Logfile of random's system information tool 1.10 (written by random/random) Run by Kleine Fuhrer at 2014-11-20 07:10:45 Microsoft Windows 7 Enterprise Service Pack 1 System drive C: has 26 GB (33%) free of 80 GB Total RAM: 2302 MB (53% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:11:03, on 20-11-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17420) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Users\Kleine Fuhrer\AppData\Local\FluxSoftware\Flux\flux.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\Kleine Fuhrer\AppData\Local\Google\Chrome SxS\Application\chrome.exe C:\Users\Kleine Fuhrer\AppData\Local\Google\Chrome SxS\Application\chrome.exe C:\Users\Kleine Fuhrer\AppData\Local\Google\Chrome SxS\Application\chrome.exe C:\Users\Kleine Fuhrer\AppData\Local\Google\Chrome SxS\Application\chrome.exe C:\Users\Kleine Fuhrer\AppData\Local\Google\Chrome SxS\Application\chrome.exe C:\Users\Kleine Fuhrer\AppData\Local\Google\Chrome SxS\Application\chrome.exe C:\Users\Kleine Fuhrer\AppData\Local\Google\Chrome SxS\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Users\Kleine Fuhrer\AppData\Local\Google\Update\GoogleUpdate.exe C:\Users\Kleine Fuhrer\AppData\Local\Google\Chrome SxS\Application\chrome.exe C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Users\Kleine Fuhrer\Downloads\RSIT.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\trend micro\Kleine Fuhrer.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1393363373&from=vtt&uid=395049983_397233_74417C9B&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {4DB74D06-491C-440D-305E-012400990F3E} - C:\Windows\system32\cattsrvut.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s O4 - HKLM\..\Run: [WhatPulse] "D:\KF Bestanden Kroam\WhatPulse2\whatpulse.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart O4 - HKCU\..\Run: [f.lux] "C:\Users\Kleine Fuhrer\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKCU\..\Run: [feedreader.exe] "D:\KF Bestanden Kroam\FeedReader30\feedreader.exe" O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup (User 'Default user') O8 - Extra context menu item: Download met MiPony - file://C:\Program Files\MiPony\Browser\IEContext.htm O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted IP range: http://192.168.2.1 O15 - ESC Trusted IP range: http://192.168.2.1 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{327FAC99-AA92-404B-82F3-6DD656B37A0F}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CS1\Services\Tcpip\..\{327FAC99-AA92-404B-82F3-6DD656B37A0F}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CS2\Services\Tcpip\..\{327FAC99-AA92-404B-82F3-6DD656B37A0F}: NameServer = 208.67.222.222,208.67.220.220 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: Update service - Company - C:\Program Files\Popcorn Time\Updater.exe -- End of file - 8058 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3569434992-788234770-3847869894-1000Core.job - C:\Users\Kleine Fuhrer\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3569434992-788234770-3847869894-1000UA.job - C:\Users\Kleine Fuhrer\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DB74D06-491C-440D-305E-012400990F3E}] Groove GFS Browser Helper - C:\Windows\system32\cattsrvut.dll [2009-07-14 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-11-05 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-11-05 171944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-10-16 12021464] "WhatPulse"=D:\KF Bestanden Kroam\WhatPulse2\whatpulse.exe [] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2014-10-02 421888] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5088456] "NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-06 2464072] "ShadowPlay"=C:\Windows\system32\nvspcap.dll [2014-11-06 2197680] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "f.lux"=C:\Users\Kleine Fuhrer\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224] "feedreader.exe"=D:\KF Bestanden Kroam\FeedReader30\feedreader.exe [2009-03-29 2058240] "iCloudServices"=C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2014-10-17 43816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-10-17 43816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\Kleine Fuhrer\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-05 116648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC] C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2014-10-02 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive] C:\Users\Kleine Fuhrer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2013-08-15 