Logfile of random's system information tool 1.10 (written by random/random) Run by ron_b_000 at 2014-10-14 13:55:52 Microsoft Windows 8.1 System drive C: has 410 GB (90%) free of 458 GB Total RAM: 3978 MB (44% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:55:55, on 14-10-2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17278) Boot mode: Normal Running processes: C:\Windows\syswow64\wwahost.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe C:\Program Files\trend micro\ron_b_000.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [BacKGround Agent] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe O4 - HKCU\..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON O4 - HKCU\..\Run: [AcerCloud] "C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe" startup O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0814tb] "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe" /PROMPT /CMPID=0814tb O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11937 bytes ======Listing Processes====== c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=8ed1130e-5cad-4f1d-8874-483ca5407f7f /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\5f8e6d59-0810-4458-a209-2b6bf2a6a071-204-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\" wininit.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" "C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe" "C:\Program Files\Elantech\ETDService.exe" dashost.exe {0065bdca-a8d5-4858-b203c17fe559df20} "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" "C:\Windows\system32\mfevtps.exe" "C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" "C:\Users\ron_b_000\AppData\Local\AOP SDK\acer infra\acer\SyncAgent" S-1-5-21-2827984364-831699823-299608674-1001 404 586 "C:\ProgramData\acer\CCD" \??\C:\Windows\system32\conhost.exe 0x4 "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" \??\C:\Windows\system32\conhost.exe 0x4 "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2014\avgemca.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\System32\alg.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" "C:\Program Files\Acer\Acer Quick Access\RMSvc.exe" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1194d59c-05b5-48cd-8c63-aca4149cfaa2 -SystemEventPortName:HostProcess-9ea4a58a-e0d1-4b00-9228-f531db0a0fa5 -IoCancelEventPortName:HostProcess-19d37b03-8671-4f29-b527-59cff5f2c84c -NonStateChangingEventPortName:HostProcess-0e4044f0-6907-46e3-924e-a94691a207d2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8b02d296-4c4b-4b35-a8d0-4ee86b94b633 -DeviceGroupId:WpdFsGroup C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" taskeng.exe {A50DE975-00ED-4860-B3CF-8D3545B8CA8D} "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe" --RELAUNCH=1 --CMPID=0814tb C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=78a5c36c-b3ed-4042-9a2e-c94da262b176 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\a38c894f-be16-440b-a2fb-b7221ac44876-c30-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" C:\Windows\System32\WinLogon.exe -SpecialSession -hiberboot "C:\Program Files\Elantech\ETDCtrl.exe" taskhostex.exe "C:\Program Files\Elantech\ETDTouch.exe" "C:\Program Files\Elantech\ETDCtrlHelper.exe" C:\Windows\Explorer.EXE "C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe" C:\Windows\System32\skydrive.exe -Embedding "C:\Program Files\Acer\Acer Launch Manager\LMTray.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Windows\syswow64\wwahost.exe" -ServerName:App.wwa C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe" "C:\Windows\system32\igfxsrvc.exe" -Embedding "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe" /PROMPT /CMPID=0814tb "C:\Program Files (x86)\AVG Secure Search\vprot.exe" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" "C:\Program Files\Acer\Acer Power Management\ePowerTray.exe" ctfmon.exe "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Program Files\Acer\Acer Quick Access\QAMsg.exe" "C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe" -hide "C:\Program Files\Acer\Acer Quick Access\QAEvent.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac "C:\Windows\system32\igfxext.exe" -Embedding C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Windows Live\Mail\wlmail.exe" "C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=8752.13ef5be0.235656249 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 8752 "\\.\pipe\gecko-crash-server-pipe.8752" plugin "C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe" --proxy-stub-channel=Flash9904.658E3FA8.26392 --host-broker-channel=Flash9904.658E3FA8.26713 --host-pid=9904 --host-npapi-version=27 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_15_0_0_152.dll" "C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe" --channel=5224.0082F664.426021195 --proxy-stub-channel=Flash9904.658E3FA8.26392 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_15_0_0_152.dll" --host-npapi-version=27 --type=renderer C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv "C:\Users\ron_b_000\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\AVG-Secure-Search-Update_0814tb_rel.job - C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe --RELAUNCH=1 --CMPID=0814tb C:\Windows\tasks\AVG-Secure-Search-Update_0814tb_rmv.job - C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe --CMPID=0814tb --uninstall=1 C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler =========Mozilla firefox========= ProfilePath - C:\Users\ron_b_000\AppData\Roaming\Mozilla\Firefox\Profiles\kuxesb68.default prefs.js - "browser.startup.homepage" - "http://www.msn.com/nl-nl" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.152 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] "Description"=This plugin updates Intel WebAPI component "Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.152 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll C:\Users\ron_b_000\AppData\Roaming\Mozilla\Firefox\Profiles\kuxesb68.default\searchplugins\ myOnlineSearch.