Logfile of random's system information tool 1.10 (written by random/random) Run by matthias at 2015-01-27 20:47:38 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 121 GB (57%) free of 215 GB Total RAM: 6058 MB (50% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:47:39, on 27/01/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17496) Boot mode: Normal Running processes: C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\matthias\Downloads\HijackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\matthias.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: CuheApaMe - {4eaa1a9d-4a92-4f00-8ed2-34510703596b} - C:\ProgramData\CuheApaMe\BpC0EHMfdbbPQo.dll (file missing) O2 - BHO: FunDealss - {59e4edfb-7c28-411d-a145-cfcea61d0bba} - C:\ProgramData\FunDealss\UVSgHB9rwT9Mrx.dll (file missing) O2 - BHO: uonissalies - {790456e5-0b3a-4750-a787-8d9673e69816} - C:\Program Files (x86)\uonissalies\5eOAJCEmZJhXZr.dll (file missing) O2 - BHO: youtubeadblocker - {79117f2d-583b-4a59-b037-f294a03cadc5} - C:\Program Files (x86)\youtubeadblocker\THRhcblQcvwOI2.dll (file missing) O2 - BHO: DiScountExtensi - {8425d56e-66b0-4061-87ad-63c8eb95a846} - C:\ProgramData\DiScountExtensi\CjrE8JQcqoLhok.dll (file missing) O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe" O4 - HKLM\..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKUS\S-1-5-21-3683240426-1209236305-1723196143-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3683240426-1209236305-1723196143-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\WINDOWS\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: VMware Netlink Supervisor Service (ftnlsv3hv) - Unknown owner - C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe O23 - Service: VMware Scanner Redirection Client Service (ftscanmgr) - Unknown owner - C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware View USB (vmware-view-usbd) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe O23 - Service: VMware Serial Com Redirection Client service (vmwsprrdpwks) - VMware - C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: VMware Horizon Client (wsnm) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe -- End of file - 12491 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 24403344 \??\C:\Windows\system32\conhost.exe "-2572946581267932939-893585567-1834408676617911643496192425-26818166-1224293975 "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe" "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\DeltaFix\DeltaFix.dll",serv "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\DeltaFix\DeltaFix.dll",serv C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe" "C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe" "C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe" SERVICE "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" "C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe" -SCMStartup WLIDSvcM.exe 2676 "C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe" -SCMStartup C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe" "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe" \??\C:\Windows\system32\conhost.exe "91988833819923037651496898181-391442654747397242-11253664521454269413-294909615 "C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe" C:\Users\matthias" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3 "C:\WINDOWS\System32\igfxtray.exe" "C:\WINDOWS\System32\hkcmd.exe" "C:\WINDOWS\System32\igfxpers.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN -BootProc "C:\Program Files (x86)\Browny02\BrYNSvc.exe" -BootProc C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3868.0.1777773293\1269925909" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2321 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group5 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 prerender_instant_url_on_omnibox_focus:1 allow_prefetch_non_default_match:1/ExtensionInstallVerification/None/GoogleNow/Enable/PasswordGeneration/Enabled/Prerender/PrerenderControl/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_70/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="3868.2.789014793\310595371" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3868.5.1965136801\1731322745" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" C:\Windows\splwow64.exe 8192 "C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group5 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 prerender_instant_url_on_omnibox_focus:1 allow_prefetch_non_default_match:1/ExtensionInstallVerification/None/GoogleNow/Enable/PasswordGeneration/Enabled/Prerender/PrerenderControl/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_70/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="3868.133.1224158623\388784496" /prefetch:673131151 "taskhost.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group5 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 prerender_instant_url_on_omnibox_focus:1 allow_prefetch_non_default_match:1/ExtensionInstallVerification/None/GoogleNow/Enable/PasswordGeneration/Enabled/Prerender/PrerenderControl/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_70/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="3868.177.1225916353\1724704814" /prefetch:673131151 "C:\Users\matthias\Downloads\HijackThis.exe" "C:\Windows\system32\NOTEPAD.EXE" C:\Users\matthias\Downloads\hijackthis.log "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group5 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 prerender_instant_url_on_omnibox_focus:1 allow_prefetch_non_default_match:1/ExtensionInstallVerification/None/GoogleNow/Enable/PasswordGeneration/Enabled/Prerender/PrerenderControl/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_70/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="3868.184.2121143593\305451284" /prefetch:673131151 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe27_ Global\UsGthrCtrlFltPipeMssGthrPipe27 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540 "c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 466A2C38-0D35-1FA1-7C20-94E0921C93E5 -Reinvoke "C:\Users\matthias\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\Dell Support Center\uaclauncher.exe -backgroundmon scripts\defaultscan.