Logfile of random's system information tool 1.10 (written by random/random) Run by E1-571G at 2014-07-22 00:22:16 Microsoft Windows 8.1 System drive C: has 497 GB (72%) free of 695 GB Total RAM: 3911 MB (27% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:22:25, on 22/07/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Users\E1-571G\AppData\Local\Akamai\netsession_win.exe C:\Users\E1-571G\AppData\Local\Akamai\netsession_win.exe C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\E1-571G\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\E1-571G\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\E1-571G.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: DIALux 3.1 ULDBrowserHelper Class - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program Files (x86)\DIALux\DLXShellExtension.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [BakupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\E1-571G\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\E1-571G\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [Spotify] "C:\Users\E1-571G\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - Startup: Dropbox.lnk = E1-571G\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe O23 - Service: DIAL Communication Service (DialComService) - DIAL GmbH - C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: McNeel Update Service 5.0 (McNeelUpdate) - Robert McNeel & Associates - C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe O23 - Service: mental ray Satellite for Autodesk 3ds Max 2014 64-bit (mi-raysat_3dsmax2014_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14075 bytes ======Listing Processes====== wininit.exe winlogon.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS "dwm.exe" "C:\WINDOWS\system32\nvvsvc.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\WINDOWS\system32\nvvsvc.exe -session -first C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe" taskhostex.exe C:\WINDOWS\Explorer.EXE "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service "C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe" dashost.exe {1cfd4156-44ad-4312-87e2d3d7f15fc6d0} "C:\Program Files (x86)\Launch Manager\dsiwmis.exe" "C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window "C:\Program Files (x86)\Launch Manager\LManager.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files\Acer\Acer Power Management\ePowerTray.exe" "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe" "C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe" "C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe" C:\WINDOWS\SysWOW64\PnkBstrA.exe C:\WINDOWS\SysWOW64\PnkBstrB.exe C:\Windows\RfBtnSvc64.exe "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" C:\WINDOWS\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\WINDOWS\system32\igfxext.exe" -Embedding C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding "C:\WINDOWS\system32\igfxsrvc.exe" -Embedding "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding C:\WINDOWS\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe" C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files\Elantech\ETDCtrlHelper.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Users\E1-571G\AppData\Local\Akamai\netsession_win.exe" "C:/Users/E1-571G/AppData/Local/Akamai/netsession_win.exe" --client "C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\E1-571G\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" "C:\Users\E1-571G\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h "C:\WINDOWS\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S2].txt "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan" "C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe" "C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4320.0.390116095\1219757177" /prefetch:673131151 "C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4320.1.535199890\1801902709" /prefetch:673131151 "C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4320.2.1607835331\1079867647" /prefetch:673131151 "C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4320.3.206956499\952864474" /prefetch:673131151 "C:\Program Files\EgisTec IPS\PMMUpdate.exe" taskhost.exe $(Arg0) "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="4320.4.654228761\511019042" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3316 --lang=en-US --log-severity=disable /prefetch:822062411 "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" "C:\Program Files\EgisTec IPS\EgisUpdate.exe" "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe" C:\WINDOWS\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /PhotoViewerComServer {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} -Embedding C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory=Default "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5980.0.1460582337\234735438" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3316 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/ML Kodachrome dev/EnhancedBookmarks/Default/ExtensionInstallVerification/None/GoogleNow/Enable/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5980.1.760686962\1403624808" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutoReloadExperiment/Disabled/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/ML Kodachrome