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-14 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-14 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-14 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-14 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-10-08 391152] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-10-08 771056] "Persistence"=C:\Windows\system32\igfxpers.exe [2013-10-08 769520] "ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-10-02 2890056] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-27 13647576] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-12-24 133760] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Pokki"=C:\Users\ron_b_000\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2014-08-30 6403912] "AcerCloud"=C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2014-06-30 2524416] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-04-14 39408] "AVG-Secure-Search-Update_0814tb"=C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe [2014-08-28 2782744] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] "vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-08-25 2640408] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-08-25 5188112] "BacKGround Agent"=C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2014-09-22 62208] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-12-24 133760] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2013-10-01 623616] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLinkedConnections"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "midi2"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-10-14 13:55:53 ----D---- C:\Program Files\trend micro 2014-10-14 13:55:52 ----D---- C:\rsit 2014-10-14 00:57:46 ----SHD---- C:\Config.Msi 2014-10-12 23:24:42 ----D---- C:\Windows\LastGood 2014-10-12 22:52:12 ----D---- C:\AdwCleaner 2014-10-10 23:25:29 ----D---- C:\Windows\LastGood.Tmp 2014-10-10 21:26:32 ----A---- C:\autoexec.bat 2014-10-10 21:25:49 ----D---- C:\Program Files\Enigma Software Group 2014-10-10 21:24:25 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-10-09 22:40:59 ----D---- C:\Users\ron_b_000\AppData\Roaming\WildTangent 2014-10-09 22:10:22 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-10-09 22:09:58 ----D---- C:\ProgramData\Malwarebytes 2014-10-09 22:09:58 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-10-09 22:09:58 ----A---- C:\Windows\system32\drivers\mwac.sys 2014-10-09 22:09:58 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-10-09 22:09:58 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-10-04 15:37:47 ----D---- C:\Windows\SoftwareDistribution 2014-09-24 22:31:02 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-09-19 23:17:46 ----D---- C:\Users\ron_b_000\AppData\Roaming\337Games 2014-09-19 23:17:29 ----D---- C:\Users\ron_b_000\AppData\Roaming\MailUpdate 2014-09-19 23:17:29 ----D---- C:\ProgramData\MailUpdate ======List of files/folders modified in the last 1 month====== 2014-10-14 13:55:55 ----D---- C:\Windows\Prefetch 2014-10-14 13:55:53 ----RD---- C:\Program Files 2014-10-14 13:55:13 ----D---- C:\Windows\Temp 2014-10-14 13:47:13 ----D---- C:\Windows\Microsoft.NET 2014-10-14 13:00:02 ----D---- C:\Windows\system32\sru 2014-10-14 12:50:52 ----D---- C:\ProgramData\MFAData 2014-10-14 00:58:16 ----SHD---- C:\Windows\Installer 2014-10-14 00:58:16 ----SD---- C:\Users\ron_b_000\AppData\Roaming\Microsoft 2014-10-14 00:57:56 ----D---- C:\Windows\system32\Tasks 2014-10-14 00:56:35 ----D---- C:\Windows\system32\drivers 2014-10-14 00:38:00 ----D---- C:\ProgramData\AVG2014 2014-10-13 21:18:48 ----SHD---- C:\System Volume Information 2014-10-13 20:36:17 ----D---- C:\Windows\system32\NDF 2014-10-13 20:08:31 ----D---- C:\Windows 2014-10-13 16:38:02 ----D---- C:\Windows\Inf 2014-10-12 23:40:36 ----D---- C:\Windows\system32\config 2014-10-12 23:29:26 ----RD---- C:\Windows\System32 2014-10-12 23:29:26 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-10-12 23:24:43 ----D---- C:\Windows\SYSWOW64\RTCOM 2014-10-10 21:24:24 ----D---- C:\Program Files (x86)\Common Files 2014-10-10 20:39:17 ----D---- C:\Windows\AppReadiness 2014-10-10 20:39:16 ----HD---- C:\Program Files\WindowsApps 2014-10-10 00:13:57 ----D---- C:\Windows\debug 2014-10-09 23:04:51 ----HD---- C:\ProgramData 2014-10-09 23:04:25 ----D---- C:\Windows\SKB 2014-10-09 23:02:16 ----D---- C:\Program Files (x86) 2014-10-09 22:41:42 ----D---- C:\Program Files (x86)\WildTangent Games 2014-10-09 22:41:03 ----D---- C:\ProgramData\WildTangent 2014-10-09 22:36:07 ----D---- C:\Windows\Tasks 2014-10-09 09:25:40 ----D---- C:\Users\ron_b_000\AppData\Roaming\Atheros 2014-10-06 01:29:54 ----D---- C:\Program Files\CCleaner 2014-10-05 02:08:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-30 20:24:53 ----D---- C:\Users\ron_b_000\AppData\Roaming\vlc 2014-09-30 14:05:38 ----D---- C:\Program Files (x86)\Acer 2014-09-30 14:05:19 ----RSD---- C:\Windows\assembly 2014-09-25 11:26:57 ----D---- C:\Windows\rescache 2014-09-24 13:24:58 ----D---- C:\Windows\system32\DriverStore 2014-09-24 11:13:05 ----D---- C:\Windows\WinSxS 2014-09-24 10:39:52 ----D---- C:\Windows\system32\catroot2 2014-09-24 10:27:27 ----D---- C:\Windows\CbsTemp 2014-09-24 10:26:54 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-09-24 10:26:54 ----D---- C:\Windows\SYSWOW64\en-US 2014-09-24 10:26:54 ----D---- C:\Windows\system32\nl-NL 2014-09-24 10:26:54 ----D---- C:\Windows\system32\en-US 