Logfile of random's system information tool 1.10 (written by random/random) Run by VDB219 at 2014-06-23 09:30:29 Microsoft Windows 8 System drive C: has 867 GB (92%) free of 943 GB Total RAM: 10150 MB (70% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:30:33, on 23/06/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16921) Boot mode: Normal Running processes: C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Users\VDB219\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Users\VDB219\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Acer Remote\ArcServer.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Users\VDB219\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe C:\Program Files (x86)\Acer\Acer Portal\sdd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\IncrediMail\Bin\ImNotfy.exe C:\Program Files\trend micro\VDB219.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [AcerCloud] "C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe" startup O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [SkyDrive] "C:\Users\VDB219\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [Spotify] "C:\Users\VDB219\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" O4 - HKUS\S-1-5-21-2191953796-1962370350-3912698429-1002\..\RunOnce: [RegAutoPlay] C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\Acer Media_\RegAutoPlay.reg" (User '_ocster_backup_') O4 - HKUS\S-1-5-21-2191953796-1962370350-3912698429-1002\..\RunOnce: [RegDXVA1] C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\Acer Media_\SwitchUserVideoKey.reg" (User '_ocster_backup_') O4 - Startup: Dropbox.lnk = VDB219\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Acer Remote.lnk = C:\Program Files (x86)\Acer Remote\ArcServer.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: McAfee Application Installer Cleanup (0026421402673984) (0026421402673984mcinstcleanup) - - (no file) O23 - Service: ABVisie Firebird 2 server (ABVisieFirebird2) - FirebirdSQL Project - C:\Program Files (x86)\ABVisie\Firebird2\bin\fbserver.exe O23 - Service: ABVisie License Server (ABVLicenseServerService) - ABVisie - C:\Program Files (x86)\ABVisie\LicenseServer\bin\ABVLicenseServer.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: GoodSync Runner (GsRunner) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\GoodSync.exe O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing) O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Ocster Backup (ocster_backup) - Unknown owner - c:\Program Files\Ocster Backup\bin\backupService-ox.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18154 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe" "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" "C:\Program Files\AVAST Software\Avast\afwServ.exe" "C:\Program Files (x86)\ABVisie\Firebird2\bin\fbserver.exe" -s "C:\Program Files (x86)\ABVisie\LicenseServer\bin\ABVLicenseServer.exe" "C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe" "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service "C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe" dashost.exe {d1ea501e-615d-4b21-be1ce867344abced} "C:\Program Files\Siber Systems\GoodSync\GoodSync.exe" /runner-service="C:/Users/VDB219/AppData/Roaming/GoodSync" "C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe" /service C:\Windows\system32\HPSIsvc.exe "C:\Program Files\Intel\iCLS Client\HeciServer.exe" C:\Windows\system32\IProsetMonitor.exe "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" "C:\Windows\system32\mfevtps.exe" "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" "c:\Program Files\Ocster Backup\bin\backupService-ox.exe" "--controlFolder=c:\ProgramData\Ocster Backup\control" "--id=ocster_backup" daemon "C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\McAfee\MSC\McAPExe.exe" "c:\Program Files\Ocster Backup\bin\oxHelper.exe" watchDog backupDaemon 3468 "c:\Users\_OCSTE~1\AppData\Local\Temp\oxHelperParam-3468-656d94594eb147cf" "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss da8e14d1-c5e1-4c48-8c40-a2c7dd5bdff7 1 \??\C:\Windows\system32\conhost.exe 0x4 C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-65655396-9651-40b6-9b6b-94f890797d34 -SystemEventPortName:HostProcess-cb84736d-bf34-402c-82c0-a6eedd758ac1 -IoCancelEventPortName:HostProcess-58df3a38-0eaa-451a-8a3b-fe523fca4d05 -NonStateChangingEventPortName:HostProcess-6943745e-54fd-4a3b-ad73-51efbfcf23fc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6fb42388-7737-4b56-a2d7-d889701c6762 -DeviceGroupId:WpdFsGroup "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "c:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\wbem\wmiprvse.exe taskhost.exe $(Arg0) "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" "C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe" /scan "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\System32\WinLogon.exe -SpecialSession -hiberboot "C:\Windows\SysWOW64\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session taskhostex.exe "C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray "C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui -Embedding "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe" "C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe" /HotCorners "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp C:\Windows\System32\RuntimeBroker.exe -Embedding \??