dev/EnhancedBookmarks/Default/ExtensionInstallVerification/None/GoogleNow/Enable/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5980.2.1216435046\160488155" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutoReloadExperiment/Disabled/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/ML Kodachrome dev/EnhancedBookmarks/Default/ExtensionInstallVerification/None/GoogleNow/Enable/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5980.3.684009997\1382511801" /prefetch:673131151 "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4896.0.1448974170\1547628569" /prefetch:3 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5980.8.449315493\691415581" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutoReloadExperiment/Disabled/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/ML Kodachrome dev/EnhancedBookmarks/Default/ExtensionInstallVerification/None/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5980.13.1028273477\1553315575" /prefetch:673131151 taskeng.exe {2A1F9B63-42C1-49B2-9F4F-67FABAD9B914} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutoReloadExperiment/Disabled/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/ML Kodachrome dev/EnhancedBookmarks/Default/ExtensionInstallVerification/None/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5980.16.531908980\531479345" /prefetch:673131151 "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe14_ Global\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutoReloadExperiment/Disabled/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/ML Kodachrome dev/EnhancedBookmarks/Default/ExtensionInstallVerification/None/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5980.17.574350886\1649131145" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="5980.18.1545003778\1383336314" --lang=nl /prefetch:845217598 "C:\Users\E1-571G\Downloads\RSITx64.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\msfeedssync.exe sync ======Scheduled tasks folder====== C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2658763709-3801376341-2561777823-1002Core.job - C:\Users\E1-571G\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2658763709-3801376341-2561777823-1002UA.job - C:\Users\E1-571G\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2}] DIALux 3.1 ULDBrowserHelper Class - C:\Program Files (x86)\DIALux\DLXShellExtension.dll [2013-03-08 532480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-04 391128] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-04 771032] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-04 769496] "ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-10 2864016] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184] "Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 415680] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"=C:\Users\E1-571G\AppData\Local\Akamai\netsession_win.exe [2012-10-09 4441920] "Spotify Web Helper"=C:\Users\E1-571G\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-07-15 1178168] "Facebook Update"=C:\Users\E1-571G\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-16 138096] "Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-01-08 3093624] "Spotify"=C:\Users\E1-571G\AppData\Roaming\Spotify\Spotify.exe [2014-07-15 6162488] "AdobeBridge"= [] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "BakupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-07-31 533056] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312] "Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-03-18 2691480] "LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-06-23 3816272] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Users\E1-571G\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\E1-571G\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" C:\Windows\system32\nvinitx.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2013-10-04 623616] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] ""= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .scr - open - .scr - install - .scr - config - ======List of files/folders created in the last 1 month====== 2014-07-22 00:22:16 ----D---- C:\rsit 2014-07-22 00:22:16 ----D---- C:\Program Files\trend micro 2014-07-20 22:38:51 ----D---- C:\FRST 2014-07-20 22:11:10 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll 2014-07-20 22:10:22 ----D---- C:\AdwCleaner 2014-07-09 10:21:01 ----SD---- C:\WINDOWS\system32\CompatTel 2014-07-09 06:57:24 ----A---- C:\WINDOWS\system32\termsrv.dll 2014-07-09 02:06:16 ----A---- C:\WINDOWS\system32\win32k.sys 2014-07-09 02:06:15 ----A---- C:\WINDOWS\SYSWOW64\osk.exe 2014-07-09 02:06:15 ----A---- C:\WINDOWS\system32\osk.exe 2014-07-09 02:06:10 ----A---- C:\WINDOWS\system32\drivers\afd.sys 2014-07-09 02:06:02 ----A---- C:\WINDOWS\system32\lsasrv.dll 2014-07-09 02:06:02 ----A---- C:\WINDOWS\system32\drivers\cng.sys 2014-07-09 02:06:02 ----A---- C:\WINDOWS\system32\certcli.dll 2014-07-09 02:06:02 ----A---- C:\WINDOWS\system32\adtschema.dll 2014-07-09 02:06:01 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll 2014-07-09 02:06:01 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll 2014-07-09 02:04:55 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll 2014-07-09 02:04:55 ----A---- C:\WINDOWS\system32\mshtml.dll 2014-07-09 02:04:55 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2014-07-09 02:04:54 