE "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe" taskeng.exe {0C1FDE4F-DADE-4490-BB7D-ACA0C12D9FA2} "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c "C:\Program Files (x86)\ZooToolbar\WBrokerSockets.exe" "C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe" C:\Windows\System32\alg.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe" "C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe" /loaddll C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\MyPC Backup\BackupStack.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\wdi.dll",WdipLaunchRunDLLUserHost "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.9.423997198\1349633372" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.11.1351528242\2027297398" /prefetch:673131151 C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.22.1523460462\716791833" /prefetch:673131151 C:\Users\ADMINI~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="864.29.1407125218\646690164" --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\administraaror\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0" --gpu-driver-bug-workarounds=0,1,14,27,29,33 --gpu-vendor-id=0x10de --gpu-device-id=0x0640 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.31.1909630484\648216260" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.34.202382525\1641566201" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.42.1113516226\1791159721" /prefetch:673131151 "C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt "C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="864.46.273001403\1703936151" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Users\administraaror\Desktop\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\AppCloudUpdater.job - C:\Users\ADMINI~1\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\tasks\AppSafe.job - C:\Program Files (x86)\AppSafe\AppSafe.exe -scan C:\Windows\tasks\Digital Sites.job - C:\Users\ADMINI~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\tasks\DriverDoc_UPDATES.job - C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe -updatecheck C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun C:\Windows\tasks\FoxTab.job - C:\Users\ADMINI~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\Norton Security Scan for administraaror.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled C:\Windows\tasks\Tuneup Pro_DEFAULT.job - C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe -default C:\Windows\tasks\Tuneup Pro_UPDATES.job - C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe -updatecheck ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}] Speed Test 127 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-04 537576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C45EC9F0-8333-465D-9728-074BD41985C9}] Free Games 111 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-04 193512] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}] IEPlugin Class - C:\PROGRA~2\ArcSoft\VIDEOD~1\ARCURL~1.DLL [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}] Speed Test 127 [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13070af0-bc6c-4185-8baa-40a4cf05b323}] Bizzybolt [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9519AF7E-638D-4933-BAD6-D33D23C79FE5}] ToolbarBHO Class - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C45EC9F0-8333-465D-9728-074BD41985C9}] Free Games 111 [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}] mysearchdial Helper Object - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {F301665A-12F8-4331-804A-5BCBD379668C} - RAW Thumbnail Viewer - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll [] {3004627E-F8E9-4E8B-909D-316753CBA923} - mysearchdial Toolbar - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll [] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008] "PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2007-12-10 323584] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-21 1797064] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AppSafe"=C:\Program Files (x86)\AppSafe\AppSafe.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512"=C:\Windows\system32\cmd.exe [2012-07-26 404992] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "APVXDWIN"=C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\APVXDWIN.EXE [2013-09-30 1062880] "SCANINICIO"=C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\Inicio.exe [2013-09-30 71648] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Users\administraaror\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr] C:\Windows\system32\avldr64.dll [2010-03-24 64768] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe] "Debugger=" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi1"=wdmaud.drv "mixer3"=wdmaud.drv "aux1"=wdmaud.drv "wave4"=wdmaud.drv "midi2"=wdmaud.drv "mixer4"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\PROGRA~2\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* .vbs - open - C:\PROGRA~2\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* ======List of files/folders created in the last 3 months====== 2014-08-20 09:34:37 ----D---- C:\rsit 2014-08-20 09:34:37 ----D---- C:\Program Files\trend micro 2014-08-20 08:02:04 ----D---- C:\Program Files (x86)\Trend Micro 2014-08-13 12:37:05 ----D---- C:\Program Files\iPod 2014-08-13 12:37:03 ----D---- C:\Program Files\iTunes 2014-08-13 12:37:03 ----D---- C:\Program Files (x86)\iTunes 2014-08-13 12:33:38 ----D---- C:\Program Files\Bonjour 2014-08-13 12:33:38 ----D---- C:\Program Files (x86)\Bonjour 2014-08-13 09:23:33 ----D---- C:\Program Files (x86)\MyPC Backup 2014-08-13 09:22:56 ----D---- C:\Program Files (x86)\Tuneup Pro 2014-08-13 09:22:36 ----D---- C:\Users\administraaror\AppData\Roaming\Tuneup Pro 2014-08-07 16:55:19 ----D---- C:\Users\administraaror\AppData\Roaming\iStonsoft 2014-08-07 16:55:05 ----D---- C:\Program Files (x86)\iStonsoft 2014-08-07 16:31:56 ----D---- C:\Program Files (x86)\Microsoft OneDrive 2014-08-06 16:11:21 ----A---- C:\Windows\system32\drivers\hdaudbus.sys 2014-08-06 16:11:10 ----A---- C:\Windows\system32\drivers\mountmgr.sys 2014-08-06 16:11:10 ----A---- C:\Windows\system32\drivers\Classpnp.sys 2014-08-06 13:45:31 ----D---- C:\Users\administraaror\AppData\Roaming\DriverCure 2014-08-06 13:45:30 ----D---- C:\Users\administraaror\AppData\Roaming\ParetoLogic 2014-08-06 13:45:19 ----D---- C:\ProgramData\ParetoLogic 2014-08-05 15:30:48 ----D---- C:\Users\administraaror\AppData\Roaming\Apple Computer 2014-08-05 15:30:37 ----DC---- C:\Windows\system32\DRVSTORE 2014-08-05 15:30:37 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys 2014-08-05 15:28:35 ----D---- C:\Program Files (x86)\Apple Software Update 2014-08-05 15:27:56 ----D---- C:\Program Files\Common Files\Apple 2014-08-05 15:27:28 ----D---- C:\ProgramData\Apple 2014-08-05 01:38:25 ----A---- C:\Windows\SYSWOW64\wudriver.dll 2014-08-05 01:38:25 ----A---- C:\Windows\system32\wudriver.dll 2014-08-05 01:38:25 ----A---- C:\Windows\system32\storewuauth.dll 2014-08-05 01:38:22 ----A---- C:\Windows\system32\WUSettingsProvider.dll 2014-08-05 01:38:22 ----A---- C:\Windows\system32\wuauclt.exe 2014-08-05 01:38:19 ----A---- C:\Windows\SYSWOW64\wuapi.dll 2014-08-05 01:38:19 ----A---- C:\Windows\system32\wucltux.dll 2014-08-05 01:38:19 ----A---- C:\Windows\system32\wuaueng.dll 2014-08-05 01:38:19 ----A---- C:\Windows\system32\wuapi.dll 2014-08-05 01:38:12 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2014-08-05 01:38:12 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2014-08-05 01:38:12 ----A---- C:\Windows\system32\wuwebv.dll 2014-08-05 01:38:12 ----A---- C:\Windows\system32\wuapp.exe 2014-08-04 11:17:31 ----D---- C:\Users\administraaror\AppData\Roaming\Software Informer 2014-08-04 11:17:30 ----D---- C:\Program Files\Software Informer 2014-08-04 07:30:53 ----A---- C:\Windows\system32\PavCPL64.dat 2014-08-04 07:30:48 ----A---- C:\Windows\system32\drivers\pavboot64.sys 2014-08-04 07:30:05 ----A---- C:\Windows\SYSWOW64\HHActiveX.dll 2014-08-04 07:29:50 ----A---- C:\Windows\SYSWOW64\TpUtilWow.dll 2014-08-04 07:29:50 ----A---- C:\Windows\SYSWOW64\sysHelper32.dll 2014-08-04 07:29:49 ----A---- C:\Windows\SYSWOW64\PavSHookWow.dll 2014-08-04 07:29:49 ----A---- C:\Windows\SYSWOW64\PavLspHookWow.dll 2014-08-04 07:29:49 ----A---- C:\Windows\SYSWOW64\PavIpcWow.dll 2014-08-04 07:29:49 ----A---- C:\Windows\system32\TpUtil64.dll 2014-08-04 07:29:49 ----A---- C:\Windows\system32\sysHelper64.dll 2014-08-04 07:29:49 ----A---- C:\Windows\system32\PavSHook64.dll 2014-08-04 07:29:49 ----A---- C:\Windows\system32\PavLspHook64.dll 2014-08-04 07:29:49 ----A---- C:\Windows\system32\PavIpc64.dll 2014-08-04 07:29:46 ----D---- C:\ProgramData\Panda Security 2014-08-04 07:29:46 ----A---- C:\Windows\system32\drivers\amm6460.sys 2014-08-04 07:29:46 ----A---- C:\Windows\system32\avldr64.dll 2014-08-04 07:29:45 ----D---- C:\Program Files (x86)\Panda Security 2014-08-04 07:29:34 ----A---- C:\Windows\system32\drivers\ShldFlt.sys 2014-07-27 02:46:16 ----D---- C:\Windows\system32\drivers\NSSx64 2014-07-27 02:46:16 ----D---- C:\ProgramData\Norton 2014-07-27 02:43:48 ----D---- C:\Windows\SYSWOW64\Adobe 2014-07-27 02:28:51 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe 2014-07-27 01:08:10 ----A---- C:\Windows\Launcher.exe 2014-07-27 01:08:09 ----D---- C:\Program Files (x86)\ZooToolbar 2014-07-27 00:24:35 ----D---- C:\ProgramData\NCH Software 2014-07-26 23:14:54 ----A---- C:\Windows\system32\ExtraInfo.txt 2014-07-26 22:49:59 ----D---- C:\Users\administraaror\AppData\Roaming\rightbackup 