Logfile of random's system information tool 1.10 (written by random/random)
Run by KristiAnne at 2015-01-18 14:16:20
WIN_7 Service Pack 1
System drive C: has 18 GB (8%) free of 231 GB
Total RAM: 4095 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:16:22, on 18-1-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\FreeCall.com\FreeCall\FreeCall.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Users\KristiAnne\AppData\Roaming\TornTV.com\TornTV Downloader.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\KristiAnne.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1421493560&from=ild&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF065274952749
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1421493559&from=ild&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF065274952749&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1421493559&from=ild&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF065274952749&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1421493560&from=ild&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF065274952749
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1421493560&from=ild&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF065274952749&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1421493560&from=ild&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF065274952749&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1421493560&from=ild&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF065274952749
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [FreeCall] "C:\Program Files (x86)\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
O4 - HKCU\..\Run: [TornTv Downloader] C:\Users\KristiAnne\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1279715118-3890717141-3735741419-1000\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User '?')
O4 - S-1-5-21-1279715118-3890717141-3735741419-1000 Startup: TornTvDownloader.lnk = KristiAnne\AppData\Roaming\TornTV.com\TornTV Downloader.exe (User '?')
O4 - Startup: TornTvDownloader.lnk = KristiAnne\AppData\Roaming\TornTV.com\TornTV Downloader.exe
O8 - Extra context menu item: &D&ownload &met BitComet - res://D:\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload alle video met BitComet - res://D:\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload alles met BitComet - res://D:\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\BitComet\tools\BitCometBHO_1.4.1.10.dll/206 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.mijnknltb.nl
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BecHelperService - Unknown owner - C:\Program Files (x86)\KPN\Mobiel Internet Software\BecHelperService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SmdmF Service (SmdmFService) - Unknown owner - C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: Torntv Downloader (trntv) - Cool Mirage - C:\Users\KristiAnne\AppData\Roaming\TornTV.com\TornTVSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Universal Updater Service (UniversalUpdater) - Unknown owner - C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18603 bytes

======Listing Processes======


======Scheduled tasks folder======

C:\Windows\tasks\30c9d699-fc2e-4545-a144-7dcce2b5832c-7.job -  
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1279715118-3890717141-3735741419-1000Core.job - C:\Users\KristiAnne\AppData\Local\Facebook\Update\FacebookUpdate.exe  /c /nocrashserver 
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1279715118-3890717141-3735741419-1000UA.job - C:\Users\KristiAnne\AppData\Local\Facebook\Update\FacebookUpdate.exe  /ua /installsource scheduler 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\Windows\tasks\IDLI.job - C:\Users\KristiAnne\AppData\Roaming\IDLI.exe  /infocmdline=s27cXSgkgBLqKPjXhVtl8wRw37Y3houa5CNabj7H57qPx0DOBcycWohmNI5pZQbyxfdR7mGIRP4O+rpjnKvN5SsBB/5+oUNRMw7Te2/7rE3jOo8Hc9qwJaU7+LXoZA3gh18BG1y+wtA+gNobaDO5c4pp2yqiIoj+Zy1jlPIqrTvAClFACX7HgdHVMW1YXm/PCc4qYlTNOHeOrilMaAI12apJdTYkXsujbheUt9YZtqajlq1llSzSIbqfFhSW4l/AtgaOMGbGKKjtuxzonwouyCzUS6IGhhARMYt37o7Yuo8+1vmB6cutAyKfonpsqv2g2y7cZnGrEjxltbyw2vWbUEj3TfeJmAHAj08kNIn7t3wT0o8ZZ+/dFAZyC5CfHdhglAZg2FbmNhVSBIXUGalmVVbhh4uzSKqt8F2ctRj+wOxahGKvgkg8gRmhWwWaNbSqVsd4ZvgUSTii9Jo/sKis3wjEsOwE8IiG1/Gw+DMxqpvKlQq/HfuCtKWSmyz7IYPF 