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll 2014-07-09 02:04:46 ----A---- C:\WINDOWS\system32\jscript9.dll 2014-07-09 02:04:44 ----A---- C:\WINDOWS\system32\ieframe.dll 2014-07-09 02:04:43 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll 2014-07-09 02:04:42 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll 2014-07-09 02:04:40 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll 2014-07-09 02:04:40 ----A---- C:\WINDOWS\system32\wininet.dll 2014-07-09 02:04:40 ----A---- C:\WINDOWS\system32\urlmon.dll 2014-07-09 02:04:40 ----A---- C:\WINDOWS\system32\iertutil.dll 2014-07-09 02:04:39 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll 2014-07-09 02:04:39 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll 2014-07-09 02:04:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll 2014-07-09 02:04:39 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll 2014-07-09 02:04:39 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll 2014-07-09 02:04:39 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll 2014-07-09 02:04:39 ----A---- C:\WINDOWS\system32\mshtmled.dll 2014-07-09 02:04:39 ----A---- C:\WINDOWS\system32\msfeeds.dll 2014-07-09 02:04:39 ----A---- C:\WINDOWS\system32\dxtrans.dll 2014-07-09 02:04:39 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2014-07-09 02:04:38 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll 2014-07-09 02:04:38 ----A---- C:\WINDOWS\system32\ieapfltr.dll 2014-07-09 02:04:38 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2014-07-09 02:04:11 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll 2014-07-09 02:04:11 ----A---- C:\WINDOWS\system32\qedit.dll 2014-07-09 02:04:10 ----A---- C:\WINDOWS\system32\devinv.dll 2014-07-09 02:04:10 ----A---- C:\WINDOWS\system32\aepdu.dll 2014-07-09 02:04:09 ----A---- C:\WINDOWS\system32\aeinv.dll 2014-07-09 02:03:59 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll 2014-07-09 02:03:58 ----A---- C:\WINDOWS\system32\WSShared.dll 2014-07-09 02:03:57 ----A---- C:\WINDOWS\system32\wuaueng.dll 2014-07-09 02:03:57 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-09 02:03:57 ----A---- C:\WINDOWS\system32\twinui.dll 2014-07-09 02:03:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-09 02:03:56 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll 2014-07-09 02:03:55 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll 2014-07-09 02:03:55 ----A---- C:\WINDOWS\system32\wuauclt.exe 2014-07-09 02:03:55 ----A---- C:\WINDOWS\system32\wuapi.dll 2014-07-09 02:03:55 ----A---- C:\WINDOWS\system32\twinui.appcore.dll 2014-07-09 02:03:55 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll 2014-07-09 02:03:54 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll 2014-07-09 02:03:54 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll 2014-07-09 02:03:54 ----A---- C:\WINDOWS\system32\wudriver.dll 2014-07-09 02:01:33 ----A---- C:\WINDOWS\system32\WSReset.exe 2014-07-05 00:34:09 ----D---- C:\Users\E1-571G\AppData\Roaming\IrfanView 2014-07-05 00:34:08 ----D---- C:\Program Files (x86)\IrfanView 2014-07-03 22:55:43 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 2014-07-03 22:54:47 ----A---- C:\WINDOWS\system32\drivers\mwac.sys 2014-07-03 22:54:47 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys 2014-07-03 22:54:46 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-02 22:28:25 ----D---- C:\ProgramData\Wideblue installer 2014-07-02 22:28:17 ----D---- C:\Program Files (x86)\GS Supporter 2014-07-02 22:27:56 ----D---- C:\ProgramData\3504f312baf63136 2014-07-02 22:27:28 ----D---- C:\ProgramData\InstallMate 2014-06-24 13:17:00 ----D---- C:\Program Files (x86)\LogMeIn Hamachi ======List of files/folders modified in the last 1 month====== 2014-07-22 00:22:22 ----D---- C:\WINDOWS\Prefetch 2014-07-22 00:22:16 ----RD---- C:\Program Files 2014-07-22 00:11:40 ----D---- C:\Users\E1-571G\AppData\Roaming\Skype 2014-07-22 00:03:51 ----D---- C:\Users\E1-571G\AppData\Roaming\Dropbox 2014-07-22 00:03:46 ----D---- C:\Users\E1-571G\AppData\Roaming\DropboxMaster 2014-07-22 00:02:02 ----D---- C:\WINDOWS\system32\sru 2014-07-21 23:58:19 ----D---- C:\WINDOWS\Temp 2014-07-21 23:55:55 ----D---- C:\Users\E1-571G\AppData\Roaming\Spotify 2014-07-21 23:52:19 ----D---- C:\WINDOWS\system32\catroot 2014-07-21 20:12:51 ----D---- C:\WINDOWS\rescache 2014-07-21 20:03:34 ----D---- C:\WINDOWS\Microsoft.NET 2014-07-21 19:52:38 ----D---- C:\Users\E1-571G\AppData\Roaming\vlc 2014-07-21 16:26:24 ----HD---- C:\Program Files\WindowsApps 2014-07-21 16:26:21 ----D---- C:\WINDOWS\AppReadiness 2014-07-21 16:15:38 ----A---- C:\WINDOWS\SYSWOW64\log.txt 2014-07-20 22:38:59 ----D---- C:\Windows 2014-07-20 22:23:37 ----RD---- C:\Program Files (x86) 2014-07-20 22:23:36 ----HD---- C:\ProgramData 2014-07-20 22:11:10 ----D---- C:\WINDOWS\SysWOW64 2014-07-20 21:53:29 ----SHD---- C:\WINDOWS\Installer 2014-07-20 20:50:21 ----D---- C:\WINDOWS\system32\config 2014-07-20 20:02:05 ----D---- C:\WINDOWS\WinSxS 2014-07-20 09:36:09 ----D---- C:\WINDOWS\Inf 2014-07-18 00:18:48 ----D---- C:\WINDOWS\system32\catroot2 2014-07-17 23:16:42 ----D---- C:\WINDOWS\system32\drivers 2014-07-17 23:16:42 ----D---- C:\WINDOWS\FileManager 2014-07-17 22:35:02 ----D---- C:\WINDOWS\schemas 2014-07-16 10:17:52 ----RD---- C:\Program Files (x86)\Skype 2014-07-15 14:47:15 ----D---- C:\WINDOWS\Speech 