2014-07-26 22:49:59 ----D---- C:\Users\administraaror\AppData\Roaming\ASP 2014-07-26 22:29:04 ----D---- C:\ProgramData\Informer Technologies, Inc 2014-07-26 22:13:44 ----A---- C:\Windows\Reimage.ini 2014-07-24 03:48:19 ----D---- C:\Program Files (x86)\DriverToolkit 2014-07-24 03:31:20 ----D---- C:\Users\administraaror\AppData\Roaming\rmi 2014-07-23 13:19:58 ----D---- C:\Users\administraaror\AppData\Roaming\sparta111 2014-07-23 12:52:50 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll 2014-07-23 12:52:50 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll 2014-07-23 12:52:50 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll 2014-07-23 12:52:50 ----A---- C:\Windows\system32\xactengine3_7.dll 2014-07-23 12:52:50 ----A---- C:\Windows\system32\d3dx10_43.dll 2014-07-23 12:52:50 ----A---- C:\Windows\system32\d3dcsx_43.dll 2014-07-23 12:52:49 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll 2014-07-23 12:52:49 ----A---- C:\Windows\system32\D3DX9_43.dll 2014-07-23 12:52:48 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll 2014-07-23 12:52:48 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll 2014-07-23 12:52:48 ----A---- C:\Windows\system32\XAudio2_6.dll 2014-07-23 12:52:48 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2014-07-23 12:52:47 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll 2014-07-23 12:52:47 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll 2014-07-23 12:52:47 ----A---- C:\Windows\system32\xactengine3_6.dll 2014-07-23 12:52:47 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2014-07-23 12:52:46 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll 2014-07-23 12:52:46 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll 2014-07-23 12:52:46 ----A---- C:\Windows\system32\XAudio2_5.dll 2014-07-23 12:52:46 ----A---- C:\Windows\system32\xactengine3_5.dll 2014-07-23 12:52:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll 2014-07-23 12:52:45 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\system32\D3DX9_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\system32\d3dx11_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\system32\d3dcsx_42.dll 2014-07-23 12:52:43 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll 2014-07-23 12:52:43 ----A---- C:\Windows\system32\D3DX9_41.dll 2014-07-23 12:52:43 ----A---- C:\Windows\system32\d3dx10_41.dll 2014-07-23 12:52:43 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2014-07-23 12:52:42 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll 2014-07-23 12:52:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll 2014-07-23 12:52:42 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll 2014-07-23 12:52:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll 2014-07-23 12:52:42 ----A---- C:\Windows\system32\XAudio2_4.dll 2014-07-23 12:52:42 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2014-07-23 12:52:42 ----A---- C:\Windows\system32\xactengine3_4.dll 2014-07-23 12:52:42 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2014-07-23 12:52:41 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll 2014-07-23 12:52:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll 2014-07-23 12:52:41 ----A---- C:\Windows\system32\d3dx10_40.dll 2014-07-23 12:52:41 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2014-07-23 12:52:40 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll 2014-07-23 12:52:40 ----A---- C:\Windows\system32\D3DX9_40.dll 2014-07-23 12:52:39 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll 2014-07-23 12:52:39 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll 2014-07-23 12:52:39 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll 2014-07-23 12:52:39 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll 2014-07-23 12:52:39 ----A---- C:\Windows\system32\XAudio2_3.dll 2014-07-23 12:52:39 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2014-07-23 12:52:39 ----A---- C:\Windows\system32\xactengine3_3.dll 2014-07-23 12:52:39 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2014-07-23 12:52:38 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll 2014-07-23 12:52:38 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll 2014-07-23 12:52:38 ----A---- C:\Windows\system32\XAudio2_2.dll 2014-07-23 12:52:38 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2014-07-23 12:52:37 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll 2014-07-23 12:52:37 ----A---- C:\Windows\system32\xactengine3_2.dll 2014-07-23 12:52:36 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll 2014-07-23 12:52:36 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll 2014-07-23 12:52:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll 2014-07-23 12:52:36 ----A---- C:\Windows\system32\D3DX9_39.dll 2014-07-23 12:52:36 ----A---- C:\Windows\system32\d3dx10_39.dll 2014-07-23 12:52:36 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2014-07-23 12:52:35 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll 2014-07-23 12:52:35 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll 2014-07-23 12:52:35 ----A---- C:\Windows\system32\XAudio2_1.dll 2014-07-23 12:52:35 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2014-07-23 12:52:34 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll 2014-07-23 12:52:34 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll 2014-07-23 12:52:34 ----A---- C:\Windows\system32\xactengine3_1.dll 2014-07-23 12:52:34 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2014-07-23 12:52:33 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll 2014-07-23 12:52:33 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll 2014-07-23 12:52:33 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll 2014-07-23 12:52:33 ----A---- C:\Windows\system32\D3DX9_38.dll 2014-07-23 12:52:33 ----A---- C:\Windows\system32\d3dx10_38.dll 2014-07-23 12:52:33 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2014-07-23 12:52:32 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll 2014-07-23 12:52:32 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll 2014-07-23 12:52:32 ----A---- C:\Windows\system32\XAudio2_0.dll 2014-07-23 12:52:32 ----A---- C:\Windows\system32\xactengine3_0.dll 2014-07-23 12:52:31 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll 2014-07-23 12:52:31 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll 2014-07-23 12:52:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll 2014-07-23 12:52:31 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2014-07-23 12:52:31 ----A---- C:\Windows\system32\d3dx10_37.dll 2014-07-23 12:52:31 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2014-07-23 12:52:30 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll 2014-07-23 12:52:30 ----A---- C:\Windows\system32\D3DX9_37.dll 2014-07-23 12:52:29 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll 2014-07-23 12:52:29 ----A---- C:\Windows\system32\xactengine2_10.dll 2014-07-23 12:52:28 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll 2014-07-23 12:52:28 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll 2014-07-23 12:52:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll 2014-07-23 12:52:28 ----A---- C:\Windows\system32\d3dx9_36.dll 2014-07-23 12:52:28 ----A---- C:\Windows\system32\d3dx10_36.dll 2014-07-23 12:52:28 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2014-07-23 12:52:27 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll 2014-07-23 12:52:27 ----A---- C:\Windows\system32\xactengine2_9.dll 2014-07-23 12:52:26 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll 2014-07-23 12:52:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll 2014-07-23 12:52:26 ----A---- C:\Windows\system32\d3dx10_35.dll 2014-07-23 12:52:26 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2014-07-23 12:52:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll 2014-07-23 12:52:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll 2014-07-23 12:52:25 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll 2014-07-23 12:52:25 ----A---- C:\Windows\system32\xactengine2_8.dll 2014-07-23 12:52:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2014-07-23 12:52:25 ----A---- C:\Windows\system32\d3dx9_35.dll 2014-07-23 12:52:24 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll 2014-07-23 12:52:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll 2014-07-23 12:52:24 ----A---- C:\Windows\system32\d3dx10_34.dll 2014-07-23 12:52:24 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2014-07-23 12:52:23 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll 2014-07-23 12:52:23 ----A---- C:\Windows\system32\d3dx9_34.dll 2014-07-23 12:52:22 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll 2014-07-23 12:52:22 ----A---- C:\Windows\system32\xinput1_3.dll 2014-07-23 12:52:21 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll 2014-07-23 12:52:21 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll 2014-07-23 12:52:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll 2014-07-23 12:52:21 ----A---- C:\Windows\system32\xactengine2_7.dll 2014-07-23 12:52:21 ----A---- C:\Windows\system32\d3dx10_33.dll 2014-07-23 12:52:21 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2014-07-23 12:52:20 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll 2014-07-23 12:52:20 ----A---- C:\Windows\system32\d3dx9_33.dll 2014-07-23 12:52:19 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll 2014-07-23 12:52:19 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll 2014-07-23 12:52:19 ----A---- C:\Windows\system32\xactengine2_6.dll 