Logfile of random's system information tool 1.10 (written by random/random) Run by Ani at 2015-02-16 15:35:07 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 119 GB (17%) free of 696 GB Total RAM: 5609 MB (65% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:35:20, on 16-2-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe C:\Program Files\trend micro\Ani.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={5A5749D0-0409-4C42-B5C0-1C46CFC11491}&mid=6ba74f42844e47d0958a3dd332d8bce0-4d6c49f09668e948d23730d7d7a9dbe31b330809&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-25 13:18:43&v=4.0.5.7&pid=wtu&sg=&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {37e17185-b07a-47b3-bd86-c675e4e4b89a} - (no file) O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot O4 - HKLM\..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - (no file) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12985 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-4fd2-85576b29dc65 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS "C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe" C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files\IDT\WDM\STacSV64.exe" C:\Windows\system32\svchost.exe -k GPSvcGroup atieclxx C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe taskeng.exe {5426DD55-5DBF-4A16-81D8-EB9C1769FDFD} C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe" C:\Windows\System32\lpksetup.exe -v "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe" "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService "C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" C:\Windows\SysWOW64\ezSharedSvcHost.exe "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe" "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe" "C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" "c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe" "C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2508 "C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe" "taskhost.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe" -servicelaunch=true taskeng.exe {79CA1253-54BA-4297-A67D-507B4F60CF9F} taskeng.exe {40994669-239D-465B-AA7D-75EAD63B7623} "C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe" -UseTray "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" "C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe" "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot "C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe" ctfmon.exe "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1156.117e8700.635629927 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1156 "\\.\pipe\gecko-crash-server-pipe.1156" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --proxy-stub-channel=Flash608.69276220.30458 --host-broker-channel=Flash608.69276220.970 --host-pid=608 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --channel=6004.003CF15C.1252840607 --proxy-stub-channel=Flash608.69276220.30458 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" --host-npapi-version=27 --type=renderer C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding "C:\Users\Ani\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\AVSRegistryCleaner.job - C:\Program Files (x86)\AVS4YOU\AVSRegistryCleaner\AVSRegistryCleaner.exe -s C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3633932082-2820396212-1660159255-1001Core.job - C:\Users\Ani\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3633932082-2820396212-1660159255-1001UA.job - C:\Users\Ani\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForAni.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAni (null) C:\Windows\tasks\Tuneup Pro_DEFAULT.job - C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe -default C:\Windows\tasks\Tuneup Pro_UPDATES.job - C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe -updatecheck ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}] SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07 81024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 6669000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-05 537576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-05 193512] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}] SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14 69760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2009-09-12 357384] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] c:\program files\microsoft office\office14\bcssync.exe [2012-11-05 108144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer] c:\program files (x86)\divx\divx media server\divxmediaserver.exe [2013-12-23 450560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] c:\program files (x86)\divx\divx update\divxupdate.exe [2013-11-15 1861968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch] c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe [2012-03-05 578944] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPOSD] c:\program files (x86)\hewlett-packard\hp on screen display\hposd.exe [2011-08-19 379960] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] c:\program files (x86)\ati technologies\ati.ace\core-static\amd64\clistart.exe [2013-08-30 766208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] C:\Program Files\synaptics\syntp\syntpenh.exe [2011-10-14 2837288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] c:\program files (x86)\real\realplayer\update\realsched.exe [2015-02-12 296520] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-01-06 3674576] "TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-09-12 5048488] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152] "TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2015-02-12 296520] "RealDownloader"=C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29 560192] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll"=C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll,DllRegisterServer [] "B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll"=C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll,DllRegisterServer [] "B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll"=C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll,DllRegisterServer [] "B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll"=C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll,DllRegisterServer [] "B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll"=C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll,DllRegisterServer [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup RealPlayer Cloud Service UI.lnk - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 6669000] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutorun"=0 "NoDriveTypeAutoRun"=255 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "EnableShellExecuteHooks"=1 "NoDriveTypeAutoRun"=255 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "msacm.ac3filter"=ac3filter64.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2015-02-16 15:35:07 ----D---- C:\rsit 2015-02-16 01:07:51 ----N---- C:\bootsqm.dat 2015-02-15 17:23:43 ----A---- C:\Program Files\TFC.exe 2015-02-13 19:46:24 ----RHD---- C:\MSOCache 2015-02-12 11:22:38 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll 2015-02-12 11:20:58 ----A---- C:\Windows\SYSWOW64\pncrt.dll 2015-02-12 11:20:06 ----A---- C:\Windows\SYSWOW64\msvcr71.dll 2015-02-12 11:20:06 ----A---- C:\Windows\SYSWOW64\msvcp71.dll 2015-02-12 07:59:11 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2015-02-12 07:59:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-02-12 07:59:11 ----A---- C:\Windows\system32\jscript9.dll 2015-02-12 07:59:10 ----A---- C:\Windows\system32\jscript9diag.dll 2015-02-11 11:02:25 ----A---- C:\Windows\system32\generaltel.dll 2015-02-11 11:02:25 ----A---- C:\Windows\system32\appraiser.dll 2015-02-11 11:02:24 ----A---- C:\Windows\system32\invagent.dll 2015-02-11 11:02:24 ----A---- C:\Windows\system32\devinv.dll 2015-02-11 11:02:24 ----A---- C:\Windows\system32\aitstatic.exe 2015-02-11 11:02:24 ----A---- C:\Windows\system32\aeinv.dll 2015-02-11 11:02:23 ----A---- C:\Windows\system32\aepic.dll 2015-02-11 11:02:23 ----A---- C:\Windows\system32\aepdu.dll 2015-02-11 11:01:53 ----A---- C:\Windows\SYSWOW64\schannel.dll 2015-02-11 11:01:53 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2015-02-11 11:01:53 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2015-02-11 11:01:53 ----A---- C:\Windows\system32\schannel.dll 2015-02-11 11:01:53 ----A---- C:\Windows\system32\msv1_0.dll 2015-02-11 11:01:53 ----A---- C:\Windows\system32\kerberos.dll 2015-02-11 11:01:52 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2015-02-11 11:01:52 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2015-02-11 11:01:52 ----A---- C:\Windows\system32\wdigest.dll 2015-02-11 11:01:52 ----A---- C:\Windows\system32\TSpkg.dll 2015-02-11 11:01:52 ----A---- C:\Windows\system32\ncrypt.dll 2015-02-11 11:01:51 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2015-02-11 11:01:51 ----A---- C:\Windows\SYSWOW64\credssp.dll 2015-02-11 11:01:51 ----A---- C:\Windows\system32\credssp.dll 2015-02-11 11:00:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2015-02-11 11:00:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2015-02-11 11:00:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2015-02-11 11:00:18 ----A---- C:\Windows\system32\ieetwproxystub.dll 2015-02-11 11:00:18 ----A---- C:\Windows\system32\ieetwcollector.exe 2015-02-11 11:00:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2015-02-11 11:00:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-02-11 11:00:16 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2015-02-11 11:00:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2015-02-11 11:00:16 ----A---- C:\Windows\system32\iernonce.dll 2015-02-11 11:00:16 ----A---- C:\Windows\system32\ie4uinit.exe 2015-02-11 11:00:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-02-11 11:00:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-02-11 11:00:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2015-02-11 11:00:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 11:00:12 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2015-02-11 11:00:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-02-11 11:00:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-02-11 11:00:12 ----A---- C:\Windows\system32\urlmon.dll 2015-02-11 11:00:12 ----A---- C:\Windows\system32\iedkcs32.dll 2015-02-11 11:00:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2015-02-11 11:00:11 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2015-02-11 11:00:11 ----A---- C:\Windows\SYSWOW64\ieui.dll 2015-02-11 11:00:11 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2015-02-11 11:00:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 11:00:11 ----A---- C:\Windows\system32\msfeeds.dll 2015-02-11 11:00:11 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 11:00:11 ----A---- C:\Windows\system32\dxtrans.dll 2015-02-11 11:00:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-02-11 11:00:09 ----A---- C:\Windows\system32\iesetup.dll 2015-02-11 11:00:09 ----A---- C:\Windows\system32\ieapfltr.dll 2015-02-11 11:00:07 ----A---- C:\Windows\system32\iertutil.dll 2015-02-11 11:00:06 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2015-02-11 11:00:05 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-02-11 