\C:\Windows\system32\conhost.exe 0x4 "C:\Program Files\Acer\Acer Power Management\ePowerTray.exe" "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Ocster Backup\bin\backupClient-ox.exe" --hidden "C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe" /c "C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe" startup "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\Users\VDB219\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto "C:\Program Files\Ocster Backup\bin\oxHelper.exe" watchDog backupClient 14152 "c:\Users\VDB219\AppData\Local\Temp\oxHelperParam-14152-5791b8841b50799d" "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "C:\Users\VDB219\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "C:\Program Files (x86)\Acer Remote\ArcServer.exe" "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui "C:\Program Files (x86)\Acer\Acer Portal\ccd.exe" "C:\Users\VDB219\AppData\Local\clear.fi\AcerCloud\SyncAgent" S-1-5-21-2191953796-1962370350-3912698429-1001 464 476 "C:\ProgramData\acer\CCD" \??\C:\Windows\system32\conhost.exe 0x4 "C:\Users\VDB219\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe" "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /SkipFUE /RemoteOCXLaunch "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="7092.0.821569040\2104285802" /prefetch:673131151 "C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="7092.1.1637113115\531204350" /prefetch:673131151 "C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="7092.2.1765850939\206408325" /prefetch:673131151 "C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="7092.3.55215289\361219330" /prefetch:673131151 "C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="7092.4.904314334\1597982339" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x104b --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --lang=en-US --log-severity=disable /prefetch:822062411 "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe" "C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe" -Embedding "C:\Program Files (x86)\Acer\Acer Portal\sdd.exe" -c \??\C:\Windows\system32\conhost.exe 0x4 "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --silent-launch --viewer-connect "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -ServerName:DefaultBrowserServer "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="14240.0.1690241064\96183465" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x104b --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --ignored=" --type=renderer " /prefetch:822062411 "C:\Windows\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.ModernPhotos.wwa "C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server "C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="14240.29.976781993\43579692" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="14240.30.797879545\1436828215" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568 "C:\Users\VDB219\Downloads\RSITx64 (1).exe" "C:\Program Files (x86)\IncrediMail\Bin\ImNotfy.exe" -Embedding ======Scheduled tasks folder====== C:\Windows\tasks\ASC7_SkipUac_VDB219.job - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe C:\Windows\tasks\Driver Booster SkipUAC (SYSTEM).job - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe /skipuac C:\Windows\tasks\Gameo Updater.job - C:\Users\VDB219\AppData\Roaming\GameoUpdater\UpdateProc\UpdateTask.exe /Check C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\Uninstaller_SkipUac_Administrator.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer =========Mozilla firefox========= ProfilePath - C:\Users\VDB219\AppData\Roaming\Mozilla\Firefox\Profiles\22qdb16s.default prefs.js - "browser.startup.homepage" - "www.google.com" prefs.js - "keyword.URL" - "https://www.google.com/search" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] "Description"=This plugin updates Intel WebAPI component "Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10] "Description"=McAfee Total Protection MIME Plugin "Path"=c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App V2 Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10] "Description"=McAfee Total Protection MIME Plugin "Path"=c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Users\VDB219\AppData\Roaming\Mozilla\Firefox\Profiles\22qdb16s.default\searchplugins\ Google.