Logfile of random's system information tool 1.10 (written by random/random) Run by dan-n_000 at 2014-10-28 09:34:05 Microsoft Windows 8.1 System drive C: has 53 GB (66%) free of 80 GB Total RAM: 3447 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:34:19, on 28/10/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17344) Boot mode: Normal Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\taskhostex.exe C:\Windows\system32\DllHost.exe C:\Windows\System32\skydrive.exe C:\Windows\System32\SettingSyncHost.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x86__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\system32\wwahost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\dan-n_000\Downloads\RSIT.exe C:\Program Files\trend micro\dan-n_000.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/webhp?sourceid=navclient&hl=nl&ie=UTF-8 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Helperobject voor Encarta Winkler Prins Webassistent - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Encarta Winkler Prins Webassistent - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [genesis] "c:\users\dan-n_000\appdata\local\genesis\genesis.exe" /r O4 - HKCU\..\Run: [E06NXLRD_1368187] "C:\Program Files\Microsoft Encarta\Encarta Winkler Prins Naslagbibliotheek 2006 DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: PHOTOfunSTUDIO 6.0.lnk = C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files\AOMEI Backupper Standard Edition 2.0\ABService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe -- End of file - 6725 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files\PC Speed Up\PCSUSD.exe /dev0 /idle =========Mozilla firefox========= ProfilePath - C:\Users\dan-n_000\AppData\Roaming\Mozilla\Firefox\Profiles\ycti9n8c.default prefs.js - "browser.search.useDBForOrder" - "false" "belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.189 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Users\dan-n_000\AppData\Roaming\Mozilla\Firefox\Profiles\ycti9n8c.default\extensions\ {121761af-0fa5-4896-a2a8-cfdbac4e4982} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-21 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{955BE0B8-BC85-4CAF-856E-8E0D8B610560}] Helperobject voor Encarta Winkler Prins Webassistent - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL [2005-06-04 228048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-11 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-21 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-11 194504] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072] {147D6308-0614-4112-89B1-31402F9B82C4} - Encarta Winkler Prins Webassistent - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL [2005-06-04 228048] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] "Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2014-03-25 2534400] "CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344] "SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2013-07-25 5624784] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] "NWEReboot"= [] "NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648] ""= [] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-07-02 12021464] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2014-10-02 421888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "genesis"=c:\users\dan-n_000\appdata\local\genesis\genesis.exe [2014-04-11 2527232] "E06NXLRD_1368187"=C:\Program Files\Microsoft Encarta\Encarta Winkler Prins Naslagbibliotheek 2006 DVD\EDICT.EXE [2005-06-04 301776] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2005-09-03 94208] "Spybot-S&D Cleaning"=C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [2013-09-20 