11:00:05 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-02-11 11:00:04 ----A---- C:\Windows\SYSWOW64\msrating.dll 2015-02-11 11:00:04 ----A---- C:\Windows\system32\jsproxy.dll 2015-02-11 11:00:04 ----A---- C:\Windows\system32\ieUnatt.exe 2015-02-11 11:00:02 ----A---- C:\Windows\system32\ieui.dll 2015-02-11 11:00:02 ----A---- C:\Windows\system32\ieframe.dll 2015-02-11 11:00:02 ----A---- C:\Windows\system32\dxtmsft.dll 2015-02-11 10:59:59 ----A---- C:\Windows\system32\mshtmlmedia.dll 2015-02-11 10:59:59 ----A---- C:\Windows\system32\mshtmled.dll 2015-02-11 10:59:58 ----A---- C:\Windows\system32\vbscript.dll 2015-02-11 10:59:57 ----A---- C:\Windows\system32\wininet.dll 2015-02-11 10:59:55 ----A---- C:\Windows\system32\msrating.dll 2015-02-11 10:59:55 ----A---- C:\Windows\system32\MshtmlDac.dll 2015-02-11 10:59:54 ----A---- C:\Windows\system32\mshtml.dll 2015-02-11 10:57:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2015-02-11 10:57:07 ----A---- C:\Windows\system32\lsasrv.dll 2015-02-11 10:57:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2015-02-11 10:57:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2015-02-11 10:57:07 ----A---- C:\Windows\system32\drivers\cng.sys 2015-02-11 10:57:07 ----A---- C:\Windows\system32\adtschema.dll 2015-02-11 10:57:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2015-02-11 10:57:06 ----A---- C:\Windows\SYSWOW64\secur32.dll 2015-02-11 10:57:06 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2015-02-11 10:57:06 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2015-02-11 10:57:06 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2015-02-11 10:57:06 ----A---- C:\Windows\system32\sspisrv.dll 2015-02-11 10:57:06 ----A---- C:\Windows\system32\sspicli.dll 2015-02-11 10:57:06 ----A---- C:\Windows\system32\secur32.dll 2015-02-11 10:57:06 ----A---- C:\Windows\system32\msobjs.dll 2015-02-11 10:57:06 ----A---- C:\Windows\system32\msaudite.dll 2015-02-11 10:57:06 ----A---- C:\Windows\system32\lsass.exe 2015-02-11 10:57:06 ----A---- C:\Windows\system32\auditpol.exe 2015-02-11 10:56:14 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2015-02-11 10:56:14 ----A---- C:\Windows\system32\WindowsCodecs.dll 2015-02-11 10:56:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll 2015-02-11 10:56:10 ----A---- C:\Windows\system32\oleaut32.dll 2015-02-11 10:55:44 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2015-02-11 10:55:44 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2015-02-11 10:55:44 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2015-02-11 10:55:44 ----A---- C:\Windows\system32\wintrust.dll 2015-02-11 10:55:44 ----A---- C:\Windows\system32\cryptsvc.dll 2015-02-11 10:55:44 ----A---- C:\Windows\system32\crypt32.dll 2015-02-11 10:55:01 ----A---- C:\Windows\SYSWOW64\scesrv.dll 2015-02-11 10:55:01 ----A---- C:\Windows\system32\scesrv.dll 2015-02-11 10:54:06 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-02-11 10:54:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-02-11 10:54:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-02-11 10:54:03 ----A---- C:\Windows\system32\srcore.dll 2015-02-11 10:54:03 ----A---- C:\Windows\system32\rstrui.exe 2015-02-11 10:54:02 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-02-11 10:54:02 ----A---- C:\Windows\system32\srclient.dll 2015-02-11 10:49:36 ----A---- C:\Windows\system32\win32k.sys 2015-02-07 21:57:14 ----D---- C:\00000 nakijken 2015-02-06 18:01:43 ----D---- C:\Users\Ani\AppData\Roaming\Insoft LLC 2015-02-06 18:00:17 ----D---- C:\ProgramData\Adguard 2015-02-06 17:56:30 ----D---- C:\Program Files (x86)\Adguard 2015-02-02 22:59:19 ----D---- C:\Users\Ani\AppData\Roaming\Auslogics 2015-02-02 19:18:14 ----D---- C:\ProgramData\Systweak 2015-02-02 08:05:47 ----D---- C:\Users\Ani\AppData\Roaming\InstallShield 2015-01-31 20:27:26 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2015-01-31 16:48:18 ----D---- C:\Users\Ani\AppData\Roaming\Systweak 2015-01-31 16:44:10 ----A---- C:\Windows\system32\roboot64.exe 2015-01-31 16:43:51 ----D---- C:\Users\Ani\AppData\Roaming\Tuneup Pro 2015-01-30 20:57:07 ----D---- C:\Windows\system32\store 2015-01-29 17:25:50 ----D---- C:\0000 downloads spotnet 2015-01-29 16:54:17 ----D---- C:\Program Files (x86)\Spotnet 2015-01-29 14:36:18 ----D---- C:\allerlei 2015-01-29 12:23:09 ----D---- C:\bestelligen 2015-01-28 13:05:51 ----D---- C:\ING 2015-01-26 20:32:55 ----D---- C:\ProgramData\BSD 2015-01-26 19:57:49 ----HDC---- C:\ProgramData\{23F3535B-7807-4332-ABA2-0B13B9A309C9} 2015-01-26 17:06:44 ----D---- C:\ProgramData\Auslogics 2015-01-26 17:06:07 ----D---- C:\Program Files (x86)\Auslogics 2015-01-25 09:52:42 ----D---- C:\ProgramData\Wondershare 2015-01-25 09:52:42 ----D---- C:\Program Files (x86)\Wondershare 2015-01-23 16:48:41 ----D---- C:\Users\Ani\AppData\Roaming\NCH Software 2015-01-23 16:48:19 ----D---- C:\ProgramData\NCH Software 2015-01-23 13:46:34 ----D---- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} 2015-01-23 13:26:06 ----D---- C:\ProgramData\AVS4YOU 2015-01-23 13:25:45 ----A---- C:\Windows\SYSWOW64\libeay32.dll 2015-01-23 13:24:22 ----D---- C:\Program Files (x86)\AVS4YOU 2015-01-22 14:40:41 ----SHD---- C:\$RECYCLE.BIN 2015-01-22 13:17:37 ----A---- C:\Windows\zip.exe 2015-01-22 13:17:37 ----A---- C:\Windows\SWSC.exe 2015-01-22 13:17:37 ----A---- C:\Windows\SWREG.exe 2015-01-22 13:17:37 ----A---- C:\Windows\sed.exe 2015-01-22 13:17:37 ----A---- C:\Windows\PEV.exe 2015-01-22 13:17:37 ----A---- C:\Windows\NIRCMD.exe 2015-01-22 13:17:37 ----A---- C:\Windows\MBR.exe 2015-01-22 13:17:37 ----A---- C:\Windows\grep.exe 2015-01-22 13:16:47 ----SD---- C:\ComboFix 2015-01-22 13:14:11 ----D---- C:\Qoobox 2015-01-22 13:12:52 ----D---- C:\Windows\erdnt 2015-01-21 21:09:16 ----D---- C:\Users\Ani\AppData\Roaming\Search Protection 2015-01-20 20:26:25 ----D---- C:\Users\Ani\AppData\Roaming\Audacity 2015-01-20 14:48:29 ----D---- C:\Program Files\trend micro 2015-01-20 11:33:27 ----D---- C:\Users\Ani\AppData\Roaming\AMD 2015-01-20 10:54:38 ----D---- C:\Windows\ERUNT 2015-01-20 08:33:28 ----D---- C:\Program Files (x86)\VS Revo Group 2015-01-19 12:13:56 ----D---- C:\Users\Ani\AppData\Roaming\ZHP 2015-01-19 12:13:56 ----D---- C:\Program Files (x86)\ZHPDiag 2015-01-19 08:53:00 ----A---- C:\Windows\SYSWOW64\OVDecode.dll 2015-01-19 08:53:00 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll 2015-01-19 08:53:00 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll 2015-01-19 08:53:00 ----A---- C:\Windows\SYSWOW64\mantle32.dll 2015-01-19 08:53:00 ----A---- C:\Windows\SYSWOW64\atiumdva.dll 2015-01-19 08:53:00 ----A---- C:\Windows\SYSWOW64\atiumdag.dll 2015-01-19 08:53:00 ----A---- C:\Windows\system32\OVDecode64.dll 2015-01-19 08:53:00 ----A---- C:\Windows\system32\OpenVideo64.dll 2015-01-19 08:53:00 ----A---- C:\Windows\system32\mantleaxl64.dll 2015-01-19 08:53:00 ----A---- C:\Windows\system32\mantle64.dll 2015-01-19 08:53:00 ----A---- C:\Windows\system32\coinst_14.50.dll 2015-01-19 08:53:00 ----A---- C:\Windows\system32\clinfo.exe 2015-01-19 08:53:00 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat 2015-01-19 08:53:00 ----A---- C:\Windows\system32\ativvaxy_vi.dat 2015-01-19 08:53:00 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat 2015-01-19 08:53:00 ----A---- C:\Windows\system32\ativvaxy_cik_nd.dat 2015-01-19 08:53:00 ----A---- C:\Windows\system32\ativvaxy_cik.dat 2015-01-19 08:53:00 ----A---- C:\Windows\system32\ativce03.dat 2015-01-19 08:53:00 ----A---- C:\Windows\system32\ativce02.dat 2015-01-19 08:52:59 