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently C:\Windows\tasks\SystemToolsDailyTest.job - C:\Program Files\Dell Support Center\pcdrcui.exe -silentenumeration -st SystemToolsDailyTest ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-29 49440] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4eaa1a9d-4a92-4f00-8ed2-34510703596b}] CuheApaMe - C:\ProgramData\CuheApaMe\BpC0EHMfdbbPQo.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59e4edfb-7c28-411d-a145-cfcea61d0bba}] FunDealss - C:\ProgramData\FunDealss\UVSgHB9rwT9Mrx.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{790456e5-0b3a-4750-a787-8d9673e69816}] uonissalies - C:\Program Files (x86)\uonissalies\5eOAJCEmZJhXZr.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79117f2d-583b-4a59-b037-f294a03cadc5}] youtubeadblocker - C:\Program Files (x86)\youtubeadblocker\THRhcblQcvwOI2.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8425d56e-66b0-4061-87ad-63c8eb95a846}] DiScountExtensi - C:\ProgramData\DiScountExtensi\CjrE8JQcqoLhok.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-29 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-09-24 2370856] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-02-19 6611048] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-01-18 2188904] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-12 167960] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-12 391704] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-12 418840] "IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-12-17 1933584] "VMware Netlink 3 HV Install Utility"=C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [2014-11-20 70328] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2014-10-21 688984] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-12-03 40336] "Dell DataSafe Online"=C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [2010-08-26 1117528] "ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2013-04-05 139264] "BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2012-12-27 4522496] "BrHelp"=C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2013-01-18 2009088] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [2010-08-12 163040] "DSUpdateLauncher"=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe [2010-07-21 18240] "STToasterLauncher"=C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe [2010-08-12 120032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-03-07 385024] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2015-01-27 20:47:39 ----D---- C:\Program Files\trend micro 2015-01-27 20:47:38 ----D---- C:\rsit 2015-01-20 21:20:00 ----D---- C:\Program Files (x86)\SaveLoets 2015-01-18 17:07:48 ----D---- C:\ProgramData\VMware 2015-01-18 17:07:47 ----A---- C:\Windows\system32\drivers\hcmon.sys 2015-01-18 17:07:42 ----D---- C:\Program Files\Common Files\VMware 2015-01-18 17:07:41 ----D---- C:\Users\matthias\AppData\Roaming\VMware 2015-01-18 17:07:41 ----D---- C:\Program Files (x86)\VMware 2015-01-18 12:00:50 ----D---- C:\ProgramData\SaveLoets 2015-01-17 16:45:20 ----SHD---- C:\$RECYCLE.BIN 2015-01-17 16:45:17 ----D---- C:\Windows\temp 2015-01-17 16:45:15 ----A---- C:\ComboFix.txt 2015-01-17 16:38:34 ----A---- C:\Windows\zip.exe 2015-01-17 16:38:34 ----A---- C:\Windows\SWSC.exe 2015-01-17 16:38:34 ----A---- C:\Windows\SWREG.exe 2015-01-17 16:38:34 ----A---- C:\Windows\sed.exe 2015-01-17 16:38:34 ----A---- C:\Windows\PEV.exe 2015-01-17 16:38:34 ----A---- C:\Windows\NIRCMD.exe 2015-01-17 16:38:34 ----A---- C:\Windows\MBR.exe 2015-01-17 16:38:34 ----A---- C:\Windows\grep.exe 2015-01-17 16:38:30 ----AD---- C:\Qoobox 2015-01-17 16:38:23 ----D---- C:\Windows\erdnt 2015-01-17 15:24:34 ----D---- C:\ProgramData\emdhflphgiamjnhmaolljneabboajmca 2015-01-16 20:00:09 ----D---- C:\ProgramData\2e034dc3f04803a9 2015-01-16 19:51:37 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2015-01-14 22:02:27 ----A---- C:\Windows\system32\profsvc.dll 2015-01-14 22:02:25 ----A---- C:\Windows\SYSWOW64\nlaapi.dll 2015-01-14 22:02:25 ----A---- C:\Windows\SYSWOW64\ncsi.dll 2015-01-14 22:02:25 ----A---- C:\Windows\system32\nlasvc.dll 2015-01-14 22:02:24 ----A---- C:\Windows\system32\TSWbPrxy.exe 2015-01-14 22:02:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-01-14 22:02:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-01-14 22:02:23 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-01-14 22:02:22 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-01-14 22:02:22 ----A---- C:\Windows\system32\srcore.dll 2015-01-14 22:02:22 ----A---- C:\Windows\system32\srclient.dll 2015-01-14 22:02:22 ----A---- C:\Windows\system32\rstrui.exe 2015-01-04 09:00:06 ----D---- C:\Program Files (x86)\DeltaFix 2015-01-04 08:59:29 ----D---- C:\Program Files (x86)\Saving Flash 2015-01-04 08:58:15 ----D---- C:\ProgramData\floihfoihkljbgeaalmicppknfkoipdd 2015-01-01 11:43:38 ----D---- C:\Users\matthias\AppData\Roaming\Red Alert 3 2015-01-01 