=========Mozilla firefox=========

ProfilePath - C:\Users\KristiAnne\AppData\Roaming\Mozilla\Firefox\Profiles\f9las1fh.default

prefs.js - "browser.search.useDBForOrder" -  true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Citrix.com/npican]
"Description"=Citrix ICA Client Plugin
"Path"=C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@popularscreensavers.com/Plugin]
"Description"=Popular Screensavers Plugin
"Path"=C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=D:\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Users\KristiAnne\AppData\Roaming\Mozilla\Firefox\Profiles\f9las1fh.default\extensions\
faststartff@gmail.com
fftoolbar2014@etech.com

C:\Users\KristiAnne\AppData\Roaming\Mozilla\Firefox\Profiles\f9las1fh.default\searchplugins\
bingp.xml
default-search.xml
Google.xml
omiga-plus.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-04-17 23107800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-18 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-04-17 17593048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-18 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-07-14 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - 
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-04-17 23107800]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-04-17 17593048]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-04-17 109784]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
"FreeCall"=C:\Program Files (x86)\FreeCall.com\FreeCall\FreeCall.exe [2014-02-11 19827512]
"TornTv Downloader"=C:\Users\KristiAnne\AppData\Roaming\TornTV.com\Torntv Downloader.exe [2014-11-18 280576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter]
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2013-10-01 395656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CrashMon]
C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe [2014-11-05 418368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecLiveUpdate]
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\KristiAnne\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-21 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall]
C:\Program Files (x86)\FreeCall.com\FreeCall\FreeCall.exe [2014-02-11 19827512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gStart]
C:\Garmin\gStart.exe [2008-08-13 1891416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-03-01 190808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mbot_nl_113]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-08-06 349480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Redirector]
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [2013-10-01 153992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-04-17 109784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-09 13667032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Salus]
C:\Program Files (x86)\f552dd4c52e3\b786bdb3c67d.exe [2014-11-05 997952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Salus CrashMon]
C:\Program Files (x86)\f552dd4c52e3\a7d12b5975b4.exe [2014-11-05 418368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22065760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE [2010-01-15 255536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update-agent.lnk]
C:\Program Files (x86)\KPN\Mobiel Internet Software\AutoUpdateSrv.exe  []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-09 5227112]
"ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2013-10-01 395656]
"Redirector"=C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [2013-10-01 153992]