2014-07-23 12:52:19 ----A---- C:\Windows\system32\x3daudio1_1.dll 2014-07-23 12:49:24 ----HD---- C:\Windows\msdownld.tmp 2014-07-23 12:49:16 ----D---- C:\Windows\SYSWOW64\directx 2014-07-23 06:56:01 ----D---- C:\Users\administraaror\AppData\Roaming\InstallShield 2014-07-23 05:31:51 ----D---- C:\Users\administraaror\AppData\Roaming\FreeFixer 2014-07-23 05:31:33 ----D---- C:\Program Files\FreeFixer 2014-07-22 09:00:40 ----A---- C:\Windows\system32\FNTCACHE.DAT 2014-07-22 03:11:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-07-21 15:18:54 ----A---- C:\Windows\system32\win32k.sys 2014-07-21 15:18:34 ----A---- C:\Windows\system32\osk.exe 2014-07-21 15:18:32 ----A---- C:\Windows\SYSWOW64\osk.exe 2014-07-21 15:18:10 ----A---- C:\Windows\system32\InkEd.dll 2014-07-21 15:17:52 ----A---- C:\Windows\system32\lsasrv.dll 2014-07-21 15:17:50 ----A---- C:\Windows\SYSWOW64\SHCore.dll 2014-07-21 15:17:50 ----A---- C:\Windows\system32\SHCore.dll 2014-07-21 15:17:50 ----A---- C:\Windows\system32\lsm.dll 2014-07-21 15:15:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-07-21 15:14:38 ----A---- C:\Windows\system32\mshtml.dll 2014-07-21 15:13:48 ----A---- C:\Windows\system32\ieframe.dll 2014-07-21 15:13:43 ----A---- C:\Windows\system32\jscript9.dll 2014-07-21 15:13:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-07-21 15:13:40 ----A---- C:\Windows\system32\iedkcs32.dll 2014-07-21 15:13:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-07-21 15:13:35 ----A---- C:\Windows\system32\iertutil.dll 2014-07-21 15:13:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-07-21 15:13:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-07-21 15:13:32 ----A---- C:\Windows\system32\wininet.dll 2014-07-21 15:13:32 ----A---- C:\Windows\system32\urlmon.dll 2014-07-21 15:13:30 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-07-21 15:13:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-07-21 15:13:29 ----A---- C:\Windows\system32\jscript.dll 2014-07-21 15:13:29 ----A---- C:\Windows\system32\dxtmsft.dll 2014-07-21 15:13:26 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-07-21 15:13:26 ----A---- C:\Windows\system32\msfeeds.dll 2014-07-21 15:13:26 ----A---- C:\Windows\system32\dxtrans.dll 2014-07-21 15:13:25 ----A---- C:\Windows\SYSWOW64\jscript.dll 2014-07-21 15:13:25 ----A---- C:\Windows\system32\uxtheme.dll 2014-07-21 15:13:25 ----A---- C:\Windows\system32\mshtmled.dll 2014-07-21 15:13:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-07-21 15:13:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-07-21 15:13:24 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2014-07-21 15:13:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-07-21 15:13:24 ----A---- C:\Windows\system32\iesysprep.dll 2014-07-21 15:13:23 ----A---- C:\Windows\SYSWOW64\UXInit.dll 2014-07-21 15:13:23 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-07-21 15:13:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-07-21 15:13:23 ----A---- C:\Windows\system32\UXInit.dll 2014-07-21 15:13:23 ----A---- C:\Windows\system32\msrating.dll 2014-07-21 15:13:23 ----A---- C:\Windows\system32\jsproxy.dll 2014-07-21 15:13:23 ----A---- C:\Windows\system32\iernonce.dll 2014-07-21 15:13:23 ----A---- C:\Windows\system32\ie4uinit.exe 2014-07-21 15:13:22 ----A---- C:\Windows\SYSWOW64\uxtheme.dll 2014-07-21 15:13:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-07-21 15:13:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-07-21 15:13:22 ----A---- C:\Windows\system32\iesetup.dll 2014-07-21 15:13:15 ----A---- C:\Windows\system32\drivers\afd.sys 2014-07-21 15:13:14 ----A---- C:\Windows\SYSWOW64\qedit.dll 2014-07-21 15:13:14 ----A---- C:\Windows\system32\qedit.dll 2014-07-08 07:08:38 ----D---- C:\ProgramData\systemk 2014-06-22 15:35:16 ----HDC---- C:\ProgramData\{65645173-D674-42EE-9CA4-E050D7BF480F} 2014-06-22 15:35:06 ----D---- C:\Program Files (x86)\KPN 2014-06-20 02:39:32 ----A---- C:\Windows\FixCamera.exe 2014-06-20 02:39:32 ----A---- C:\Windows\Amcap.exe 2014-06-20 02:39:31 ----A---- C:\Windows\system32\vsnp2std.dll 2014-06-19 18:57:01 ----D---- C:\Users\administraaror\AppData\Roaming\Solvusoft 2014-06-18 20:19:53 ----A---- C:\Windows\system32\ntoskrnl.exe 2014-06-18 20:19:52 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2014-06-18 20:19:52 ----A---- C:\Windows\system32\ntdll.dll 2014-06-18 20:19:52 ----A---- C:\Windows\system32\localspl.dll 2014-06-18 20:19:51 ----A---- C:\Windows\SYSWOW64\WSShared.dll 2014-06-18 20:19:51 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-18 20:19:51 ----A---- C:\Windows\SYSWOW64\Robocopy.exe 2014-06-18 20:19:51 ----A---- C:\Windows\system32\WSShared.dll 2014-06-18 20:19:51 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-18 20:19:51 ----A---- C:\Windows\system32\Robocopy.exe 2014-06-15 18:00:08 ----D---- C:\Users\administraaror\AppData\Roaming\com.goplayalong 2014-06-15 18:00:06 ----D---- C:\Users\administraaror\AppData\Roaming\com.goplayalong.41DF8ADAAE31CA841C48A6C358D6E3DCCEC38798.1 2014-06-14 09:59:33 ----D---- C:\Users\administraaror\AppData\Roaming\BabSolution 2014-06-13 09:36:45 ----A---- C:\Windows\system32\rdpudd.dll 2014-06-13 09:36:45 ----A---- C:\Windows\system32\rdpcorets.dll 2014-06-13 09:36:40 ----A---- C:\Windows\system32\wusa.exe 2014-06-13 09:36:40 ----A---- C:\Windows\system32\drivers\srv2.sys 2014-06-13 09:36:39 ----A---- C:\Windows\SYSWOW64\wusa.exe 2014-06-13 09:36:35 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2014-06-13 09:36:35 ----A---- C:\Windows\system32\gdi32.dll 2014-06-13 09:35:26 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-13 09:35:25 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-06-13 09:35:25 ----A---- C:\Windows\system32\msxml3.dll 2014-06-10 21:50:24 ----A---- C:\Windows\system32\usbaaplrc.dll 2014-06-10 21:50:24 ----A---- C:\Windows\system32\drivers\usbaapl64.sys 2014-06-09 00:04:56 ----D---- C:\Program Files\McAfee Security Scan 2014-06-06 02:28:36 ----D---- C:\ProgramData\Screaming Bee 2014-06-05 02:51:41 ----A---- C:\Windows\system32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}w64.sys 2014-06-05 01:46:30 ----D---- C:\Users\administraaror\AppData\Roaming\YourFileDownloader 2014-05-28 03:36:05 ----A---- C:\Windows\system32\drivers\ArcSoftKsUFilter.sys 2014-05-28 03:35:56 ----A---- C:\Windows\SYSWOW64\PCDLIB32.DLL ======List of files/folders modified in the last 3 months====== 2014-08-20 09:34:39 ----D---- C:\Windows\Prefetch 2014-08-20 09:34:37 ----RD---- C:\Program Files 2014-08-20 09:31:49 ----D---- C:\Windows\Temp 2014-08-20 09:23:09 ----D---- C:\Windows\system32\Tasks 2014-08-20 09:00:00 ----D---- C:\Windows\system32\sru 2014-08-20 08:02:05 ----SHD---- C:\Windows\Installer 2014-08-20 08:02:04 ----SD---- C:\Users\administraaror\AppData\Roaming\Microsoft 2014-08-20 08:02:04 ----RD---- C:\Program Files (x86) 2014-08-20 07:34:47 ----SHD---- C:\System Volume Information 2014-08-20 07:22:34 ----D---- C:\Windows\tracing 2014-08-20 07:17:13 ----D---- C:\Windows\system32\config 2014-08-20 06:59:56 ----D---- C:\Users\administraaror\AppData\Roaming\vlc 2014-08-20 06:49:49 ----D---- C:\Windows\WinSxS 2014-08-20 06:46:29 ----D---- C:\Windows\system32\catroot2 2014-08-20 06:44:39 ----D---- C:\Windows\Minidump 2014-08-20 06:44:39 ----D---- C:\Windows 2014-08-20 06:24:36 ----D---- C:\Windows\AUInstallAgent 2014-08-20 06:24:35 ----HD---- C:\Program Files\WindowsApps 2014-08-20 06:20:47 ----RD---- C:\Windows\System32 2014-08-20 06:20:44 ----D---- C:\ProgramData\NVIDIA 2014-08-20 04:53:56 ----D---- C:\Windows\Microsoft.NET 2014-08-13 12:47:31 ----D---- C:\Windows\Inf 2014-08-13 12:38:17 ----D---- C:\Windows\SysWOW64 2014-08-13 12:38:16 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-13 12:30:07 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-08-13 09:23:09 ----D---- C:\Windows\Tasks 2014-08-11 23:22:34 ----HD---- C:\ProgramData 2014-08-11 22:59:32 ----D---- C:\Windows\system32\Drivers 2014-08-07 22:46:00 ----D---- C:\Program Files (x86)\Common Files 2014-08-06 19:22:48 ----D---- C:\Windows\rescache 2014-08-06 16:15:48 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-08-06 16:15:48 ----D---- C:\Windows\system32\nl-NL 2014-08-06 16:15:47 ----D---- C:\Windows\system32\DriverStore 2014-08-06 16:10:52 ----D---- C:\Windows\CbsTemp 2014-08-06 15:13:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-08-05 19:05:32 ----A---- C:\Windows\system32\roboot64.exe 2014-08-05 15:28:33 ----D---- C:\Windows\system32\catroot 2014-08-05 15:27:56 ----D---- C:\Program Files\Common Files 2014-08-04 14:01:29 ----D---- C:\Windows\system32\wbem 2014-08-04 14:00:32 ----D---- C:\Windows\system32\drivers\etc 2014-08-04 14:00:32 ----D---- C:\Windows\system32\CodeIntegrity 2014-08-04 14:00:14 ----D---- C:\ProgramData\McAfee Security Scan 2014-08-04 13:59:30 ----D---- C:\Windows\registration 2014-08-04 13:59:03 ----D---- C:\Windows\system32\Sysprep 2014-08-04 13:57:44 ----SD---- C:\ProgramData\Microsoft 2014-08-04 13:26:14 ----D---- C:\Windows\system32\NDF 2014-07-27 02:28:56 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2014-07-27 02:27:59 ----RD---- C:\Users 2014-07-27 02:27:59 ----D---- C:\Program Files\NVIDIA Corporation 2014-07-27 01:35:40 ----A---- C:\Windows\win.ini 2014-07-27 00:19:13 ----D---- C:\Users\administraaror\AppData\Roaming\NCH Software 2014-07-26 23:35:25 ----D---- C:\ProgramData\Temp 2014-07-26 22:58:53 ----D---- C:\Users\administraaror\AppData\Roaming\Systweak 2014-07-26 20:22:39 ----A---- C:\Windows\SYSWOW64\engine.dll 2014-07-24 23:33:35 ----D---- C:\Program Files\Microsoft Silverlight 2014-07-24 23:33:31 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-07-24 03:31:29 ----D---- C:\Users\administraaror\AppData\Roaming\OpenCandy 2014-07-23 12:17:59 ----D---- C:\Program Files (x86)\Internet Explorer 2014-07-23 12:17:54 ----D---- C:\Program Files\Internet Explorer 2014-07-23 12:17:54 ----D---- C:\Program Files\Dell 2014-07-23 12:17:49 ----D---- C:\Program Files\Windows Journal 2014-07-23 12:14:39 ----D---- C:\Users\administraaror\AppData\Roaming\ArcSoft 2014-07-23 12:14:17 ----D---- C:\Windows\PolicyDefinitions 2014-07-23 12:14:10 ----D---- C:\Windows\ShellNew 2014-07-23 12:14:04 ----D---- C:\Windows\system32\drivers\UMDF 2014-07-23 12:14:03 ----D---- C:\Windows\system32\SecureBootUpdates 2014-07-23 12:14:00 ----D---- C:\Windows\WinStore 2014-07-23 12:14:00 ----D---- C:\Windows\twain_32 2014-07-23 08:52:00 ----D---- C:\Program Files\Common Files\Services 2014-07-23 07:23:10 ----D---- C:\Users\administraaror\AppData\Roaming\Research in Motion 2014-07-23 07:22:37 ----RSD---- C:\Windows\Fonts 2014-07-23 06:57:58 ----D---- C:\Windows\SYSWOW64\drivers 2014-07-22 03:05:07 ----D---- C:\Windows\system32\MRT 2014-07-22 03:03:18 ----A---- C:\Windows\system32\MRT.exe 2014-06-20 02:13:55 ----RSD---- C:\Windows\assembly 2014-06-18 20:10:42 ----D---- C:\Program Files (x86)\IObit 2014-05-28 03:36:12 ----D---- C:\Windows\System ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 pavboot;Panda boot driver; C:\Windows\system32\Drivers\pavboot64.sys [2010-06-22 30792] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-07-27 486192] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528] R1 ShldFlt;Panda File Shield Driver; C:\Windows\System32\DRIVERS\ShldFlt.sys [2009-10-27 48136] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000] R2 AmFSM;AmFSM; C:\Windows\system32\DRIVERS\amm6460.sys [2012-03-26 71432] R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144] R3 AN983X64;@oem5.inf,%ADM9X64.Service.DispName%;Infineon AN983B PCI Fast Ethernet Adapter for Windows X64; C:\Windows\system32\DRIVERS\AN983X64.sys [2005-05-19 48128] R3 e1express;@nete1e3e.inf,%E1Express.Service.DispName%;Stuurprogramma voor Intel® PRO/1000 PCI Express-netwerkverbinding; C:\Windows\system32\DRIVERS\e1e6032e.sys [2012-06-02 300544] R3 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-03-21 12708128] R3 PavTPK.sys;PavTPK.sys; \??\C:\Windows\syswow64\PavTPK.sys [] R3 RimVSerPort;@oem21.inf,%RimVSerPort%;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2012-07-26 11776] R3 stdriver;SoundTap Filter Driver v6.07.00; C:\Windows\system32\DRIVERS\stdriverx64.sys [2014-05-16 33488] R3 VCSVADHWSer;@oem19.inf,%DeviceName% (WDM);Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504] R3 voxaldriver;Voxal Filter Driver 2.12.01; C:\Windows\system32\DRIVERS\voxaldriverx64.sys [2014-05-16 34512] S3 61883;@61883.inf,%61883_Unit.ServiceDesc%;61883-eenheidsapparaat; C:\Windows\system32\DRIVERS\61883.sys [2012-07-26 61440] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-03 19968] S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712] S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040] S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752] S3 netr7364;@netr7364.inf,%General.Service.DispName%;Stuurprogramma voor RT73 USB Extensible draadloze LAN-kaart; C:\Windows\system32\DRIVERS\netr7364.sys [2012-06-02 729152] S3 PAC207;@oem7.inf,%str_Description%;PC Camer@; C:\Windows\system32\DRIVERS\PFC027.SYS [2008-02-13 686592] S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672] S3 ScreamBAudioSvc;@oem14.inf,%sbee_audio.SvcDesc%;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992] S3 scvad_simple;@oem12.inf,%scvad_simple.SvcDesc%;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-04-24 23552] S3 SNP2STD;@oem24.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [] S3 splitcam_hd_driver;@oem11.inf,%splitcam_hd_driver.DeviceDesc%;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-07-12 37496] S3 USBAAPL64;@oem22.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-06-10 54784] S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-06 121984] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-02 43008] S4 ManyCam;@oem15.inf,%ManyCam.DeviceDesc%;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2013-11-27 52128] S4 mcaudrv_simple;@oem16.inf,%mcaudrv_simple.SvcDesc%;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-12-06 35232] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336] R2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-07-22 36424] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968] R2 Panda Software Controller;Panda Software Controller; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe [2012-11-19 177440] R2 PAVFNSVR;Panda Function Service; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PavFnSvr.exe [2012-09-21 202016] R2 PavPrSrv;Panda Process Protection Service; C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768] R2 PskSvcRetail;Panda PSK service; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PskSvc.exe [2010-08-16 28992] R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2013-04-25 75584] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936] R2 TPSrv;Panda TPSrv; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\TPSrvWow.exe [2012-11-16 173344] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-01 116648] S2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\pavsrvx86.exe [2011-04-13 313664] S2 PSIMSVC;Panda IManager Service; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsImSvc.exe [2008-06-19 108288] S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-24 262320] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-01 116648] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] -----------------EOF----------------- [ATTACH]34918[/ATTACH] log.txt

Logfile of random's system information tool 1.10 (written by random/random) Run by administraaror at 2014-08-20 09:34:37 Microsoft Windows 8 Pro System drive C: has 78 GB (47%) free of 165 GB Total RAM: 3054 MB (38% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:34:39, on 20-8-2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.17028) Boot mode: Normal Running processes: C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA ANTIVIRUS PRO 2014\WebProxy.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\ZooToolbar\WBrokerSockets.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\ADMINI~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\administraaror.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fRrvugmxlJOT40l3ePPj8-059HVvGjtksvRS5aNdwvQREAWYh-OuJd7Eabt6VqBBcrl01-8tyMsgnvW6-FEEQnLKnilEwCwj6RL-wGPwN0LnSSNESDPz-ZYUcUkNDkp4Gg_bZp5t4SCCjWO9uTnXdWUVtv-pYHmMx0acyiLrdu3js_YLGOLDnweR92Jsk0Y,&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Max Start Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = V9 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1389673782&from=tugs&uid=WDCXWD2500JS-60NCB1_WD-WCANK882271822718&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1389673782&from=tugs&uid=WDCXWD2500JS-60NCB1_WD-WCANK882271822718&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Speedial Search R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fRrvugmxlJOT40l3ePPj8-059HVvGjtksvRS5aNdwvQREAWYh-OuJd7Eabt6VqBBcrl01-8tyMsgnvW6-FEEQnLKnilEwCwj6RL-wGPwN0LnSSNESDPz-ZYUcUkNDkp4Gg_bZp5t4SCCjWO9uTnXdWUVtv-pYHmMx0acyiLrdu3js_YLGOLDnweR92Jsk0Y,&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fRrvugmxlJOT40l3ePPj8-059HVvGjtksvRS5aNdwvQREAWYh-OuJd7Eabt6VqBBcrl01-8tyMsgnvW6-FEEQnLKnilEwCwj6RL-wGPwN0LnSSNESDPz-ZYUcUkNDkp4Gg_bZp5t4SCCjWO9uTnXdWUVtv-pYHmMx0acyiLrdu3js_YLGOLDnweR92Jsk0Y,&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe, O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~2\ArcSoft\VIDEOD~1\ARCURL~1.DLL (file missing) O2 - BHO: Speed Test 127 - {11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} - (no file) O2 - BHO: Bizzybolt - {13070af0-bc6c-4185-8baa-40a4cf05b323} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: ToolbarBHO Class - {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll (file missing) O2 - BHO: Free Games 111 - {C45EC9F0-8333-465D-9728-074BD41985C9} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (file missing) O3 - Toolbar: RAW Thumbnail Viewer - {F301665A-12F8-4331-804A-5BCBD379668C} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll (file missing) O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (file missing) O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\Inicio.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [AppSafe] C:\Program Files (x86)\AppSafe\AppSafe.exe O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512" O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user') O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\pavsrvx86.exe O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PskSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\TPSrvWow.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16835 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PskSvc.exe" "dwm.exe" "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\TPSrvWow.