2014-09-23 22:04:11 ----RD---- C:\Windows\ToastData 2014-09-23 22:04:11 ----D---- C:\Windows\SysWOW64 2014-09-23 22:03:59 ----D---- C:\Program Files\Windows Journal 2014-09-23 22:03:58 ----D---- C:\Windows\WinStore 2014-09-23 22:03:57 ----D---- C:\Windows\SYSWOW64\wbem 2014-09-23 22:03:57 ----D---- C:\Windows\SYSWOW64\setup 2014-09-23 22:03:39 ----RD---- C:\Windows\ImmersiveControlPanel 2014-09-23 22:03:39 ----D---- C:\Windows\system32\drivers\nl-NL 2014-09-23 22:03:39 ----D---- C:\Windows\system32\drivers\en-US 2014-09-23 22:03:36 ----D---- C:\Windows\system32\wbem 2014-09-23 22:03:36 ----D---- C:\Windows\system32\Boot 2014-09-23 22:03:35 ----D---- C:\Windows\system32\setup 2014-09-23 22:03:35 ----D---- C:\Windows\system32\oobe 2014-09-23 22:03:07 ----RSD---- C:\Windows\Fonts 2014-09-23 22:03:05 ----D---- C:\Windows\apppatch 2014-09-23 22:03:04 ----D---- C:\Windows\SYSWOW64\migration 2014-09-23 22:03:04 ----D---- C:\Windows\SYSWOW64\InputMethod 2014-09-23 22:03:01 ----D---- C:\Windows\system32\migration ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512] R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-08 644968] R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2014-03-17 783864] R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2014-03-17 345456] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-15 50976] R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-06-30 270104] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680] R3 AthBTPort;@oem9.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-12-24 89800] R3 athr;@oem5.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-12-12 3881472] R3 BTATH_A2DP;@oem8.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-12-24 338120] R3 btath_avdt;@oem8.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-12-24 116424] R3 BTATH_BUS;@oem6.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-12-24 34384] R3 BTATH_HCRP;@oem11.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-12-24 179432] R3 BTATH_LWFLT;@oem13.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464] R3 BTATH_RCP;@oem15.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-12-24 137928] R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-12-24 597192] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920] R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] R3 ETD;@oem18.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-10-02 370504] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-01 4185600] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-27 3613528] R3 IntcDAud;@oem1.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-10-01 449528] R3 iwdbus;@oem4.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-09-26 27032] R3 L1C;@oem14.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-06-25 129256] R3 LMDriver;@oem20.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-17 21360] R3 MEIx64;@oem16.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2014-03-17 311600] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2014-03-17 522360] R3 RadioShim;@oem20.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-17 14680] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912] S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496] S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2014-03-17 69344] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640] S3 ccSet_NARA;NARA Settings Manager; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [2013-07-30 150104] S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2014-03-17 70592] S3 intaud_WaveExtensible;@oem3.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-09-26 39320] S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2014-03-17 180272] S3 nmwcd;@oem22.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968] S3 nmwcdc;@oem26.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136] S3 RSPCIESTOR;@oem12.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2013-08-30 356056] S3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088] S3 usbser;@oem24.inf,%MFG% %SVC%;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-22 33280] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216] S4 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2013-12-24 318592] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328] R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2014-09-22 3097856] R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-02 101192] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616] R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2013-08-03 457768] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-03-17 219752] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2014-03-17 185792] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648] R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-15 1820184] R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-07-06 663592] R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752] R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2013-08-03 457768] R3 RMSvc;Quick Access RadioMgr Service; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [2013-08-03 448040] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-14 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09 267440] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-10-08 279024] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-14 116648] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-14 194032] S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-24 114288] S3 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2013-08-02 4278112] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] -----------------EOF-----------------