Logfile of random's system information tool 1.10 (written by random/random) Run by Rutges at 2014-06-30 14:20:00 Microsoft Windows 8 System drive C: has 259 GB (89%) free of 290 GB Total RAM: 1935 MB (48% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf533b14e003d7.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6c378435aa45.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-04-11 513648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-08-02 363520] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.yuy2"=msyuv.dll "vidc.i420"=iyuv_32.dll "vidc.cvid"=iccvid.dll "vidc.yvyu"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "vidc.uyvy"=msyuv.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "vidc.VP60"=C:\Windows\system32\vp6vfw.dll "vidc.VP61"=C:\Windows\system32\vp6vfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-06-30 14:09:53 ----D---- C:\Program Files (x86)\trend micro 2014-06-30 14:09:52 ----D---- C:\rsit 2014-06-17 08:29:32 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2014-06-17 08:29:26 ----A---- C:\Windows\SysWOW64\dxtrans.dll 2014-06-17 08:29:26 ----A---- C:\Windows\SysWOW64\dxtmsft.dll 2014-06-17 08:29:22 ----A---- C:\Windows\SysWOW64\mshtml.dll 2014-06-17 08:29:08 ----A---- C:\Windows\SysWOW64\jscript9.dll 2014-06-17 08:29:07 ----A---- C:\Windows\SysWOW64\ieframe.dll 2014-06-17 08:29:05 ----A---- C:\Windows\SysWOW64\wininet.dll 2014-06-17 08:29:04 ----A---- C:\Windows\SysWOW64\iertutil.dll 2014-06-17 08:29:03 ----A---- C:\Windows\SysWOW64\urlmon.dll 2014-06-17 08:29:01 ----A---- C:\Windows\SysWOW64\jscript.dll 2014-06-17 08:29:00 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2014-06-17 08:29:00 ----A---- C:\Windows\SysWOW64\iesysprep.dll 2014-06-17 08:28:59 ----A---- C:\Windows\SysWOW64\UXInit.dll 2014-06-17 08:28:59 ----A---- C:\Windows\SysWOW64\msrating.dll 2014-06-17 08:28:58 ----A---- C:\Windows\SysWOW64\iernonce.dll 2014-06-17 08:28:57 ----A---- C:\Windows\SysWOW64\uxtheme.dll 2014-06-17 08:28:57 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2014-06-17 08:28:57 ----A---- C:\Windows\SysWOW64\iesetup.dll 2014-06-17 08:28:38 ----A---- C:\Windows\SysWOW64\gdi32.dll 2014-06-17 08:28:19 ----A---- C:\Windows\SysWOW64\wusa.exe 2014-06-17 08:21:52 ----A---- C:\Windows\SysWOW64\msxml3.dll ======List of files/folders modified in the last 1 month====== 2014-06-30 14:15:37 ----D---- C:\Windows\Prefetch 2014-06-30 14:14:35 ----A---- C:\Windows\SysWOW64\bscs.ini 2014-06-30 14:11:40 ----SD---- C:\ProgramData\Microsoft 2014-06-30 14:11:34 ----SD---- C:\Users\Rutges\AppData\Roaming\Microsoft 2014-06-30 14:11:32 ----A---- C:\Windows\SysWOW64\LOCALSERVICE.INI 2014-06-30 14:11:30 ----A---- C:\Windows\SysWOW64\LOCALDEVICE.INI 2014-06-30 14:10:40 ----D---- C:\Windows\System32 2014-06-30 14:10:40 ----D---- C:\Windows\Inf 2014-06-30 14:09:53 ----RD---- C:\Program Files (x86) 2014-06-30 14:06:39 ----D---- C:\Windows\Temp 2014-06-30 14:01:20 ----RD---- C:\Program Files 2014-06-30 13:59:16 ----D---- C:\Windows\Panther 2014-06-30 13:59:15 ----D---- C:\Windows\SoftwareDistribution 2014-06-30 13:59:15 ----D---- C:\Windows\Logs 2014-06-30 13:59:15 ----D---- C:\Windows\debug 2014-06-30 13:59:15 ----D---- C:\Windows 2014-06-30 09:44:36 ----A---- C:\Windows\SysWOW64\REMOTEDEVICE.INI 2014-06-30 09:40:04 ----D---- C:\Windows\rescache 2014-06-30 09:33:27 ----D---- C:\Windows\Microsoft.NET 2014-06-30 09:30:12 ----SHD---- C:\System Volume Information 2014-06-30 08:44:25 ----D---- C:\Program Files (x86)\Re-markit 2014-06-30 08:41:12 ----A---- C:\Windows\SysWOW64\log.txt 2014-06-30 08:39:20 ----D---- C:\Windows\WinSxS 2014-06-30 08:39:16 ----D---- C:\Windows\SysWOW64 2014-06-30 08:37:20 ----D---- C:\Windows\SysWOW64\nl-NL 2014-06-30 08:37:18 ----D---- C:\Program Files (x86)\Internet Explorer 2014-06-19 00:06:25 ----D---- C:\Windows\CbsTemp 2014-06-17 08:31:58 ----RSD---- C:\Windows\assembly 2014-06-13 00:47:41 ----D---- C:\Windows\AUInstallAgent 2014-06-03 23:35:15 ----RD---- C:\Windows\ToastData 2014-06-03 23:35:10 ----D---- C:\Program Files (x86)\Windows Defender 2014-05-31 07:16:07 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [] R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [] R3 BtAudioBusSrv;@oem13.inf,%SvcDesc%;IVT Bluetooth Audio Bus Service; C:\Windows\System32\Drivers\BtAudioBus.sys [] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [] R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\Windows\System32\Drivers\BtL2caScoIf.sys [] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\Windows\system32\DRIVERS\BthLEEnum.sys [] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [] R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 IntcDAud;@oem17.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [] R3 MEIx64;@oem25.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [] R3 netr28x;@oem31.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [] R3 rtbth;@oem30.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\Windows\System32\drivers\rtbth.sys [] R3 RTL8168;@oem18.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [] R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [] R3 SynTP;@oem7.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [] R3 WirelessButtonDriver;@oem19.inf,%ServiceDesc%;HP Wireless Button Driver Service; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [] S3 RSP2STOR;@oem4.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [] S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [] S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2012-09-20 23040] R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-08-02 1544192] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-05-16 2266296] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2013-10-07 1025584] R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-07-14 2451456] R2 IePluginService;IePlugin Service; C:\ProgramData\IePluginService\PluginService.exe [2014-04-11 705136] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864] R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416] R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-07-10 138752] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08 116648] S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648] S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616] S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [2013-10-07 42048] S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2013-10-07 191368] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-27 43616] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08 116648] S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-06-01 150600] S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2012-09-20 23040] S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [] S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [] S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [] -----------------EOF-----------------