3666224] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-10-23 4825880] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe PHOTOfunSTUDIO 6.0.lnk - C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon] SDWinLogon.dll [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "PromptOnSecureDesktop"=0 "ConsentPromptBehaviorAdmin"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon" "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "msacm.l3acm"=L3CODECA.ACM "vidc.yuy2"=msyuv.dll "vidc.i420"=iyuv_32.dll "vidc.cvid"=iccvid.dll "vidc.yvyu"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "vidc.uyvy"=msyuv.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .txt - open - "C:\Program Files\Just Great Software\EditPad Lite 7\EditPadLite7.exe" "%1" ======List of files/folders created in the last 1 month====== 2014-10-28 08:57:58 ----D---- C:\rsit 2014-10-28 08:57:58 ----D---- C:\Program Files\trend micro 2014-10-27 16:10:34 ----D---- C:\Program Files\Speccy 2014-10-24 14:55:17 ----D---- C:\ProgramData\Apple Computer 2014-10-24 14:55:17 ----D---- C:\Program Files\QuickTime 2014-10-21 14:47:09 ----D---- C:\Users\dan-n_000\AppData\Roaming\Oracle 2014-10-21 14:45:43 ----D---- C:\Program Files\Common Files\Java 2014-10-21 14:45:37 ----A---- C:\Windows\system32\javaws.exe 2014-10-21 14:45:30 ----A---- C:\Windows\system32\WindowsAccessBridge.dll 2014-10-21 14:45:30 ----A---- C:\Windows\system32\javaw.exe 2014-10-21 14:45:30 ----A---- C:\Windows\system32\java.exe 2014-10-21 14:45:10 ----D---- C:\Program Files\Java 2014-10-19 09:03:46 ----D---- C:\ProgramData\AskPartnerNetwork 2014-10-19 09:03:46 ----D---- C:\Program Files\AskPartnerNetwork 2014-10-19 09:02:04 ----D---- C:\ProgramData\APN 2014-10-19 08:55:57 ----D---- C:\Users\dan-n_000\AppData\Roaming\WebExtend 2014-10-18 09:30:28 ----A---- C:\Windows\system32\packager.dll 2014-10-18 09:30:18 ----A---- C:\Windows\system32\mshtml.dll 2014-10-18 09:29:37 ----A---- C:\Windows\system32\jscript9.dll 2014-10-18 09:29:34 ----A---- C:\Windows\system32\ieframe.dll 2014-10-18 09:29:31 ----A---- C:\Windows\system32\wininet.dll 2014-10-18 09:29:31 ----A---- C:\Windows\system32\iertutil.dll 2014-10-18 09:29:30 ----A---- C:\Windows\system32\urlmon.dll 2014-10-18 09:29:30 ----A---- C:\Windows\system32\msfeeds.dll 2014-10-18 09:29:30 ----A---- C:\Windows\system32\iedkcs32.dll 2014-10-18 09:29:29 ----A---- C:\Windows\system32\ie4uinit.exe 2014-10-18 09:29:28 ----A---- C:\Windows\system32\vbscript.dll 2014-10-18 09:29:28 ----A---- C:\Windows\system32\mshtmled.dll 2014-10-18 09:29:28 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-10-18 09:29:28 ----A---- C:\Windows\system32\ieapfltr.dll 2014-10-18 09:29:28 ----A---- C:\Windows\system32\dxtrans.dll 2014-10-18 09:25:13 ----A---- C:\Windows\system32\generaltel.dll 2014-10-18 09:25:12 ----A---- C:\Windows\system32\aepdu.dll 2014-10-18 09:25:10 ----A---- C:\Windows\system32\aeinv.dll 2014-10-18 09:24:46 ----A---- C:\Windows\system32\rastls.dll 2014-10-18 09:24:27 ----A---- C:\Windows\system32\msi.dll 2014-10-18 09:24:15 ----A---- C:\Windows\system32\wuaueng.dll 2014-10-18 09:24:14 ----A---- C:\Windows\system32\wucltux.dll 2014-10-18 09:24:14 ----A---- C:\Windows\system32\wuapi.dll 2014-10-18 09:24:13 ----A---- C:\Windows\system32\wuwebv.dll 2014-10-18 09:24:13 ----A---- C:\Windows\system32\WUSettingsProvider.dll 2014-10-18 09:24:13 ----A---- C:\Windows\system32\wudriver.dll 2014-10-18 09:24:13 ----A---- C:\Windows\system32\wuauclt.exe 2014-10-18 09:24:13 ----A---- C:\Windows\system32\wuapp.exe 2014-10-18 09:23:46 ----A---- C:\Windows\system32\MrmCoreR.dll 2014-10-18 09:23:41 ----A---- C:\Windows\system32\winbici.dll 