257136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper] C:\Users\Kleine Fuhrer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-08-25 1245752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] c:\program files\real\realplayer\update\realsched.exe -osboot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Users\Kleine Fuhrer\AppData\Roaming\uTorrent\uTorrent.exe [2014-11-15 1385808] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Kleine Fuhrer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] C:\Users\KLEINE~1\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-01-03 30714328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2013-03-30 233888] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "VIDC.I420"=lvcodec2.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.siren"=sirenacm.dll "vidc.iv50"=ir50_32.dll "VIDC.FFDS"=ff_vfw.dll "msacm.avis"=ff_acm.acm "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "vidc.dvsd"=pdvcodec.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux3"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-11-19 23:22:58 ----A---- C:\Windows\system32\nvspcap.dll 2014-11-19 23:22:58 ----A---- C:\Windows\system32\nvspbridge.dll 2014-11-19 23:21:51 ----A---- C:\Windows\system32\nvaudcap32v.dll 2014-11-19 23:21:51 ----A---- C:\Windows\system32\drivers\nvvad32v.sys 2014-11-19 22:45:15 ----D---- C:\ProgramData\ESET 2014-11-19 22:45:15 ----D---- C:\Program Files\ESET 2014-11-19 01:58:39 ----A---- C:\Windows\system32\pku2u.dll 2014-11-19 01:58:37 ----A---- C:\Windows\system32\kerberos.dll 2014-11-17 08:31:39 ----D---- C:\Program Files\QuickTime 2014-11-15 13:46:09 ----D---- C:\Program Files\VideoLAN 2014-11-14 20:09:08 ----D---- C:\ProgramData\AirportMania 2014-11-12 17:03:50 ----A---- C:\Windows\system32\oleaut32.dll 2014-11-12 17:03:40 ----A---- C:\Windows\system32\IMJP10K.DLL 2014-11-12 17:03:32 ----A---- C:\Windows\system32\msi.dll 2014-11-12 17:03:03 ----A---- C:\Windows\system32\msxml3r.dll 2014-11-12 17:03:03 ----A---- C:\Windows\system32\msxml3.dll 2014-11-12 17:03:00 ----A---- C:\Windows\system32\audiosrv.dll 2014-11-12 17:03:00 ----A---- C:\Windows\system32\AUDIOKSE.dll 2014-11-12 17:02:59 ----A---- C:\Windows\system32\EncDump.dll 2014-11-12 17:02:59 ----A---- C:\Windows\system32\AudioSes.dll 2014-11-12 17:02:59 ----A---- C:\Windows\system32\AudioEng.dll 2014-11-12 17:02:57 ----A---- C:\Windows\system32\win32k.sys 2014-11-12 17:02:49 ----A---- C:\Windows\system32\schannel.dll 2014-11-12 17:02:48 ----A---- C:\Windows\system32\ncrypt.dll 2014-11-12 17:02:47 ----A---- C:\Windows\system32\wdigest.dll 2014-11-12 17:02:47 ----A---- C:\Windows\system32\TSpkg.dll 2014-11-12 17:02:47 ----A---- C:\Windows\system32\msv1_0.dll 2014-11-12 17:02:46 ----A---- C:\Windows\system32\credssp.dll 2014-11-12 17:02:08 ----A---- C:\Windows\system32\generaltel.dll 2014-11-12 17:02:07 ----A---- C:\Windows\system32\aepdu.dll 2014-11-12 17:02:05 ----A---- C:\Windows\system32\aeinv.dll 2014-11-12 17:02:04 ----A---- C:\Windows\system32\packager.dll 2014-11-12 17:01:54 ----A---- C:\Windows\system32\termsrv.dll 2014-11-12 17:01:54 ----A---- C:\Windows\system32\adtschema.dll 2014-11-12 17:01:53 ----A---- C:\Windows\system32\lsasrv.dll 2014-11-12 17:01:53 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2014-11-12 17:01:52 ----A---- C:\Windows\system32\msaudite.dll 2014-11-12 17:01:18 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 17:01:18 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-11-12 17:01:18 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-11-12 17:01:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 17:01:16 ----A---- C:\Windows\system32\iernonce.dll 2014-11-12 17:01:16 ----A---- C:\Windows\system32\ie4uinit.exe 2014-11-12 17:01:15 ----A---- C:\Windows\system32\urlmon.dll 2014-11-12 17:01:15 ----A---- C:\Windows\system32\iedkcs32.dll 2014-11-12 17:01:14 ----A---- C:\Windows\system32\jsproxy.dll 2014-11-12 17:01:14 ----A---- C:\Windows\system32\ieUnatt.exe 2014-11-12 17:01:13 ----A---- C:\Windows\system32\msfeeds.dll 2014-11-12 17:01:13 ----A---- C:\Windows\system32\jscript9diag.dll 2014-11-12 17:01:13 ----A---- C:\Windows\system32\ieapfltr.dll 2014-11-12 17:01:13 ----A---- C:\Windows\system32\dxtmsft.dll 2014-11-12 17:01:09 ----A---- C:\Windows\system32\msrating.dll 2014-11-12 17:01:09 ----A---- C:\Windows\system32\iesetup.dll 2014-11-12 17:01:07 ----A---- C:\Windows\system32\wininet.dll 2014-11-12 17:01:07 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 17:01:05 ----A---- C:\Windows\system32\dxtrans.dll 2014-11-12 17:01:04 ----A---- C:\Windows\system32\ieui.dll 2014-11-12 17:01:03 ----A---- C:\Windows\system32\ieframe.dll 2014-11-12 17:01:02 ----A---- C:\Windows\system32\mshtmled.dll 2014-11-12 17:01:01 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-11-12 17:01:00 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-11-12 17:00:59 ----A---- C:\Windows\system32\iertutil.dll 2014-11-12 17:00:57 ----A---- C:\Windows\system32\mshtml.dll 2014-11-12 17:00:55 ----A---- C:\Windows\system32\vbscript.dll 2014-11-12 17:00:54 ----A---- C:\Windows\system32\jscript9.dll 2014-11-11 16:11:18 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\Big Top Games 2014-11-09 18:58:52 ----A---- C:\Windows\ResortingToDanger.INI 2014-11-05 20:24:10 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\VS Revo Group 2014-11-05 06:07:16 ----D---- C:\Program Files\Common Files\Java 2014-11-05 06:07:04 ----A---- C:\Windows\system32\javaws.exe 2014-11-05 06:06:50 ----A---- C:\Windows\system32\WindowsAccessBridge.dll 2014-11-05 06:06:50 ----A---- C:\Windows\system32\javaw.exe 2014-11-05 06:06:50 ----A---- C:\Windows\system32\java.exe 2014-11-05 02:31:32 ----D---- C:\ProgramData\quickpick 2014-11-05 02:31:03 ----D---- C:\ProgramData\cheapncheap 2014-11-04 18:15:46 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\HdO Adventure 2014-11-03 10:50:22 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\BigFish 2014-11-03 10:50:22 ----D---- C:\ProgramData\BigFish 2014-11-02 23:31:32 ----D---- C:\ProgramData\Rare Treasures - Dinnerware Trading Company 2014-10-30 11:09:24 ----D---- C:\Program Files\VideoCnv 2014-10-30 07:20:23 ----D---- C:\Program Files\trend micro 2014-10-30 07:20:22 ----D---- C:\rsit 2014-10-28 21:24:20 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\Feedreader 2014-10-26 21:11:44 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\Realore_Whiterra Roads Of Rome 3 2014-10-26 11:37:01 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\Silverback Productions 2014-10-26 09:14:45 ----D---- C:\Program Files\Splashtop 2014-10-23 23:04:58 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\World-Loom 2014-10-22 14:39:45 ----A---- C:\Windows\Lexstat.ini 2014-10-22 14:35:04 ----D---- C:\drivers 2014-10-22 06:33:13 ----D---- C:\ProgramData\rionix ======List of files/folders modified in the last 1 month====== 2014-11-20 07:10:58 ----D---- C:\Windows\Prefetch 2014-11-20 07:10:48 ----D---- C:\Windows\Temp 2014-11-20 06:44:19 ----D---- C:\Windows\system32\config 2014-11-20 06:39:05 ----SHD---- C:\System Volume Information 2014-11-19 23:59:39 ----D---- C:\Windows\System32 2014-11-19 23:25:02 ----D---- C:\Windows\system32\DriverStore 2014-11-19 23:24:53 ----D---- C:\Windows\inf 2014-11-19 23:24:45 ----D---- C:\Program Files\NVIDIA Corporation 2014-11-19 23:22:48 ----D---- C:\ProgramData\NVIDIA Corporation 2014-11-19 23:22:14 ----D---- C:\Windows\system32\drivers 2014-11-19 22:55:47 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\uTorrent 2014-11-19 22:46:30 ----SHD---- C:\Windows\Installer 2014-11-19 22:46:27 ----SHD---- C:\Config.Msi 2014-11-19 22:45:15 ----RD---- C:\Program Files 2014-11-19 22:45:15 ----HD---- C:\ProgramData 2014-11-19 21:47:43 ----D---- C:\Windows\Dreampath - The Two Kingdoms Collectors Edition 2014-11-19 21:05:01 ----AD---- C:\ProgramData\TEMP 2014-11-19 16:53:27 ----D---- C:\Windows\winsxs 2014-11-17 09:39:22 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\vlc 2014-11-16 09:57:21 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-11-14 14:35:49 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\Mad Head Games 2014-11-14 11:51:54 ----D---- C:\Windows\rescache 2014-11-13 02:42:07 ----D---- C:\Windows\Microsoft.NET 2014-11-13 02:41:15 ----RSD---- C:\Windows\assembly 2014-11-13 00:48:25 ----SD---- C:\Windows\system32\CompatTel 2014-11-13 00:48:25 ----D---- C:\Windows\system32\tr-TR 2014-11-13 00:48:25 ----D---- C:\Windows\system32\nl-NL 2014-11-13 00:48:25 ----D---- C:\Windows\system32\en-US 2014-11-13 00:48:24 ----D---- C:\Program Files\Internet Explorer 2014-11-12 18:36:01 ----D---- C:\Windows\system32\MRT 2014-11-12 18:21:33 ----D---- C:\Windows\debug 2014-11-12 18:21:24 ----A---- C:\Windows\system32\MRT.exe 2014-11-12 18:19:26 ----D---- C:\Windows\system32\catroot2 2014-11-12 18:11:26 ----D---- C:\Windows\ModemLogs 2014-11-09 18:58:52 ----AD---- C:\Windows 2014-11-05 20:20:30 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-11-05 20:07:40 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\YoudaGames 