C:\Users\KristiAnne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TornTvDownloader.lnk - C:\Users\KristiAnne\AppData\Roaming\TornTV.com\TornTV Downloader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux9"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2015-01-18 13:58:44 ----D---- C:\rsit
2015-01-18 13:46:55 ----D---- C:\Users\KristiAnne\AppData\Roaming\Enigma Software Group
2015-01-18 13:46:45 ----D---- C:\sh4ldr
2015-01-18 13:46:10 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2015-01-18 13:46:05 ----D---- C:\Program Files\Enigma Software Group
2015-01-18 11:51:19 ----SHD---- C:\Config.Msi
2015-01-18 10:52:45 ----ASH---- C:\pagefile.sys
2015-01-17 12:20:32 ----D---- C:\Program Files (x86)\XTab
2015-01-17 12:20:19 ----D---- C:\ProgramData\WindowsMangerProtect
2015-01-17 12:18:34 ----D---- C:\Users\KristiAnne\AppData\Roaming\TornTV.com
2015-01-17 10:59:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-14 08:24:16 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 08:24:08 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 08:24:07 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 08:24:05 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 08:23:50 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 08:23:44 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:23:29 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:23:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 08:23:25 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 08:23:20 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 08:23:18 ----A---- C:\Windows\system32\rstrui.exe
2015-01-14 08:23:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 08:23:16 ----A---- C:\Windows\system32\srclient.dll
2015-01-08 08:11:04 ----A---- C:\Windows\system32\aswBoot.exe
2014-12-18 17:39:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 17:39:03 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-18 17:29:04 ----A---- C:\Windows\avastSS.scr
2014-12-16 16:21:59 ----D---- C:\Windows\system32\appraiser
2014-12-16 08:15:58 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-16 08:15:58 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-16 08:15:58 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-16 08:15:58 ----A---- C:\Windows\system32\mferror.dll
2014-12-16 08:15:57 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-16 08:15:57 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-16 08:15:56 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-16 08:15:56 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-16 08:15:56 ----A---- C:\Windows\system32\mfps.dll
2014-12-16 08:15:55 ----A---- C:\Windows\system32\mf.dll
2014-12-11 10:35:26 ----A---- C:\Windows\system32\appraiser.dll
2014-12-11 10:35:26 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-11 10:35:26 ----A---- C:\Windows\system32\aepic.dll
2014-12-11 10:35:26 ----A---- C:\Windows\system32\aeinv.dll
2014-12-11 10:35:25 ----A---- C:\Windows\system32\invagent.dll
2014-12-11 10:35:25 ----A---- C:\Windows\system32\generaltel.dll
2014-12-11 10:35:25 ----A---- C:\Windows\system32\devinv.dll
2014-12-11 10:35:24 ----A---- C:\Windows\system32\aepdu.dll
2014-12-11 10:35:23 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 10:35:22 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 10:35:21 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-11 10:35:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 10:35:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 10:35:19 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-11 10:35:19 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-11 10:35:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 10:35:19 ----A---- C:\Windows\system32\iernonce.dll
2014-12-11 10:35:19 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-11 10:35:19 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-11 10:35:19 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 10:35:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 10:35:18 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-11 10:35:18 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 10:35:18 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 10:35:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 10:35:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-11 10:35:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 10:35:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 10:35:16 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 10:35:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 10:35:16 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 10:35:15 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-11 10:35:15 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-11 10:35:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-11 10:35:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 10:35:14 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 10:35:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-11 10:35:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 10:35:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 10:35:12 ----A---- C:\Windows\system32\iesetup.dll
2014-12-11 10:35:12 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 10:35:11 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 10:35:10 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-11 10:35:09 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 10:35:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 10:35:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 10:35:09 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-11 10:35:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-11 10:35:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 10:35:08 ----A---- C:\Windows\system32\ieui.dll