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-05-02 2471744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-28 581824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-30 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-04-24 290792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-02 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-28 436600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-30 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-04-24 239280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-02 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-30 256456] {03EB0E9C-7A91-4381-A220-9B52B641CDB1} {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-04-24 290792] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-30 194504] {03EB0E9C-7A91-4381-A220-9B52B641CDB1} {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-04-24 239280] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-15 13191312] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208] "Ocster Backup"=C:\Program Files\Ocster Backup\bin\backupClient-ox.exe [2014-02-04 312664] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-05-31 133248] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"=C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [2014-03-30 367016] "Spotify Web Helper"=C:\Users\VDB219\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-05-15 1176632] "AcerCloud"=C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2014-05-02 18249472] "GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-06-05 24474752] "SkyDrive"=C:\Users\VDB219\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-05-15 257224] "Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-18 2285344] "OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064] "Spotify"=C:\Users\VDB219\AppData\Roaming\Spotify\Spotify.exe [2014-05-15 6170168] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-03-30 39408] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992] "IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-03-12 134616] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-06 3890208] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-04-17 1596224] "mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-05-31 133248] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Acer Remote.lnk - C:\Program Files (x86)\Acer Remote\ArcServer.exe C:\Users\VDB219\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\VDB219\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] wlnotify.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLinkedConnections"=1 "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoRun"=0 "NoFolderOptions"=0 "NoActiveDesktopChanges"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "midi2"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux1"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 month====== 2014-06-23 09:23:23 ----D---- C:\rsit 2014-06-23 09:23:23 ----D---- C:\Program Files\trend micro 2014-06-22 13:41:29 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-06-22 13:41:03 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-06-22 13:41:03 ----A---- C:\Windows\system32\drivers\mwac.sys 2014-06-22 13:41:03 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-06-22 13:41:03 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-06-21 11:09:23 ----A---- C:\Windows\SYSWOW64\drivers\mbam.sys 2014-06-21 11:09:19 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys 2014-06-21 11:09:17 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-06-19 07:58:07 ----A---- C:\Windows\system32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64.sys 2014-06-15 11:26:07 ----HD---- C:\OneDriveTemp 2014-06-15 08:59:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-06-13 11:41:55 ----D---- C:\Users\VDB219\AppData\Roaming\GoodSync 2014-06-13 11:41:55 ----D---- C:\ProgramData\GoodSync 2014-06-13 11:41:38 ----D---- C:\Program Files\Siber Systems 2014-06-12 11:44:42 ----A---- C:\Windows\system32\rdpcorets.dll 2014-06-12 11:44:41 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2014-06-12 11:44:41 ----A---- C:\Windows\system32\rdpudd.dll 2014-06-12 11:44:41 ----A---- C:\Windows\system32\gdi32.dll 2014-06-12 11:44:40 ----A---- C:\Windows\SYSWOW64\UXInit.dll 2014-06-12 11:44:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-06-12 11:44:40 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-06-12 11:44:40 