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs "C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA ANTIVIRUS PRO 2014\WebProxy.exe" oso_XGCGLR C:\Windows\system32\svchost.exe -k LocalService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe" "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe" "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PavFnSvr.exe" "C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe" "C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe" C:\Windows\system32\svchost.exe -k imgsvc taskeng.exe {2C29CC21-0A4A-4D1C-9F34-720DC1978218} taskhostex.exe C:\Windows\Explorer.EXE "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe" taskeng.exe {0C1FDE4F-DADE-4490-BB7D-ACA0C12D9FA2} "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c "C:\Program Files (x86)\ZooToolbar\WBrokerSockets.exe" "C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe" C:\Windows\System32\alg.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe" "C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe" /loaddll C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\MyPC Backup\BackupStack.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\wdi.dll",WdipLaunchRunDLLUserHost "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.9.423997198\1349633372" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.11.1351528242\2027297398" /prefetch:673131151 C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.22.1523460462\716791833" /prefetch:673131151 C:\Users\ADMINI~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="864.29.1407125218\646690164" --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\administraaror\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0" --gpu-driver-bug-workarounds=0,1,14,27,29,33 --gpu-vendor-id=0x10de --gpu-device-id=0x0640 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.31.1909630484\648216260" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.34.202382525\1641566201" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.40.285749601\1050036745" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="864.41.62884900\451477177" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.42.1113516226\1791159721" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="864.44.415020637\633102227" /prefetch:673131151 "C:\Users\administraaror\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\AppCloudUpdater.job - C:\Users\ADMINI~1\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\tasks\AppSafe.job - C:\Program Files (x86)\AppSafe\AppSafe.exe -scan C:\Windows\tasks\Digital Sites.job - C:\Users\ADMINI~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\tasks\DriverDoc_UPDATES.job - C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe -updatecheck C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun C:\Windows\tasks\FoxTab.job - C:\Users\ADMINI~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\Norton Security Scan for administraaror.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled C:\Windows\tasks\Tuneup Pro_DEFAULT.job - C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe -default C:\Windows\tasks\Tuneup Pro_UPDATES.job - C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe -updatecheck ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}] Speed Test 127 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-04 537576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C45EC9F0-8333-465D-9728-074BD41985C9}] Free Games 111 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-04 193512] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}] IEPlugin Class - C:\PROGRA~2\ArcSoft\VIDEOD~1\ARCURL~1.DLL [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}] Speed Test 127 [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13070af0-bc6c-4185-8baa-40a4cf05b323}] Bizzybolt [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9519AF7E-638D-4933-BAD6-D33D23C79FE5}] ToolbarBHO Class - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C45EC9F0-8333-465D-9728-074BD41985C9}] Free Games 111 [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}] mysearchdial Helper Object - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {F301665A-12F8-4331-804A-5BCBD379668C} - RAW Thumbnail Viewer - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll [] {3004627E-F8E9-4E8B-909D-316753CBA923} - mysearchdial Toolbar - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll [] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008] "PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2007-12-10 323584] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-21 1797064] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AppSafe"=C:\Program Files (x86)\AppSafe\AppSafe.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992] "Uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512"=C:\Windows\system32\cmd.exe [2012-07-26 404992] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "APVXDWIN"=C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\APVXDWIN.EXE [2013-09-30 1062880] "SCANINICIO"=C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\Inicio.exe [2013-09-30 71648] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Users\administraaror\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr] C:\Windows\system32\avldr64.dll [2010-03-24 64768] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe] "Debugger=" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi1"=wdmaud.drv "mixer3"=wdmaud.drv "aux1"=wdmaud.drv "wave4"=wdmaud.drv "midi2"=wdmaud.drv "mixer4"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\PROGRA~2\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* .vbs - open - C:\PROGRA~2\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* ======List of files/folders created in the last 3 months====== 2014-08-20 09:34:37 ----D---- C:\rsit 2014-08-20 09:34:37 ----D---- C:\Program Files\trend micro 2014-08-20 08:02:04 ----D---- C:\Program Files (x86)\Trend Micro 2014-08-13 12:37:05 ----D---- C:\Program Files\iPod 2014-08-13 12:37:03 ----D---- C:\Program Files\iTunes 2014-08-13 12:37:03 ----D---- C:\Program Files (x86)\iTunes 2014-08-13 12:33:38 ----D---- C:\Program Files\Bonjour 2014-08-13 12:33:38 ----D---- C:\Program Files (x86)\Bonjour 2014-08-13 09:23:33 ----D---- C:\Program Files (x86)\MyPC Backup 2014-08-13 09:22:56 ----D---- C:\Program Files (x86)\Tuneup Pro 2014-08-13 09:22:36 ----D---- C:\Users\administraaror\AppData\Roaming\Tuneup Pro 2014-08-07 16:55:19 ----D---- C:\Users\administraaror\AppData\Roaming\iStonsoft 2014-08-07 16:55:05 ----D---- C:\Program Files (x86)\iStonsoft 2014-08-07 16:31:56 ----D---- C:\Program Files (x86)\Microsoft OneDrive 2014-08-06 16:11:21 ----A---- C:\Windows\system32\drivers\hdaudbus.sys 2014-08-06 16:11:10 ----A---- C:\Windows\system32\drivers\mountmgr.sys 2014-08-06 16:11:10 ----A---- C:\Windows\system32\drivers\Classpnp.sys 2014-08-06 13:45:31 ----D---- C:\Users\administraaror\AppData\Roaming\DriverCure 2014-08-06 13:45:30 ----D---- C:\Users\administraaror\AppData\Roaming\ParetoLogic 2014-08-06 13:45:19 ----D---- C:\ProgramData\ParetoLogic 2014-08-05 15:30:48 ----D---- C:\Users\administraaror\AppData\Roaming\Apple Computer 2014-08-05 15:30:37 ----DC---- C:\Windows\system32\DRVSTORE 2014-08-05 15:30:37 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys 2014-08-05 15:28:35 ----D---- C:\Program Files (x86)\Apple Software Update 2014-08-05 15:27:56 ----D---- C:\Program Files\Common Files\Apple 2014-08-05 15:27:28 ----D---- C:\ProgramData\Apple 2014-08-05 01:38:25 ----A---- C:\Windows\SYSWOW64\wudriver.dll 2014-08-05 01:38:25 ----A---- C:\Windows\system32\wudriver.dll 2014-08-05 01:38:25 ----A---- C:\Windows\system32\storewuauth.dll 2014-08-05 01:38:22 ----A---- C:\Windows\system32\WUSettingsProvider.dll 2014-08-05 01:38:22 ----A---- C:\Windows\system32\wuauclt.exe 2014-08-05 01:38:19 ----A---- C:\Windows\SYSWOW64\wuapi.dll 2014-08-05 01:38:19 ----A---- C:\Windows\system32\wucltux.dll 2014-08-05 01:38:19 ----A---- C:\Windows\system32\wuaueng.dll 2014-08-05 01:38:19 ----A---- C:\Windows\system32\wuapi.dll 2014-08-05 01:38:12 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2014-08-05 01:38:12 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2014-08-05 01:38:12 ----A---- C:\Windows\system32\wuwebv.dll 2014-08-05 01:38:12 ----A---- C:\Windows\system32\wuapp.exe 2014-08-04 11:17:31 ----D---- C:\Users\administraaror\AppData\Roaming\Software Informer 2014-08-04 11:17:30 ----D---- C:\Program Files\Software Informer 2014-08-04 07:30:53 ----A---- C:\Windows\system32\PavCPL64.dat 2014-08-04 07:30:48 ----A---- C:\Windows\system32\drivers\pavboot64.sys 2014-08-04 07:30:05 ----A---- C:\Windows\SYSWOW64\HHActiveX.dll 2014-08-04 07:29:50 ----A---- C:\Windows\SYSWOW64\TpUtilWow.dll 2014-08-04 07:29:50 ----A---- C:\Windows\SYSWOW64\sysHelper32.dll 2014-08-04 07:29:49 ----A---- C:\Windows\SYSWOW64\PavSHookWow.dll 2014-08-04 07:29:49 ----A---- C:\Windows\SYSWOW64\PavLspHookWow.dll 2014-08-04 07:29:49 ----A---- C:\Windows\SYSWOW64\PavIpcWow.dll 2014-08-04 07:29:49 ----A---- C:\Windows\system32\TpUtil64.dll 2014-08-04 07:29:49 ----A---- C:\Windows\system32\sysHelper64.dll 2014-08-04 07:29:49 ----A---- C:\Windows\system32\PavSHook64.dll 2014-08-04 07:29:49 ----A---- C:\Windows\system32\PavLspHook64.dll 2014-08-04 07:29:49 ----A---- C:\Windows\system32\PavIpc64.dll 2014-08-04 07:29:46 ----D---- C:\ProgramData\Panda Security 2014-08-04 07:29:46 ----A---- C:\Windows\system32\drivers\amm6460.sys 2014-08-04 07:29:46 ----A---- C:\Windows\system32\avldr64.dll 2014-08-04 07:29:45 ----D---- C:\Program Files (x86)\Panda Security 2014-08-04 07:29:34 ----A---- C:\Windows\system32\drivers\ShldFlt.sys 2014-07-27 02:46:16 ----D---- C:\Windows\system32\drivers\NSSx64 2014-07-27 02:46:16 ----D---- C:\ProgramData\Norton 2014-07-27 