2014-12-11 10:35:08 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-11 10:35:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-11 10:35:07 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 10:35:07 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 10:35:06 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 10:35:06 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 10:35:06 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-11 10:35:06 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 10:35:05 ----A---- C:\Windows\system32\msrating.dll
2014-12-11 10:35:05 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 10:35:04 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 10:34:18 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-11 10:34:18 ----A---- C:\Windows\system32\charmap.exe
2014-12-11 10:34:17 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-11 10:34:17 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-11 10:34:17 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-11 10:34:17 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-11 10:34:17 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 10:34:17 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 10:34:16 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-11 10:34:16 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-11 10:34:16 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-11 10:34:16 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-11 10:34:13 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-11 10:34:13 ----A---- C:\Windows\system32\tzres.dll
2014-11-19 10:06:44 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 10:06:44 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 10:06:44 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 10:06:44 ----A---- C:\Windows\system32\kerberos.dll
2014-11-18 14:56:48 ----A---- C:\Windows\SYSWOW64\FM20.DLL
2014-11-17 15:17:38 ----D---- C:\Program Files (x86)\EliteUnzip_aaEI
2014-11-17 15:11:15 ----A---- C:\Windows\SYSWOW64\subinacl.exe
2014-11-17 15:11:13 ----D---- C:\Program Files\Common Files\Microsoft
2014-11-17 15:11:13 ----D---- C:\Program Files\Adware-Removal-Tool
2014-11-17 14:45:29 ----D---- C:\Windows\system32\log
2014-11-16 21:39:33 ----D---- C:\Program Files (x86)\b91374d8-d884-4518-8e61-430b3493b81b
2014-11-16 21:37:43 ----D---- C:\Program Files (x86)\Universal Updater
2014-11-16 21:37:43 ----D---- C:\Program Files (x86)\0ca45c95134d
2014-11-16 21:37:42 ----D---- C:\Program Files (x86)\f552dd4c52e3
2014-11-16 21:37:31 ----D---- C:\Program Files (x86)\mbot_nl_113
2014-11-15 21:49:46 ----D---- C:\Users\KristiAnne\AppData\Roaming\HYXDevPsnList
2014-11-12 13:35:17 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 13:35:16 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 13:35:16 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 13:35:16 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 13:35:16 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 13:35:15 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 13:35:15 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 13:35:15 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 13:35:15 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 13:34:28 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 13:34:28 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 13:34:28 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 13:34:28 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 13:34:27 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:34:26 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 13:34:25 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 13:34:25 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:34:24 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 13:34:24 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 13:34:24 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 13:34:24 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 13:34:24 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 13:34:23 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 13:34:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 13:34:20 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 13:34:20 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 13:34:20 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 13:34:18 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 13:34:18 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 13:34:18 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 13:34:18 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 13:34:18 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 13:34:18 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 13:34:18 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 13:34:17 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 13:34:09 ----A---- C:\Windows\system32\packager.dll
2014-11-12 13:34:08 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 13:34:06 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 13:34:05 ----A---- C:\Windows\system32\msi.dll
2014-11-12 13:34:04 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 13:34:02 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 13:34:02 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-05 18:36:36 ----A---- C:\Windows\system32\drivers\b786bdb3c67d.sys
2014-10-28 21:41:06 ----D---- C:\Program Files\iPod
2014-10-28 21:41:05 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-28 21:41:05 ----D---- C:\Program Files\iTunes