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2014-06-12 11:44:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-06-12 11:44:40 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-06-12 11:44:40 ----A---- C:\Windows\system32\iernonce.dll 2014-06-12 11:44:39 ----A---- C:\Windows\SYSWOW64\uxtheme.dll 2014-06-12 11:44:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-06-12 11:44:39 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-06-12 11:44:39 ----A---- C:\Windows\system32\UXInit.dll 2014-06-12 11:44:39 ----A---- C:\Windows\system32\urlmon.dll 2014-06-12 11:44:39 ----A---- C:\Windows\system32\msrating.dll 2014-06-12 11:44:39 ----A---- C:\Windows\system32\iesysprep.dll 2014-06-12 11:44:39 ----A---- C:\Windows\system32\ie4uinit.exe 2014-06-12 11:44:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-06-12 11:44:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-06-12 11:44:37 ----A---- C:\Windows\system32\uxtheme.dll 2014-06-12 11:44:37 ----A---- C:\Windows\system32\msfeeds.dll 2014-06-12 11:44:37 ----A---- C:\Windows\system32\iesetup.dll 2014-06-12 11:44:36 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-06-12 11:44:36 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-06-12 11:44:36 ----A---- C:\Windows\system32\jsproxy.dll 2014-06-12 11:44:36 ----A---- C:\Windows\system32\ieframe.dll 2014-06-12 11:44:36 ----A---- C:\Windows\system32\dxtrans.dll 2014-06-12 11:44:35 ----A---- C:\Windows\system32\wininet.dll 2014-06-12 11:44:35 ----A---- C:\Windows\system32\jscript.dll 2014-06-12 11:44:34 ----A---- C:\Windows\system32\mshtmled.dll 2014-06-12 11:44:34 ----A---- C:\Windows\system32\dxtmsft.dll 2014-06-12 11:44:33 ----A---- C:\Windows\system32\mshtml.dll 2014-06-12 11:44:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-06-12 11:44:27 ----A---- C:\Windows\system32\iertutil.dll 2014-06-12 11:44:26 ----A---- C:\Windows\SYSWOW64\jscript.dll 2014-06-12 11:44:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-06-12 11:44:26 ----A---- C:\Windows\system32\jscript9.dll 2014-06-12 11:44:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-06-12 11:44:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-06-12 11:44:12 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-12 11:44:11 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-06-12 11:44:11 ----A---- C:\Windows\system32\msxml3.dll 2014-06-11 10:58:02 ----D---- C:\Users\VDB219\AppData\Roaming\Mozilla 2014-06-11 10:57:55 ----D---- C:\ProgramData\Mozilla 2014-06-11 10:57:54 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-02 17:57:19 ----A---- C:\Windows\SYSWOW64\nvspcap.dll 2014-06-02 17:57:19 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll 2014-06-02 17:57:19 ----A---- C:\Windows\system32\nvspcap64.dll 2014-06-02 17:57:19 ----A---- C:\Windows\system32\nvspbridge64.dll 2014-05-31 07:47:09 ----A---- C:\IFRToolLog.txt 2014-05-30 15:55:23 ----D---- C:\ProgramData\Intel(R) Update Manager 2014-05-27 10:50:34 ----D---- C:\Users\VDB219\AppData\Roaming\Identities 2014-05-26 12:37:41 ----A---- C:\Windows\system32\mfevtps.exe 2014-05-26 10:29:06 ----A---- C:\Windows\SYSWOW64\wusa.exe 2014-05-26 10:29:06 ----A---- C:\Windows\system32\wusa.exe 2014-05-26 10:29:06 ----A---- C:\Windows\system32\drivers\srv2.sys 2014-05-26 10:29:06 ----A---- C:\Windows\system32\drivers\Classpnp.sys 2014-05-26 09:35:41 ----D---- C:\Program Files (x86)\Windows Kits 2014-05-25 18:04:04 ----D---- C:\Users\VDB219\AppData\Roaming\Skype 2014-05-25 18:03:55 ----RD---- C:\Program Files (x86)\Skype 2014-05-25 18:03:47 ----D---- C:\ProgramData\Skype 2014-05-25 15:40:06 ----D---- C:\ProgramData\WinZip 2014-05-25 15:40:03 ----D---- C:\Program Files\WinZip 2014-05-24 11:21:01 ----D---- C:\Users\VDB219\AppData\Roaming\WinRAR 2014-05-24 11:20:40 ----D---- C:\Program Files (x86)\WinRAR 2014-05-24 11:16:23 ----D---- C:\Users\VDB219\AppData\Roaming\Ashampoo ======List of files/folders modified in the last 1 month====== 2014-06-23 09:30:34 ----D---- C:\Windows\Prefetch 2014-06-23 09:30:30 ----D---- C:\Windows\Temp 2014-06-23 09:23:23 ----RD---- C:\Program Files 2014-06-23 09:23:03 ----D---- C:\Windows\system32\catroot2 2014-06-23 09:01:12 ----D---- C:\Users\VDB219\AppData\Roaming\Spotify 2014-06-23 08:00:00 ----D---- C:\Windows\system32\sru 2014-06-23 07:08:48 ----D---- C:\Windows\Microsoft.NET 2014-06-23 07:08:06 ----D---- C:\Windows\debug 2014-06-23 06:57:14 ----D---- C:\Users\VDB219\AppData\Roaming\Dropbox 2014-06-23 06:56:35 ----D---- C:\Users\VDB219\AppData\Roaming\DropboxMaster 2014-06-22 22:30:58 ----D---- C:\Windows\Inf 2014-06-22 22:30:58 ----D---- C:\Windows 2014-06-22 18:09:46 ----D---- C:\Windows\system32\Drivers 2014-06-22 18:09:34 ----RD---- C:\Windows\System32 2014-06-22 18:09:34 ----D---- C:\Windows\system32\drivers\UMDF 2014-06-22 14:17:02 ----SHD---- C:\Windows\Installer 2014-06-22 14:12:50 ----RD---- C:\Program Files (x86) 2014-06-22 14:00:38 ----D---- C:\ProgramData\boost_interprocess 2014-06-22 13:58:07 ----D---- C:\Windows\SoftwareDistribution 2014-06-22 13:57:46 ----D---- C:\ProgramData\NVIDIA 2014-06-22 13:55:51 ----D---- C:\Users\VDB219\AppData\Roaming\GameoUpdater 2014-06-22 13:41:03 ----D---- C:\ProgramData\Malwarebytes 2014-06-22 11:38:38 ----D---- C:\Program Files (x86)\WildTangent Games 2014-06-22 11:04:31 ----D---- C:\derby 2014-06-22 10:20:52 ----A---- C:\Windows\win.ini 2014-06-22 09:44:18 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-06-21 11:21:06 ----D---- C:\Windows\system32\config 2014-06-21 11:09:23 ----D---- C:\Windows\SYSWOW64\drivers 2014-06-21 09:14:52 ----D---- C:\Windows\system32\NDF 2014-06-21 07:53:15 ----SHD---- C:\System Volume Information 2014-06-19 11:16:32 ----D---- C:\ProgramData\ProductData 2014-06-18 14:14:10 ----D---- C:\Windows\system32\Tasks 2014-06-18 07:14:57 ----D---- C:\Windows\AUInstallAgent 2014-06-18 07:14:36 ----HD---- C:\Program Files\WindowsApps 2014-06-17 15:36:55 ----SD---- C:\Users\VDB219\AppData\Roaming\Microsoft 2014-06-15 09:39:20 ----D---- C:\Windows\WinSxS 2014-06-15 08:59:42 ----D---- C:\Windows\SysWOW64 2014-06-14 18:37:22 ----D---- C:\Program Files (x86)\Internet Explorer 2014-06-14 18:37:19 ----D---- C:\Program Files\Internet Explorer 2014-06-13 11:41:55 ----HD---- C:\ProgramData 2014-06-13 09:01:16 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-06-13 08:16:50 ----D---- C:\Windows\CbsTemp 2014-06-13 08:15:52 ----D---- C:\ProgramData\Microsoft Help 2014-06-13 08:15:34 ----D---- C:\Windows\system32\MRT 2014-06-13 08:12:48 ----A---- C:\Windows\system32\MRT.exe 2014-06-11 10:30:07 ----D---- C:\Program Files (x86)\Belgium Identity Card 2014-06-11 10:29:58 ----D---- C:\drivers 2014-06-03 07:13:24 ----D---- C:\Windows\Logs 2014-06-02 17:56:55 ----D---- C:\Program Files\NVIDIA Corporation 2014-05-31 07:52:16 ----D---- C:\Windows\system32\DriverStore 2014-05-31 07:47:06 ----D---- C:\ProgramData\Intel 2014-05-30 15:55:48 ----D---- C:\Program Files (x86)\Intel 2014-05-29 09:30:00 ----RSD---- C:\Windows\assembly 2014-05-27 13:04:21 ----D---- C:\Program Files (x86)\McAfee 2014-05-26 12:38:23 ----D---- C:\Program Files\Common Files\mcafee 2014-05-26 12:38:07 ----HD---- C:\Windows\ELAMBKUP 2014-05-26 10:34:54 ----D---- C:\Windows\rescache 2014-05-26 10:29:10 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-05-26 10:29:10 ----D---- C:\Windows\system32\nl-NL 2014-05-26 09:50:27 ----D---- C:\Windows\system32\catroot 2014-05-25 18:03:56 ----D---- C:\Program Files (x86)\Common Files ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswNdisFlt;@oem26.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-05-15 447888] R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-28 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-28 208416] R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2014-04-03 784760] R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2014-04-03 346760] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2014-03-30 52856] R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 21184] R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-03-30 28184] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-28 93568] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240] R1 ccSet_NARA;NARA Settings Manager; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [2012-05-26 168608] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-28 79184] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328] R3 AmUStor;@oem6.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2012-11-10 104280] R3 AthBTPort;@oem25.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-05-31 89800] R3 BTATH_A2DP;@oem24.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-05-31 347336] R3 btath_avdt;@oem24.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-05-31 115912] R3 BTATH_BUS;@oem21.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-05-31 34384] R3 BTATH_HCRP;@oem27.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-05-31 179432] R3 BTATH_LWFLT;@oem29.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-05-31 77464] R3 BTATH_RCP;@oem31.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-05-31 136784] R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-05-31 586952] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-04-21 51712] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2013-04-21 74752] R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2014-04-03 70592] R3 e1dexpress;@oem8.