02:43:48 ----D---- C:\Windows\SYSWOW64\Adobe 2014-07-27 02:28:51 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe 2014-07-27 01:08:10 ----A---- C:\Windows\Launcher.exe 2014-07-27 01:08:09 ----D---- C:\Program Files (x86)\ZooToolbar 2014-07-27 00:24:35 ----D---- C:\ProgramData\NCH Software 2014-07-26 23:14:54 ----A---- C:\Windows\system32\ExtraInfo.txt 2014-07-26 22:49:59 ----D---- C:\Users\administraaror\AppData\Roaming\rightbackup 2014-07-26 22:49:59 ----D---- C:\Users\administraaror\AppData\Roaming\ASP 2014-07-26 22:29:04 ----D---- C:\ProgramData\Informer Technologies, Inc 2014-07-26 22:13:44 ----A---- C:\Windows\Reimage.ini 2014-07-24 03:48:19 ----D---- C:\Program Files (x86)\DriverToolkit 2014-07-24 03:31:20 ----D---- C:\Users\administraaror\AppData\Roaming\rmi 2014-07-23 13:19:58 ----D---- C:\Users\administraaror\AppData\Roaming\sparta111 2014-07-23 12:52:50 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll 2014-07-23 12:52:50 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll 2014-07-23 12:52:50 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll 2014-07-23 12:52:50 ----A---- C:\Windows\system32\xactengine3_7.dll 2014-07-23 12:52:50 ----A---- C:\Windows\system32\d3dx10_43.dll 2014-07-23 12:52:50 ----A---- C:\Windows\system32\d3dcsx_43.dll 2014-07-23 12:52:49 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll 2014-07-23 12:52:49 ----A---- C:\Windows\system32\D3DX9_43.dll 2014-07-23 12:52:48 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll 2014-07-23 12:52:48 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll 2014-07-23 12:52:48 ----A---- C:\Windows\system32\XAudio2_6.dll 2014-07-23 12:52:48 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2014-07-23 12:52:47 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll 2014-07-23 12:52:47 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll 2014-07-23 12:52:47 ----A---- C:\Windows\system32\xactengine3_6.dll 2014-07-23 12:52:47 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2014-07-23 12:52:46 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll 2014-07-23 12:52:46 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll 2014-07-23 12:52:46 ----A---- C:\Windows\system32\XAudio2_5.dll 2014-07-23 12:52:46 ----A---- C:\Windows\system32\xactengine3_5.dll 2014-07-23 12:52:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll 2014-07-23 12:52:45 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\system32\D3DX9_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\system32\d3dx11_42.dll 2014-07-23 12:52:44 ----A---- C:\Windows\system32\d3dcsx_42.dll 2014-07-23 12:52:43 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll 2014-07-23 12:52:43 ----A---- C:\Windows\system32\D3DX9_41.dll 2014-07-23 12:52:43 ----A---- C:\Windows\system32\d3dx10_41.dll 2014-07-23 12:52:43 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2014-07-23 12:52:42 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll 2014-07-23 12:52:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll 2014-07-23 12:52:42 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll 2014-07-23 12:52:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll 2014-07-23 12:52:42 ----A---- C:\Windows\system32\XAudio2_4.dll 2014-07-23 12:52:42 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2014-07-23 12:52:42 ----A---- C:\Windows\system32\xactengine3_4.dll 2014-07-23 12:52:42 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2014-07-23 12:52:41 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll 2014-07-23 12:52:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll 2014-07-23 12:52:41 ----A---- C:\Windows\system32\d3dx10_40.dll 2014-07-23 12:52:41 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2014-07-23 12:52:40 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll 2014-07-23 12:52:40 ----A---- C:\Windows\system32\D3DX9_40.dll 2014-07-23 12:52:39 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll 2014-07-23 12:52:39 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll 2014-07-23 12:52:39 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll 2014-07-23 12:52:39 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll 2014-07-23 12:52:39 ----A---- C:\Windows\system32\XAudio2_3.dll 2014-07-23 12:52:39 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2014-07-23 12:52:39 ----A---- C:\Windows\system32\xactengine3_3.dll 2014-07-23 12:52:39 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2014-07-23 12:52:38 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll 2014-07-23 12:52:38 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll 2014-07-23 12:52:38 ----A---- C:\Windows\system32\XAudio2_2.dll 2014-07-23 12:52:38 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2014-07-23 12:52:37 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll 2014-07-23 12:52:37 ----A---- C:\Windows\system32\xactengine3_2.dll 2014-07-23 12:52:36 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll 2014-07-23 12:52:36 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll 2014-07-23 12:52:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll 2014-07-23 12:52:36 ----A---- C:\Windows\system32\D3DX9_39.dll 2014-07-23 12:52:36 ----A---- C:\Windows\system32\d3dx10_39.dll 2014-07-23 12:52:36 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2014-07-23 12:52:35 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll 2014-07-23 12:52:35 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll 2014-07-23 12:52:35 ----A---- C:\Windows\system32\XAudio2_1.dll 2014-07-23 12:52:35 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2014-07-23 12:52:34 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll 2014-07-23 12:52:34 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll 2014-07-23 12:52:34 ----A---- C:\Windows\system32\xactengine3_1.dll 2014-07-23 12:52:34 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2014-07-23 12:52:33 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll 2014-07-23 12:52:33 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll 2014-07-23 12:52:33 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll 2014-07-23 12:52:33 ----A---- C:\Windows\system32\D3DX9_38.dll 2014-07-23 12:52:33 ----A---- C:\Windows\system32\d3dx10_38.dll 2014-07-23 12:52:33 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2014-07-23 12:52:32 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll 2014-07-23 12:52:32 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll 2014-07-23 12:52:32 ----A---- C:\Windows\system32\XAudio2_0.dll 2014-07-23 12:52:32 ----A---- C:\Windows\system32\xactengine3_0.dll 2014-07-23 12:52:31 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll 2014-07-23 12:52:31 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll 2014-07-23 12:52:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll 2014-07-23 12:52:31 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2014-07-23 12:52:31 ----A---- C:\Windows\system32\d3dx10_37.dll 2014-07-23 12:52:31 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2014-07-23 12:52:30 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll 2014-07-23 12:52:30 ----A---- C:\Windows\system32\D3DX9_37.dll 2014-07-23 12:52:29 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll 2014-07-23 12:52:29 ----A---- C:\Windows\system32\xactengine2_10.dll 2014-07-23 12:52:28 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll 2014-07-23 12:52:28 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll 2014-07-23 12:52:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll 2014-07-23 12:52:28 ----A---- C:\Windows\system32\d3dx9_36.dll 2014-07-23 12:52:28 ----A---- C:\Windows\system32\d3dx10_36.dll 2014-07-23 12:52:28 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2014-07-23 12:52:27 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll 2014-07-23 12:52:27 ----A---- C:\Windows\system32\xactengine2_9.dll 2014-07-23 12:52:26 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll 2014-07-23 12:52:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll 2014-07-23 12:52:26 ----A---- C:\Windows\system32\d3dx10_35.dll 2014-07-23 12:52:26 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2014-07-23 12:52:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll 2014-07-23 12:52:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll 2014-07-23 12:52:25 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll 2014-07-23 12:52:25 ----A---- C:\Windows\system32\xactengine2_8.dll 2014-07-23 12:52:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2014-07-23 12:52:25 ----A---- C:\Windows\system32\d3dx9_35.dll 2014-07-23 12:52:24 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll 2014-07-23 12:52:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll 2014-07-23 12:52:24 ----A---- C:\Windows\system32\d3dx10_34.dll 2014-07-23 12:52:24 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2014-07-23 12:52:23 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll 2014-07-23 12:52:23 ----A---- C:\Windows\system32\d3dx9_34.dll 2014-07-23 12:52:22 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll 2014-07-23 12:52:22 ----A---- C:\Windows\system32\xinput1_3.dll 2014-07-23 12:52:21 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll 2014-07-23 12:52:21 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll 2014-07-23 12:52:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll 2014-07-23 12:52:21 ----A---- C:\Windows\system32\xactengine2_7.dll 2014-07-23 12:52:21 ----A---- C:\Windows\system32\d3dx10_33.dll 