======List of files/folders modified in the last 3 months======

2015-01-18 14:16:20 ----D---- C:\Windows\Temp
2015-01-18 14:16:20 ----D---- C:\Program Files\trend micro
2015-01-18 14:16:17 ----D---- C:\Windows\Prefetch
2015-01-18 13:52:54 ----D---- C:\Windows\system32\config
2015-01-18 13:46:54 ----D---- C:\Windows\system32\Tasks
2015-01-18 13:46:11 ----D---- C:\Windows\system32\drivers
2015-01-18 13:46:05 ----D---- C:\Program Files
2015-01-18 13:28:13 ----D---- C:\Windows\system32\drivers\etc
2015-01-18 13:27:05 ----D---- C:\Windows\inf
2015-01-18 11:52:07 ----D---- C:\ProgramData\Microsoft Games
2015-01-18 11:52:02 ----SHD---- C:\Windows\Installer
2015-01-18 11:51:48 ----SHD---- C:\System Volume Information
2015-01-18 11:51:23 ----RD---- C:\Program Files (x86)
2015-01-18 11:51:22 ----D---- C:\Windows\SysWOW64
2015-01-18 11:51:22 ----D---- C:\Windows\System32
2015-01-18 10:53:00 ----D---- C:\Windows
2015-01-18 10:52:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-17 17:56:59 ----D---- C:\Windows\debug
2015-01-17 12:20:19 ----HD---- C:\ProgramData
2015-01-15 11:30:04 ----D---- C:\Windows\winsxs
2015-01-14 22:53:39 ----D---- C:\Windows\system32\MRT
2015-01-14 22:48:18 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 08:23:00 ----D---- C:\Windows\system32\catroot
2015-01-14 08:22:50 ----D---- C:\Windows\system32\catroot2
2015-01-13 08:36:43 ----D---- C:\Windows\tracing
2015-01-10 15:16:54 ----D---- C:\Users\KristiAnne\AppData\Roaming\vlc
2015-01-06 04:36:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-18 17:30:17 ----D---- C:\Windows\system32\DriverStore
2014-12-16 16:21:59 ----SD---- C:\Windows\system32\CompatTel
2014-12-16 16:21:59 ----SD---- C:\ProgramData\Microsoft
2014-12-16 16:21:59 ----D---- C:\Windows\AppCompat
2014-12-16 16:21:58 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-12-16 16:21:58 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-16 16:21:58 ----D---- C:\Windows\system32\nl-NL
2014-12-16 16:21:58 ----D---- C:\Windows\system32\en-US
2014-12-16 16:21:58 ----D---- C:\Windows\PolicyDefinitions
2014-12-16 16:21:58 ----D---- C:\Program Files\Internet Explorer
2014-12-16 16:21:57 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-16 08:22:57 ----D---- C:\ProgramData\Microsoft Help
2014-12-07 09:45:17 ----D---- C:\Windows\system32\FxsTmp
2014-11-21 21:10:04 ----D---- C:\Windows\Tasks
2014-11-19 20:24:16 ----D---- C:\Users\KristiAnne\AppData\Roaming\Apple Computer
2014-11-19 20:24:15 ----D---- C:\Program Files\Common Files\Apple
2014-11-19 20:23:27 ----D---- C:\Program Files (x86)\Google
2014-11-17 15:21:11 ----D---- C:\Program Files (x86)\Common Files
2014-11-17 15:11:13 ----D---- C:\Program Files\Common Files
2014-11-17 14:58:20 ----D---- C:\Windows\system32\LogFiles
2014-11-17 14:58:19 ----D---- C:\Windows\Downloaded Program Files
2014-11-17 14:54:27 ----D---- C:\Users\KristiAnne\AppData\Roaming\Skype
2014-11-16 22:24:16 ----D---- C:\Windows\Minidump
2014-11-16 22:01:43 ----D---- C:\Program Files\CCleaner
2014-11-15 23:38:50 ----D---- C:\Windows\Microsoft.NET
2014-11-15 21:49:52 ----RSD---- C:\Windows\assembly
2014-11-12 14:43:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-09 22:15:01 ----D---- C:\Downloads
2014-10-28 21:41:39 ----D---- C:\Program Files (x86)\iTunes
2014-10-28 21:40:55 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-26 08:45:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-19 19:26:51 ----D---- C:\ProgramData\Skype
2014-10-19 19:26:50 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-18 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-18 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-10-04 55952]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-09 564824]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-18 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-18 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-18 436624]
R1 b786bdb3c67d;b786bdb3c67d; C:\Windows\system32\drivers\b786bdb3c67d.sys [2014-11-05 47408]
R1 ctxusbm;Citrix USB Monitor Driver; C:\Windows\system32\DRIVERS\ctxusbm.sys [2013-09-24 97768]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-18 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-18 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-18 116728]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-09 94720]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y62x64.sys [2014-06-09 302296]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-06-09 3872984]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2013-01-03 79240]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2013-01-03 15752]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-01-03 61832]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 25816]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2014-06-09 694376]
R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg []
S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-04 114192]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2015-01-18 22704]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-05-08 20520]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 lvpopf64;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys [2010-05-14 271712]
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2011-04-01 341856]
S3 LVUVC64;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2011-04-01 4184672]
S3 massfilter;MBB Mass Storage Filter Driver; C:\Windows\system32\DRIVERS\massfilter.sys [2011-03-02 11776]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 63704]
S3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~2\COMMON~1\SYMANT~1\SymcData\ipsdefs\20070823.001\SymIDSCo.sys []
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver; C:\Windows\system32\DRIVERS\gtkdrv.sys [2014-06-02 16640]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-18 50344]
R2 BecHelperService;BecHelperService; C:\Program Files (x86)\KPN\Mobiel Internet Software\BecHelperService.exe [2011-03-02 1917832]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-10-28 244448]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-06 311592]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-12 62208]
R2 Realtek11nSU;Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2015-01-18 1025920]
R2 trntv;Torntv Downloader; C:\Users\KristiAnne\AppData\Roaming\TornTV.com\TornTVSvc.exe [2014-11-18 19456]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
R2 UniversalUpdater;Universal Updater Service; C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe [2014-11-05 653888]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2015-01-17 464384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 SmdmFService;SmdmF Service; C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12 267440]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-17 114800]
S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-28 935208]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-05 1255736]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------