2014-10-18 09:23:19 ----A---- C:\Windows\system32\win32k.sys 2014-10-13 08:13:54 ----D---- C:\Users\dan-n_000\AppData\Roaming\ClassicShell 2014-10-13 08:09:38 ----D---- C:\ProgramData\ClassicShell 2014-10-09 16:13:29 ----A---- C:\Windows\system32\shell32.dll 2014-10-09 16:13:26 ----A---- C:\Windows\system32\Windows.UI.Search.dll 2014-10-09 16:13:26 ----A---- C:\Windows\system32\mstscax.dll 2014-10-09 16:13:25 ----A---- C:\Windows\system32\SyncEngine.dll 2014-10-09 16:13:25 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-10-09 16:13:23 ----A---- C:\Windows\system32\SearchFolder.dll 2014-10-09 16:13:23 ----A---- C:\Windows\system32\ntdll.dll 2014-10-09 16:13:23 ----A---- C:\Windows\system32\KernelBase.dll 2014-10-09 16:13:23 ----A---- C:\Windows\system32\iphlpsvc.dll 2014-10-09 16:13:22 ----A---- C:\Windows\system32\WSShared.dll 2014-10-09 16:13:22 ----A---- C:\Windows\system32\Wldap32.dll 2014-10-09 16:13:22 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll 2014-10-09 16:13:22 ----A---- C:\Windows\system32\propsys.dll 2014-10-09 16:13:21 ----A---- C:\Windows\system32\SkyDriveShell.dll 2014-10-09 16:13:21 ----A---- C:\Windows\system32\pcsvDevice.dll 2014-10-09 16:13:21 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2014-10-09 16:13:21 ----A---- C:\Windows\system32\bisrv.dll 2014-10-09 16:13:20 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll 2014-10-09 16:13:20 ----A---- C:\Windows\system32\SkyDrive.exe 2014-10-09 16:13:20 ----A---- C:\Windows\system32\ProximityService.dll 2014-10-09 16:13:20 ----A---- C:\Windows\system32\httpprxm.dll 2014-10-09 16:13:20 ----A---- C:\Windows\system32\adhsvc.dll 2014-10-09 16:13:19 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-10-09 16:13:11 ----A---- C:\Windows\system32\authui.dll 2014-10-09 16:13:10 ----A---- C:\Windows\system32\appinfo.dll ======List of files/folders modified in the last 1 month====== 2014-10-28 09:33:00 ----D---- C:\Windows\Prefetch 2014-10-28 09:30:57 ----D---- C:\Windows\Temp 2014-10-28 09:00:00 ----D---- C:\Windows\system32\sru 2014-10-28 08:58:18 ----D---- C:\Windows\system32\config 2014-10-28 08:57:58 ----RD---- C:\Program Files 2014-10-28 08:54:35 ----SHD---- C:\System Volume Information 2014-10-28 08:52:26 ----D---- C:\Windows\CbsTemp 2014-10-28 08:52:21 ----D---- C:\Windows\WinSxS 2014-10-27 16:10:53 ----D---- C:\Windows\inf 2014-10-27 16:09:26 ----RD---- C:\Windows\System32 2014-10-27 16:09:26 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-10-27 11:34:59 ----D---- C:\Windows 2014-10-27 10:48:57 ----D---- C:\Windows\Microsoft.NET 2014-10-27 10:42:11 ----D---- C:\Windows\system32\DriverStore 2014-10-27 10:39:30 ----RSD---- C:\Windows\assembly 2014-10-27 10:21:51 ----D---- C:\Windows\system32\catroot2 2014-10-27 10:12:31 ----D---- C:\Windows\AppReadiness 2014-10-27 10:12:24 ----HD---- C:\Program Files\WindowsApps 2014-10-26 16:59:35 ----D---- C:\Program Files\AOMEI Backupper Standard Edition 2.0 2014-10-24 15:44:21 ----D---- C:\Program Files\CCleaner 2014-10-24 14:56:33 ----SHD---- C:\Windows\Installer 2014-10-24 14:55:17 ----HD---- C:\ProgramData 2014-10-24 08:27:11 ----D---- C:\Windows\rescache 2014-10-24 08:08:39 ----D---- C:\Windows\system32\catroot 2014-10-23 10:51:26 ----D---- C:\Windows\system32\nl-NL 2014-10-23 10:51:26 ----D---- C:\Program Files\Internet Explorer 2014-10-23 10:51:24 ----D---- C:\Windows\MediaViewer 2014-10-23 10:51:24 ----D---- C:\Windows\FileManager 2014-10-23 10:51:24 ----D---- C:\Windows\Camera 2014-10-23 09:40:13 ----SD---- C:\Windows\system32\CompatTel 2014-10-23 09:38:49 ----D---- C:\Windows\system32\MRT 2014-10-23 09:28:04 ----D---- C:\Windows\debug 2014-10-23 09:27:55 ----A---- C:\Windows\system32\MRT.exe 