2014-07-23 12:52:21 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2014-07-23 12:52:20 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll 2014-07-23 12:52:20 ----A---- C:\Windows\system32\d3dx9_33.dll 2014-07-23 12:52:19 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll 2014-07-23 12:52:19 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll 2014-07-23 12:52:19 ----A---- C:\Windows\system32\xactengine2_6.dll 2014-07-23 12:52:19 ----A---- C:\Windows\system32\x3daudio1_1.dll 2014-07-23 12:49:24 ----HD---- C:\Windows\msdownld.tmp 2014-07-23 12:49:16 ----D---- C:\Windows\SYSWOW64\directx 2014-07-23 06:56:01 ----D---- C:\Users\administraaror\AppData\Roaming\InstallShield 2014-07-23 05:31:51 ----D---- C:\Users\administraaror\AppData\Roaming\FreeFixer 2014-07-23 05:31:33 ----D---- C:\Program Files\FreeFixer 2014-07-22 09:00:40 ----A---- C:\Windows\system32\FNTCACHE.DAT 2014-07-22 03:11:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-07-21 15:18:54 ----A---- C:\Windows\system32\win32k.sys 2014-07-21 15:18:34 ----A---- C:\Windows\system32\osk.exe 2014-07-21 15:18:32 ----A---- C:\Windows\SYSWOW64\osk.exe 2014-07-21 15:18:10 ----A---- C:\Windows\system32\InkEd.dll 2014-07-21 15:17:52 ----A---- C:\Windows\system32\lsasrv.dll 2014-07-21 15:17:50 ----A---- C:\Windows\SYSWOW64\SHCore.dll 2014-07-21 15:17:50 ----A---- C:\Windows\system32\SHCore.dll 2014-07-21 15:17:50 ----A---- C:\Windows\system32\lsm.dll 2014-07-21 15:15:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-07-21 15:14:38 ----A---- C:\Windows\system32\mshtml.dll 2014-07-21 15:13:48 ----A---- C:\Windows\system32\ieframe.dll 2014-07-21 15:13:43 ----A---- C:\Windows\system32\jscript9.dll 2014-07-21 15:13:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-07-21 15:13:40 ----A---- C:\Windows\system32\iedkcs32.dll 2014-07-21 15:13:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-07-21 15:13:35 ----A---- C:\Windows\system32\iertutil.dll 2014-07-21 15:13:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-07-21 15:13:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-07-21 15:13:32 ----A---- C:\Windows\system32\wininet.dll 2014-07-21 15:13:32 ----A---- C:\Windows\system32\urlmon.dll 2014-07-21 15:13:30 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-07-21 15:13:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-07-21 15:13:29 ----A---- C:\Windows\system32\jscript.dll 2014-07-21 15:13:29 ----A---- C:\Windows\system32\dxtmsft.dll 2014-07-21 15:13:26 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-07-21 15:13:26 ----A---- C:\Windows\system32\msfeeds.dll 2014-07-21 15:13:26 ----A---- C:\Windows\system32\dxtrans.dll 2014-07-21 15:13:25 ----A---- C:\Windows\SYSWOW64\jscript.dll 2014-07-21 15:13:25 ----A---- C:\Windows\system32\uxtheme.dll 2014-07-21 15:13:25 ----A---- C:\Windows\system32\mshtmled.dll 2014-07-21 15:13:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-07-21 15:13:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-07-21 15:13:24 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2014-07-21 15:13:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-07-21 15:13:24 ----A---- C:\Windows\system32\iesysprep.dll 2014-07-21 15:13:23 ----A---- C:\Windows\SYSWOW64\UXInit.dll 2014-07-21 15:13:23 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-07-21 15:13:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-07-21 15:13:23 ----A---- C:\Windows\system32\UXInit.dll 2014-07-21 15:13:23 ----A---- C:\Windows\system32\msrating.dll 2014-07-21 15:13:23 ----A---- C:\Windows\system32\jsproxy.dll 2014-07-21 15:13:23 ----A---- C:\Windows\system32\iernonce.dll 2014-07-21 15:13:23 ----A---- C:\Windows\system32\ie4uinit.exe 2014-07-21 15:13:22 ----A---- C:\Windows\SYSWOW64\uxtheme.dll 2014-07-21 15:13:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-07-21 15:13:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-07-21 15:13:22 ----A---- C:\Windows\system32\iesetup.dll 2014-07-21 15:13:15 ----A---- C:\Windows\system32\drivers\afd.sys 2014-07-21 15:13:14 ----A---- C:\Windows\SYSWOW64\qedit.dll 2014-07-21 15:13:14 ----A---- C:\Windows\system32\qedit.dll 2014-07-08 07:08:38 ----D---- C:\ProgramData\systemk 2014-06-22 15:35:16 ----HDC---- C:\ProgramData\{65645173-D674-42EE-9CA4-E050D7BF480F} 2014-06-22 15:35:06 ----D---- C:\Program Files (x86)\KPN 2014-06-20 02:39:32 ----A---- C:\Windows\FixCamera.exe 2014-06-20 02:39:32 ----A---- C:\Windows\Amcap.exe 2014-06-20 02:39:31 ----A---- C:\Windows\system32\vsnp2std.dll 2014-06-19 18:57:01 ----D---- C:\Users\administraaror\AppData\Roaming\Solvusoft 2014-06-18 20:19:53 ----A---- C:\Windows\system32\ntoskrnl.exe 2014-06-18 20:19:52 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2014-06-18 20:19:52 ----A---- C:\Windows\system32\ntdll.dll 2014-06-18 20:19:52 ----A---- C:\Windows\system32\localspl.dll 2014-06-18 20:19:51 ----A---- C:\Windows\SYSWOW64\WSShared.dll 2014-06-18 20:19:51 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-18 20:19:51 ----A---- C:\Windows\SYSWOW64\Robocopy.exe 2014-06-18 20:19:51 ----A---- C:\Windows\system32\WSShared.dll 2014-06-18 20:19:51 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-18 20:19:51 ----A---- C:\Windows\system32\Robocopy.exe 2014-06-15 18:00:08 ----D---- C:\Users\administraaror\AppData\Roaming\com.goplayalong 2014-06-15 18:00:06 ----D---- C:\Users\administraaror\AppData\Roaming\com.goplayalong.41DF8ADAAE31CA841C48A6C358D6E3DCCEC38798.1 2014-06-14 09:59:33 ----D---- C:\Users\administraaror\AppData\Roaming\BabSolution 2014-06-13 09:36:45 ----A---- C:\Windows\system32\rdpudd.dll 2014-06-13 09:36:45 ----A---- C:\Windows\system32\rdpcorets.dll 2014-06-13 09:36:40 ----A---- C:\Windows\system32\wusa.exe 2014-06-13 09:36:40 ----A---- C:\Windows\system32\drivers\srv2.sys 2014-06-13 09:36:39 ----A---- C:\Windows\SYSWOW64\wusa.exe 2014-06-13 09:36:35 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2014-06-13 09:36:35 ----A---- C:\Windows\system32\gdi32.dll 2014-06-13 09:35:26 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-13 09:35:25 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-06-13 09:35:25 ----A---- C:\Windows\system32\msxml3.dll 2014-06-10 21:50:24 ----A---- C:\Windows\system32\usbaaplrc.dll 2014-06-10 21:50:24 ----A---- C:\Windows\system32\drivers\usbaapl64.sys 2014-06-09 00:04:56 ----D---- C:\Program Files\McAfee Security Scan 2014-06-06 02:28:36 ----D---- C:\ProgramData\Screaming Bee 2014-06-05 02:51:41 ----A---- C:\Windows\system32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}w64.sys 2014-06-05 01:46:30 ----D---- C:\Users\administraaror\AppData\Roaming\YourFileDownloader 2014-05-28 03:36:05 ----A---- C:\Windows\system32\drivers\ArcSoftKsUFilter.sys 2014-05-28 03:35:56 ----A---- C:\Windows\SYSWOW64\PCDLIB32.DLL ======List of files/folders modified in the last 3 months====== 2014-08-20 09:34:37 ----RD---- C:\Program Files 2014-08-20 09:31:49 ----D---- C:\Windows\Temp 2014-08-20 09:23:09 ----D---- C:\Windows\system32\Tasks 2014-08-20 09:00:00 ----D---- C:\Windows\system32\sru 2014-08-20 08:02:05 ----SHD---- C:\Windows\Installer 2014-08-20 08:02:04 ----SD---- C:\Users\administraaror\AppData\Roaming\Microsoft 2014-08-20 08:02:04 ----RD---- C:\Program Files (x86) 2014-08-20 08:01:08 ----D---- C:\Windows\Prefetch 2014-08-20 07:34:47 ----SHD---- C:\System Volume Information 2014-08-20 07:22:34 ----D---- C:\Windows\tracing 2014-08-20 07:17:13 ----D---- C:\Windows\system32\config 2014-08-20 06:59:56 ----D---- C:\Users\administraaror\AppData\Roaming\vlc 2014-08-20 06:49:49 ----D---- C:\Windows\WinSxS 2014-08-20 06:46:29 ----D---- C:\Windows\system32\catroot2 2014-08-20 06:44:39 ----D---- C:\Windows\Minidump 2014-08-20 06:44:39 ----D---- C:\Windows 2014-08-20 06:24:36 ----D---- C:\Windows\AUInstallAgent 2014-08-20 06:24:35 ----HD---- C:\Program Files\WindowsApps 2014-08-20 06:20:47 ----RD---- C:\Windows\System32 2014-08-20 06:20:44 ----D---- C:\ProgramData\NVIDIA 2014-08-20 04:53:56 ----D---- C:\Windows\Microsoft.NET 2014-08-13 12:47:31 ----D---- C:\Windows\Inf 2014-08-13 12:38:17 ----D---- C:\Windows\SysWOW64 2014-08-13 12:38:16 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-13 12:30:07 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-08-13 09:23:09 ----D---- C:\Windows\Tasks 2014-08-11 23:22:34 ----HD---- C:\ProgramData 2014-08-11 22:59:32 ----D---- C:\Windows\system32\Drivers 2014-08-07 22:46:00 ----D---- C:\Program Files (x86)\Common Files 2014-08-06 19:22:48 ----D---- C:\Windows\rescache 2014-08-06 16:15:48 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-08-06 16:15:48 ----D---- C:\Windows\system32\nl-NL 2014-08-06 16:15:47 ----D---- C:\Windows\system32\DriverStore 2014-08-06 16:10:52 ----D---- C:\Windows\CbsTemp 2014-08-06 15:13:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-08-05 19:05:32 ----A---- C:\Windows\system32\roboot64.exe 2014-08-05 15:28:33 ----D---- C:\Windows\system32\catroot 2014-08-05 15:27:56 ----D---- C:\Program Files\Common Files 2014-08-04 14:01:29 ----D---- C:\Windows\system32\wbem 2014-08-04 14:00:32 ----D---- C:\Windows\system32\drivers\etc 2014-08-04 14:00:32 ----D---- C:\Windows\system32\CodeIntegrity 2014-08-04 14:00:14 ----D---- C:\ProgramData\McAfee Security Scan 2014-08-04 13:59:30 ----D---- C:\Windows\registration 2014-08-04 13:59:03 ----D---- C:\Windows\system32\Sysprep 2014-08-04 13:57:44 ----SD---- C:\ProgramData\Microsoft 2014-08-04 13:26:14 ----D---- C:\Windows\system32\NDF 2014-07-27 02:28:56 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2014-07-27 02:27:59 ----RD---- C:\Users 2014-07-27 02:27:59 ----D---- C:\Program Files\NVIDIA Corporation 2014-07-27 01:35:40 ----A---- C:\Windows\win.ini 2014-07-27 00:19:13 ----D---- C:\Users\administraaror\AppData\Roaming\NCH Software 2014-07-26 23:35:25 ----D---- C:\ProgramData\Temp 2014-07-26 22:58:53 ----D---- C:\Users\administraaror\AppData\Roaming\Systweak 2014-07-26 20:22:39 ----A---- C:\Windows\SYSWOW64\engine.dll 2014-07-24 23:33:35 ----D---- C:\Program Files\Microsoft Silverlight 2014-07-24 23:33:31 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-07-24 03:31:29 ----D---- C:\Users\administraaror\AppData\Roaming\OpenCandy 2014-07-23 12:17:59 ----D---- C:\Program Files (x86)\Internet Explorer 2014-07-23 12:17:54 ----D---- C:\Program Files\Internet Explorer 2014-07-23 12:17:54 ----D---- C:\Program Files\Dell 2014-07-23 12:17:49 ----D---- C:\Program Files\Windows Journal 2014-07-23 12:14:39 ----D---- C:\Users\administraaror\AppData\Roaming\ArcSoft 2014-07-23 12:14:17 ----D---- C:\Windows\PolicyDefinitions 2014-07-23 12:14:10 ----D---- C:\Windows\ShellNew 2014-07-23 12:14:04 ----D---- C:\Windows\system32\drivers\UMDF 2014-07-23 12:14:03 ----D---- C:\Windows\system32\SecureBootUpdates 2014-07-23 12:14:00 ----D---- C:\Windows\WinStore 2014-07-23 12:14:00 ----D---- C:\Windows\twain_32 2014-07-23 08:52:00 ----D---- C:\Program Files\Common Files\Services 2014-07-23 07:23:10 ----D---- C:\Users\administraaror\AppData\Roaming\Research in Motion 2014-07-23 07:22:37 ----RSD---- C:\Windows\Fonts 2014-07-23 06:57:58 ----D---- C:\Windows\SYSWOW64\drivers 2014-07-22 03:05:07 ----D---- C:\Windows\system32\MRT 2014-07-22 03:03:18 ----A---- C:\Windows\system32\MRT.exe 2014-06-20 02:13:55 ----RSD---- C:\Windows\assembly 2014-06-18 20:10:42 ----D---- C:\Program Files (x86)\IObit 2014-05-28 03:36:12 ----D---- C:\Windows\System ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 pavboot;Panda boot driver; C:\Windows\system32\Drivers\pavboot64.sys [2010-06-22 30792] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-07-27 486192] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528] R1 ShldFlt;Panda File Shield Driver; C:\Windows\System32\DRIVERS\ShldFlt.sys [2009-10-27 48136] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000] R2 AmFSM;AmFSM; C:\Windows\system32\DRIVERS\amm6460.sys [2012-03-26 71432] R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144] R3 AN983X64;@oem5.inf,%ADM9X64.Service.DispName%;Infineon AN983B PCI Fast Ethernet Adapter for Windows X64; C:\Windows\system32\DRIVERS\AN983X64.sys [2005-05-19 48128] R3 e1express;@nete1e3e.inf,%E1Express.Service.DispName%;Stuurprogramma voor Intel® PRO/1000 PCI Express-netwerkverbinding; C:\Windows\system32\DRIVERS\e1e6032e.sys [2012-06-02 300544] R3 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-03-21 12708128] R3 PavTPK.sys;PavTPK.sys; \??\C:\Windows\syswow64\PavTPK.sys [] R3 RimVSerPort;@oem21.inf,%RimVSerPort%;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2012-07-26 11776] R3 stdriver;SoundTap Filter Driver v6.07.00; C:\Windows\system32\DRIVERS\stdriverx64.sys [2014-05-16 33488] R3 VCSVADHWSer;@oem19.inf,%DeviceName% (WDM);Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504] R3 voxaldriver;Voxal Filter Driver 2.12.01; C:\Windows\system32\DRIVERS\voxaldriverx64.sys [2014-05-16 34512] S3 61883;@61883.inf,%61883_Unit.ServiceDesc%;61883-eenheidsapparaat; C:\Windows\system32\DRIVERS\61883.sys [2012-07-26 61440] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-03 19968] S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712] S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040] S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752] S3 netr7364;@netr7364.inf,%General.Service.DispName%;Stuurprogramma voor RT73 USB Extensible draadloze LAN-kaart; C:\Windows\system32\DRIVERS\netr7364.sys [2012-06-02 729152] S3 PAC207;@oem7.inf,%str_Description%;PC Camer@; C:\Windows\system32\DRIVERS\PFC027.SYS [2008-02-13 686592] S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672] S3 ScreamBAudioSvc;@oem14.inf,%sbee_audio.SvcDesc%;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992] S3 scvad_simple;@oem12.inf,%scvad_simple.SvcDesc%;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-04-24 23552] S3 SNP2STD;@oem24.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [] S3 splitcam_hd_driver;@oem11.inf,%splitcam_hd_driver.DeviceDesc%;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-07-12 37496] S3 USBAAPL64;@oem22.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-06-10 54784] S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-06 121984] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-02 43008] S4 ManyCam;@oem15.inf,%ManyCam.DeviceDesc%;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2013-11-27 52128] S4 mcaudrv_simple;@oem16.inf,%mcaudrv_simple.SvcDesc%;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-12-06 35232] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336] R2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-07-22 36424] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968] R2 Panda Software Controller;Panda Software Controller; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe [2012-11-19 177440] R2 PAVFNSVR;Panda Function Service; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PavFnSvr.exe [2012-09-21 202016] R2 PavPrSrv;Panda Process Protection Service; C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768] R2 PskSvcRetail;Panda PSK service; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PskSvc.exe [2010-08-16 28992] R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2013-04-25 75584] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936] R2 TPSrv;Panda TPSrv; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\TPSrvWow.exe [2012-11-16 173344] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-01 116648] S2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\pavsrvx86.exe [2011-04-13 313664] S2 PSIMSVC;Panda IManager Service; C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsImSvc.exe [2008-06-19 108288] S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-24 262320] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-01 116648] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] -----------------EOF-----------------

het gaat om mijn rtl120.bpl die mist.ik krijg ook regelmaatig een blouw en zegt dan IRQL_GT_ZERO_AT_SYSTEM_SERVICE en dat wil ik oplssen graag en waar kan ik die RSIT downloaden heb je een link?

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 08:35:02, on 20-8-2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.17028) Boot mode: Normal Running processes: C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA ANTIVIRUS PRO 2014\WebProxy.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\ZooToolbar\WBrokerSockets.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\ADMINI~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fRrvugmxlJOT40l3ePPj8-059HVvGjtksvRS5aNdwvQREAWYh-OuJd7Eabt6VqBBcrl01-8tyMsgnvW6-FEEQnLKnilEwCwj6RL-wGPwN0LnSSNESDPz-ZYUcUkNDkp4Gg_bZp5t4SCCjWO9uTnXdWUVtv-pYHmMx0acyiLrdu3js_YLGOLDnweR92Jsk0Y,&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Max Start Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = V9 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1389673782&from=tugs&uid=WDCXWD2500JS-60NCB1_WD-WCANK882271822718&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1389673782&from=tugs&uid=WDCXWD2500JS-60NCB1_WD-WCANK882271822718&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Speedial Search R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fRrvugmxlJOT40l3ePPj8-059HVvGjtksvRS5aNdwvQREAWYh-OuJd7Eabt6VqBBcrl01-8tyMsgnvW6-FEEQnLKnilEwCwj6RL-wGPwN0LnSSNESDPz-ZYUcUkNDkp4Gg_bZp5t4SCCjWO9uTnXdWUVtv-pYHmMx0acyiLrdu3js_YLGOLDnweR92Jsk0Y,&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fRrvugmxlJOT40l3ePPj8-059HVvGjtksvRS5aNdwvQREAWYh-OuJd7Eabt6VqBBcrl01-8tyMsgnvW6-FEEQnLKnilEwCwj6RL-wGPwN0LnSSNESDPz-ZYUcUkNDkp4Gg_bZp5t4SCCjWO9uTnXdWUVtv-pYHmMx0acyiLrdu3js_YLGOLDnweR92Jsk0Y,&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe, O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~2\ArcSoft\VIDEOD~1\ARCURL~1.DLL (file missing) O2 - BHO: Speed Test 127 - {11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} - (no file) O2 - BHO: Bizzybolt - {13070af0-bc6c-4185-8baa-40a4cf05b323} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: ToolbarBHO Class - {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll (file missing) O2 - BHO: Free Games 111 - {C45EC9F0-8333-465D-9728-074BD41985C9} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (file missing) O3 - Toolbar: RAW Thumbnail Viewer - {F301665A-12F8-4331-804A-5BCBD379668C} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll (file missing) O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (file missing) O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\Inicio.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [AppSafe] C:\Program Files (x86)\AppSafe\AppSafe.exe O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_2" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\administraaror\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512" O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user') O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\pavsrvx86.exe O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\PskSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\TPSrvWow.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16820 bytes