11:38:32 ----RHD---- C:\Users\matthias\AppData\Roaming\SecuROM 2015-01-01 11:20:10 ----D---- C:\Program Files (x86)\Electronic Arts 2015-01-01 11:20:10 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll 2015-01-01 11:20:10 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll 2015-01-01 11:20:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll 2015-01-01 11:20:10 ----A---- C:\Windows\system32\D3DX9_38.dll 2015-01-01 11:20:10 ----A---- C:\Windows\system32\d3dx10_38.dll 2015-01-01 11:20:10 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2014-12-28 17:30:38 ----D---- C:\ProgramData\APN 2014-12-28 17:30:03 ----D---- C:\Users\matthias\AppData\Roaming\BitTorrent ======List of files/folders modified in the last 1 month====== 2015-01-27 20:47:39 ----RD---- C:\Program Files 2015-01-27 19:56:09 ----D---- C:\Windows\system32\config 2015-01-25 19:06:49 ----D---- C:\Windows\system32\FxsTmp 2015-01-22 20:31:10 ----D---- C:\Windows\system32\NDF 2015-01-21 21:14:12 ----D---- C:\Windows\System32 2015-01-21 21:14:12 ----D---- C:\Windows\inf 2015-01-21 21:14:12 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-01-20 21:27:20 ----A---- C:\Windows\SYSWOW64\log.txt 2015-01-20 21:21:51 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup 2015-01-20 21:21:48 ----D---- C:\Windows\SysWOW64 2015-01-20 21:21:32 ----D---- C:\ProgramData\NVIDIA 2015-01-20 21:20:00 ----RD---- C:\Program Files (x86) 2015-01-20 21:15:30 ----D---- C:\Windows\system32\Tasks 2015-01-20 20:50:23 ----A---- C:\Windows\BRRBCOM.INI 2015-01-18 17:16:55 ----D---- C:\Program Files (x86)\TeamViewer 2015-01-18 17:16:53 ----RSD---- C:\Windows\Fonts 2015-01-18 17:07:49 ----SHD---- C:\Windows\Installer 2015-01-18 17:07:49 ----D---- C:\Config.Msi 2015-01-18 17:07:48 ----D---- C:\ProgramData 2015-01-18 17:07:47 ----D---- C:\Windows\system32\DriverStore 2015-01-18 17:07:47 ----D---- C:\Windows\system32\drivers 2015-01-18 17:07:47 ----D---- C:\Windows\system32\catroot 2015-01-18 17:07:42 ----D---- C:\Program Files\Common Files 2015-01-18 17:07:42 ----D---- C:\Program Files (x86)\Common Files 2015-01-18 11:20:38 ----D---- C:\Windows\winsxs 2015-01-18 11:04:47 ----D---- C:\Windows\system32\MRT 2015-01-18 11:01:11 ----A---- C:\Windows\system32\MRT.exe 2015-01-17 16:45:17 ----D---- C:\WINDOWS 2015-01-17 16:44:31 ----D---- C:\Windows\Tasks 2015-01-17 16:43:58 ----A---- C:\Windows\system.ini 2015-01-17 16:43:53 ----D---- C:\Windows\system32\drivers\etc 2015-01-17 16:41:29 ----D---- C:\Windows\SYSWOW64\drivers 2015-01-17 16:41:29 ----D---- C:\Windows\AppPatch 2015-01-16 21:46:34 ----D---- C:\Users\matthias\AppData\Roaming\vlc 2015-01-14 22:02:20 ----D---- C:\Windows\system32\catroot2 2015-01-06 04:36:02 ----N---- C:\Windows\system32\MpSigStub.exe 2014-12-28 18:05:24 ----D---- C:\Windows\rescache 2014-12-28 17:36:17 ----D---- C:\Users\matthias\AppData\Roaming\Azureus ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-12-18 32544] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-12-18 300320] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2014-11-18 57536] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-07 12264384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-19 2748520] R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440] R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-12-22 8505856] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760] R3 qicflt;upper Device Filter Driver; C:\Windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-09-24 1394224] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] R3 wdkmd;Intel WiDi KMD; C:\Windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [] S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-12-18 196384] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\DRIVERS\nvstusb.sys [2011-01-31 121960] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088] R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-12-17 1515792] R2 ftnlsv3hv;VMware Netlink Supervisor Service; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [2014-11-20 225976] R2 ftscanmgr;VMware Scanner Redirection Client Service; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [2014-11-20 3649720] R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-10-21 451416] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656] R2 NOBU;Dell DataSafe Online; C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-08-26 2823000] R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-18 1364256] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-12-17 836880] R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-21 689472] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496] R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-15 5426448] R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280] R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2014-11-18 910016] R2 vmware-view-usbd;VMware View USB; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [2014-11-18 1979608] R2 vmwsprrdpwks;VMware Serial Com Redirection Client service; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [2014-11-21 228024] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R2 wsnm;VMware Horizon Client; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [2014-12-01 528600] R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-10-26 282112] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 fc67e7a0;DeltaFix; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc [] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-29 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------