2014-11-05 16:13:34 ----D---- C:\Windows\Deponia - The Puzzle 2014-11-05 06:07:58 ----D---- C:\ProgramData\Oracle 2014-11-05 06:07:16 ----D---- C:\Program Files\Common Files 2014-11-05 06:06:16 ----D---- C:\Program Files\Java 2014-11-05 02:31:47 ----D---- C:\ProgramData\e1e45fe9175bd409 2014-11-04 17:57:56 ----D---- C:\Windows\system32\NDF 2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe 2014-11-02 23:32:06 ----D---- C:\ProgramData\MumboJumbo 2014-10-30 11:20:58 ----D---- C:\ProgramData\Razer 2014-10-28 19:00:22 ----D---- C:\Windows\Downloaded Program Files 2014-10-28 06:49:52 ----D---- C:\Windows\system32\Tasks 2014-10-23 19:33:25 ----D---- C:\Program Files\Malwarebytes Anti-Malware 2014-10-23 05:26:31 ----D---- C:\Windows\Tasks 2014-10-22 14:38:24 ----D---- C:\Windows\twain_32 2014-10-22 14:24:10 ----D---- C:\Windows\system32\wdi 2014-10-22 06:07:53 ----D---- C:\ProgramData\FreshGames 2014-10-21 22:28:03 ----D---- C:\Users\Kleine Fuhrer\AppData\Roaming\casualArts 2014-10-21 22:28:03 ----D---- C:\ProgramData\casualArts ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-22 243128] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 191928] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 135296] R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 123424] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-10-16 3086040] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752] R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864] R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 23256] R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-06 18760] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2014-10-03 33096] R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848] R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520] S0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2014-10-10 190368] S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816] S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728] S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-23 88576] S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [] S3 DIRECTIO;DIRECTIO; \??\D:\KF Bestanden Kroam\PerformanceTest\DirectIo32.sys [] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464] S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2014-06-06 23456] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-07-28 49088] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-11-19 114904] S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 51928] S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848] S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] S3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2014-10-16 487640] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-23 184192] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184] S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 24064] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-03-18 15872] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2014-07-28 45056] S3 usbrndis6;USB RNDIS6 Adapter; C:\Windows\system32\DRIVERS\usb80236.sys [2013-03-18 15872] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-03-26 116512] S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [] S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2014-10-01 1349576] R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-06 915784] R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136] R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-06 1795912] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-06 18182984] R2 Update service;Update service; C:\Program Files\Popcorn Time\Updater.exe [2014-10-09 179200] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904] S2 22c5205d;VideoCnv; c:\Program Files\VideoCnv\Zet.dll,serv [] S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-16 267440] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-11 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 102912] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 540968] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2013-03-01 118520] S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-09-16 569024] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-29 1343400] S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] S4 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-11 116648] S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656] S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] -----------------EOF-----------------