2014-07-15 14:41:52 ----D---- C:\WINDOWS\Tasks 2014-07-15 14:41:52 ----D---- C:\WINDOWS\system32\Tasks 2014-07-09 10:21:03 ----RD---- C:\WINDOWS\System32 2014-07-09 10:21:03 ----D---- C:\Program Files\Internet Explorer 2014-07-09 10:21:03 ----D---- C:\Program Files (x86)\Internet Explorer 2014-07-09 10:21:01 ----RD---- C:\WINDOWS\ToastData 2014-07-09 10:21:01 ----D---- C:\WINDOWS\SYSWOW64\nl-NL 2014-07-09 10:21:01 ----D---- C:\WINDOWS\system32\nl-NL 2014-07-09 10:21:00 ----D---- C:\WINDOWS\WinStore 2014-07-09 07:00:51 ----D---- C:\WINDOWS\CbsTemp 2014-07-09 07:00:32 ----D---- C:\WINDOWS\system32\MRT 2014-07-09 06:58:18 ----A---- C:\WINDOWS\system32\MRT.exe 2014-07-09 06:56:50 ----D---- C:\ProgramData\Microsoft Help 2014-07-09 06:55:57 ----D---- C:\Program Files\Windows Journal 2014-07-09 06:50:02 ----SHD---- C:\System Volume Information 2014-07-04 13:38:46 ----D---- C:\WINDOWS\Logs 2014-07-04 00:51:12 ----RSD---- C:\WINDOWS\Media 2014-07-04 00:50:11 ----D---- C:\Users\E1-571G\AppData\Roaming\BitTorrent 2014-07-04 00:14:51 ----D---- C:\Program Files (x86)\Google 2014-07-04 00:14:47 ----D---- C:\WINDOWS\Camera 2014-07-03 22:55:06 ----D---- C:\Users\E1-571G\AppData\Roaming\Malwarebytes 2014-07-03 22:54:46 ----D---- C:\ProgramData\Malwarebytes 2014-07-02 22:27:55 ----HD---- C:\WINDOWS\system32\GroupPolicy 2014-07-02 22:27:55 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy 2014-07-02 22:27:54 ----RD---- C:\Users 2014-06-26 22:55:30 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952] R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-09-05 30496] R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-08-03 22648] R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-08-03 20520] R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-08-03 62776] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680] R3 b57xdbd;@oem20.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2012-06-16 72280] R3 b57xdmp;@oem20.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2012-06-16 21080] R3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Stuurprogramma voor Broadcom 802.11 netwerkadapter; C:\WINDOWS\system32\DRIVERS\bcmwl63al.sys [2013-07-01 5170176] R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2012-06-19 55384] R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-06-19 70744] R3 ETD;@oem4.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-08-10 315280] R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-04 4185600] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560] R3 IntcDAud;@oem16.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-08-08 342528] R3 iwdbus;@oem27.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-09-26 27032] R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984] R3 MEIx64;@oem21.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432] R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-09-05 11273504] R3 Ps2Kb2Hid;@oem5.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2012-08-26 26736] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864] S3 b57nd60a;@netb57va.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\b57nd60a.sys [2013-06-18 425984] S3 dot4;@oem7.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968] S3 Dot4Print;@oem8.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040] S3 dot4usb;@oem7.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056] S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 33856] S3 intaud_WaveExtensible;@oem26.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-09-26 39320] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992] R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-07-28 2415760] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-21 348784] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-06-23 2524496] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760] R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 377616] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864] R2 McNeelUpdate;McNeel Update Service 5.0; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2012-10-25 67752] R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [2011-09-15 86016] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-08-30 920864] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-02-03 66872] R2 PnkBstrB;PnkBstrB; C:\WINDOWS\syswow64\PnkBstrB.exe [2014-02-03 107832] R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-08-26 93296] R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416] R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-01 659600] S2 e9f32388;GS Supporter; C:\WINDOWS\syswow64\rundll32.exe [2013-08-22 49664] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [] S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-04 279000] S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-07-31 466064] S3 DialComService;DIAL Communication Service; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [2013-03-05 1863952] S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-02-07 1471352] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-26 655624] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc [] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-07-31 259136] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] -----------------EOF-----------------