2014-10-22 15:53:43 ----D---- C:\Windows\SoftwareDistribution 2014-10-22 14:09:22 ----D---- C:\Windows\system32\Drivers 2014-10-22 13:51:59 ----D---- C:\Program Files\Malwarebytes Anti-Malware 2014-10-21 14:45:52 ----D---- C:\ProgramData\Oracle 2014-10-21 14:45:43 ----D---- C:\Program Files\Common Files 2014-10-21 10:39:01 ----D---- C:\Windows\system32\wbem 2014-10-21 10:37:49 ----D---- C:\Windows\Tasks 2014-10-21 10:37:49 ----D---- C:\Windows\system32\Tasks 2014-10-21 10:37:48 ----D---- C:\Users\dan-n_000\AppData\Roaming\Advanced System Protector 2014-10-21 10:32:51 ----D---- C:\Windows\registration 2014-10-21 10:32:44 ----D---- C:\Users 2014-10-21 10:32:41 ----SD---- C:\Users\dan-n_000\AppData\Roaming\Microsoft 2014-10-21 10:23:35 ----D---- C:\Users\dan-n_000\AppData\Roaming\systweak 2014-10-13 13:57:24 ----D---- C:\ProgramData\Spybot - Search & Destroy 2014-10-09 16:18:44 ----RD---- C:\Windows\ToastData 2014-10-09 16:18:41 ----D---- C:\Windows\WinStore 2014-10-04 15:37:39 ----D---- C:\Program Files\AOMEI Partition Assistant Standard Edition 5.5 2014-10-04 13:59:16 ----D---- C:\Program Files\Spybot - Search & Destroy 2 2014-10-04 13:56:32 ----D---- C:\Windows\InputMethod 2014-10-04 13:55:30 ----D---- C:\Program Files\IObit Apps Toolbar 2014-09-29 23:45:58 ----A---- C:\Windows\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2013-05-07 26424] R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 138584] R1 MpKslb7db1fe9;MpKslb7db1fe9; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{46ABEB91-A183-4244-B9E7-935FF4390926}\MpKslb7db1fe9.sys [] R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2013-05-07 129720] R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2013-02-06 14392] R2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624] R3 Atc002;@netl260x.inf,%Atc002.Service.DispName%;NDIS-minipoortstuurprogramma voor L2 Fast Ethernet-controller van Atheros; C:\Windows\system32\DRIVERS\l260x86.sys [2013-06-18 29184] R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-03-23 4815872] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-07-02 3086040] R3 MTsensor;@oem3.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 37888] R3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;UMDF-reflectorservice voor LocationProvider; C:\Windows\System32\drivers\WUDFRd.sys [2014-05-31 188416] R3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2014-05-31 188416] S1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [] S1 InCDRm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [] S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2013-11-29 14448] S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2014-04-19 23456] S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2013-07-23 22016] S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2013-07-23 61936] S3 WinUsb;@wudfusbcciddriver.inf,%WinUsb_Service_DisplayName%;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUSB.sys [2013-08-22 64000] S4 InCDFs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Program Files\AOMEI Backupper Standard Edition 2.0\ABService.exe [2014-04-08 29912] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-11 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-22 267440] S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-11 116648] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-11 194032] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-25 114288] S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-15 3921880] S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-09-20 1042272] S3 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-09-13 171416] -----------------EOF-----------------