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d63x64.sys [2013-04-23 468240] R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-08-15 4102928] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 25816] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-06-23 122584] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 64216] R3 MEIx64;@oem18.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2013-03-12 64624] R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2014-04-03 177544] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2014-04-03 311856] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2014-04-03 522360] R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2014-03-18 441264] R3 NVHDA;@oem37.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-03-04 12708128] R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256] R3 nvvad_WaveExtensible;@oem40.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392] R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672] S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2014-04-03 69352] S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-04-28 29208] S3 athr;@oem20.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-05-17 3847168] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040] S3 cxbu0x64;@oem34.inf,%VID1PID1ReaderDescription%;OMNIKEY 3x21; C:\Windows\system32\DRIVERS\cxbu0x64.sys [2014-04-05 147576] S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2013-09-23 197704] S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2014-03-18 96592] S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016] S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-06 121984] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\System32\drivers\usbscan.sys [2013-07-02 43008] S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-06 210560] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ABVisieFirebird2;ABVisie Firebird 2 server; C:\Program Files (x86)\ABVisie\Firebird2\bin\fbserver.exe [2006-10-31 1990656] R2 ABVLicenseServerService;ABVisie License Server; C:\Program Files (x86)\ABVisie\LicenseServer\bin\ABVLicenseServer.exe [2011-09-05 998912] R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440] R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2013-05-31 310912] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-28 50344] R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-04-28 109048] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992] R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2014-02-13 2798336] R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904] R2 GsRunner;GoodSync Runner; C:\Program Files\Siber Systems\GoodSync\GoodSync.exe [2014-06-13 13669520] R2 GsServer;GoodSync Server; C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe [2014-06-13 8984720] R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-07 127800] R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-01-24 342336] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648] R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-03-12 131544] R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2013-01-04 183200] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-12 366552] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728] R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2014-04-25 178528] R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-03-18 1041192] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-04-03 219752] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2014-04-03 189912] R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432] R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2014-04-09 4343664] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968] R2 ocster_backup;Ocster Backup; c:\Program Files\Ocster Backup\bin\backupService-ox.exe [2014-02-04 23896] R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2014-06-06 72992] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936] R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-01-18 660040] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-30 116648] S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-05-02 2153792] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-03-30 651720] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-05-05 203344] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-30 116648] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-30 194032] S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184] S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368] S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2013-08-02 602944] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] -----------------EOF-----------------