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll 2015-01-19 08:52:59 ----A---- C:\Windows\SYSWOW64\atioglxx.dll 2015-01-19 08:52:59 ----A---- C:\Windows\system32\atiumd6a.dll 2015-01-19 08:52:59 ----A---- C:\Windows\system32\atiumd64.dll 2015-01-19 08:52:59 ----A---- C:\Windows\system32\atiu9p64.dll 2015-01-19 08:52:59 ----A---- C:\Windows\system32\atitmm64.dll 2015-01-19 08:52:58 ----A---- C:\Windows\SYSWOW64\atimpc32.dll 2015-01-19 08:52:58 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll 2015-01-19 08:52:58 ----A---- C:\Windows\SYSWOW64\atigktxx.dll 2015-01-19 08:52:58 ----A---- C:\Windows\SYSWOW64\aticalrt.dll 2015-01-19 08:52:58 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\drivers\atikmpag.sys 2015-01-19 08:52:58 ----A---- C:\Windows\system32\drivers\atikmdag.sys 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atio6axx.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atimuixx.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atimpc64.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atiicdxx.dat 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atiglpxx.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atig6txx.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atig6pxx.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atidemgy.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\aticalrt64.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\amdpcom64.dll 2015-01-19 08:52:57 ----A---- C:\Windows\SYSWOW64\OpenCL.dll 2015-01-19 08:52:57 ----A---- C:\Windows\SYSWOW64\aticaldd.dll 2015-01-19 08:52:57 ----A---- C:\Windows\SYSWOW64\aticalcl.dll 2015-01-19 08:52:57 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll 2015-01-19 08:52:57 ----A---- C:\Windows\system32\OpenCL.dll 2015-01-19 08:52:57 ----A---- C:\Windows\system32\drivers\ati2erec.dll 2015-01-19 08:52:57 ----A---- C:\Windows\system32\aticaldd64.dll 2015-01-19 08:52:57 ----A---- C:\Windows\system32\aticalcl64.dll 2015-01-19 08:52:57 ----A---- C:\Windows\system32\atiapfxx.exe 2015-01-19 08:52:55 ----A---- C:\Windows\SYSWOW64\amdocl.dll 2015-01-19 08:52:55 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll 2015-01-19 08:52:55 ----A---- C:\Windows\system32\amdocl64.dll 2015-01-19 08:52:55 ----A---- C:\Windows\system32\amdmmcl6.dll 2015-01-19 08:52:54 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll 2015-01-19 08:52:54 ----A---- C:\Windows\system32\amdmantle64.dll 2015-01-19 08:52:54 ----A---- C:\Windows\system32\amdicdxx.dat 2015-01-19 08:52:53 ----A---- C:\Windows\system32\drivers\amdacpksd.sys 2015-01-19 08:52:53 ----A---- C:\Windows\system32\amde31a.dat 2015-01-19 08:52:37 ----A---- C:\Windows\system32\drivers\amd_xata.sys 2015-01-19 08:52:37 ----A---- C:\Windows\system32\drivers\amd_sata.sys 2015-01-19 08:51:34 ----A---- C:\Windows\system32\RtNicProp64.dll 2015-01-19 08:51:34 ----A---- C:\Windows\system32\drivers\Rt64win7.sys 2015-01-19 08:51:16 ----A---- C:\Windows\SYSWOW64\RsCRIcon.dll 2015-01-19 08:51:16 ----A---- C:\Windows\system32\drivers\RtsPStor.sys 2015-01-19 08:51:03 ----A---- C:\Windows\system32\drivers\point64.sys 2015-01-19 08:50:51 ----A---- C:\Windows\system32\ipcoin82.dll 2015-01-19 08:50:25 ----A---- C:\Windows\system32\itpcoin82.dll 2015-01-19 08:50:10 ----A---- C:\Windows\system32\drivers\dc3d.sys 2015-01-19 08:42:16 ----A---- C:\Windows\system32\drivers\AtihdW76.sys 2015-01-19 08:42:16 ----A---- C:\Windows\system32\DelayAPO.dll 2015-01-19 08:36:32 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS ======List of files/folders modified in the last 1 month====== 2015-02-16 15:33:39 ----D---- C:\Windows\Temp 2015-02-16 15:24:35 ----D---- C:\Windows\Prefetch 2015-02-16 15:08:39 ----D---- C:\Windows\system32\config 2015-02-16 15:03:29 ----D---- C:\Windows 2015-02-16 14:53:45 ----D---- C:\ProgramData\MFAData 2015-02-16 14:51:28 ----D---- C:\Windows\system32\Tasks 2015-02-16 12:02:28 ----SHD---- C:\System Volume Information 2015-02-16 01:19:23 ----RD---- C:\Program Files 2015-02-15 21:19:17 ----D---- C:\Exel 2015-02-15 16:03:51 ----SHD---- C:\Windows\Installer 2015-02-15 15:05:20 ----D---- C:\Windows\system32\wbem 2015-02-15 15:04:08 ----D---- C:\Windows\Tasks 2015-02-15 15:04:08 ----D---- C:\Windows\system32\DriverStore 2015-02-15 15:04:08 ----D---- C:\Windows\system32\drivers 2015-02-15 15:04:08 ----D---- C:\Windows\system32\catroot2 2015-02-15 15:04:08 ----D---- C:\Windows\registration 2015-02-15 14:42:34 ----D---- C:\Users\Ani\AppData\Roaming\vlc 2015-02-15 14:42:33 ----D---- C:\Windows\system32\CodeIntegrity 2015-02-15 14:42:33 ----D---- C:\Windows\inf 2015-02-14 15:51:09 ----D---- C:\PHOTOSHOP 2015-02-14 13:42:35 ----D---- C:\films 2015-02-14 10:06:12 ----D---- C:\Windows\CryptoGuard 2015-02-13 00:03:17 ----D---- C:\Windows\SysWOW64 2015-02-12 23:55:05 ----D---- C:\Users\Ani\AppData\Roaming\RealNetworks 2015-02-12 23:52:55 ----D---- C:\ProgramData\RealNetworks 2015-02-12 23:51:08 ----D---- C:\Windows\System32 2015-02-12 20:30:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-02-12 19:06:15 ----D---- C:\AdwCleaner 2015-02-12 17:21:17 ----RD---- C:\Program Files (x86) 2015-02-12 17:05:40 ----D---- C:\Program Files (x86)\IObit 2015-02-12 16:58:22 ----D---- C:\ProgramData\IObit 2015-02-12 16:53:05 ----D---- C:\Programma's 2015-02-12 11:44:27 ----D---- C:\Windows\Microsoft.NET 2015-02-12 11:33:39 ----D---- C:\Users\Ani\AppData\Roaming\Real 2015-02-12 11:25:36 ----SHD---- C:\Config.Msi 2015-02-12 11:25:29 ----D---- C:\Program Files (x86)\Real 2015-02-12 11:25:04 ----D---- C:\ProgramData\Package Cache 2015-02-12 11:23:38 ----D---- C:\Program Files (x86)\Common Files 2015-02-12 11:21:00 ----D---- C:\ProgramData\Real 2015-02-12 10:47:44 ----RSD---- C:\Windows\assembly 2015-02-12 08:48:32 ----D---- C:\Windows\winsxs 2015-02-12 08:48:30 ----D---- C:\Windows\SYSWOW64\en-US 2015-02-12 08:48:30 ----D---- C:\Windows\system32\en-US 2015-02-12 07:31:37 ----SD---- C:\Windows\system32\CompatTel 2015-02-12 07:31:34 ----D---- C:\Windows\system32\appraiser 2015-02-12 07:31:30 ----D---- C:\Windows\system32\nl-NL 2015-02-12 07:31:27 ----D---- C:\Program Files\Internet Explorer 2015-02-12 07:31:23 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-02-12 07:31:12 ----D---- C:\Program Files (x86)\Internet Explorer 2015-02-11 22:25:55 ----D---- C:\Windows\system32\MRT 2015-02-11 21:44:40 ----A---- C:\Windows\system32\MRT.exe 2015-02-11 16:24:10 ----D---- C:\Program Files (x86)\Opera 2015-02-11 16:12:04 ----D---- C:\Telefoon 2015-02-11 10:49:47 ----D---- C:\Windows\system32\catroot 2015-02-10 17:55:36 ----D---- C:\Users 2015-02-09 20:16:08 ----D---- C:\ProgramData\Spotnet 2015-02-07 22:23:41 ----D---- C:\auto 2015-02-07 22:23:41 ----D---- C:\00000 belangrijke documenten 2015-02-07 22:20:44 ----D---- C:\Ani 2015-02-07 22:20:13 ----D---- C:\Verzekeringen 2015-02-07 22:18:16 ----D---- C:\0 Johan 2015-02-07 22:17:51 ----D---- C:\0 Math 2015-02-07 22:15:50 ----D---- C:\0 Nico 2015-02-07 22:10:12 ----D---- C:\Belastingdienst 2015-02-07 21:48:24 ----D---- C:\000 Foto's 2015-02-07 15:17:52 ----D---- C:\Youtube downloads 2015-02-07 15:03:23 ----D---- C:\Windows\system32\LogFiles 2015-02-07 15:03:22 ----D---- C:\Windows\Minidump 2015-02-07 05:37:57 ----D---- C:\Windows\system32\wfp 2015-02-07 05:35:50 ----HD---- C:\ProgramData 2015-02-06 20:02:10 ----D---- C:\Windows\Logs 2015-02-05 07:53:29 ----D---- C:\Windows\Corel 2015-02-04 15:53:52 ----D---- C:\Users\Ani\AppData\Roaming\DVDVideoSoft 2015-02-04 15:43:06 ----D---- C:\ProgramData\River Past G5 2015-02-04 15:43:06 ----D---- C:\Program Files\Common Files 2015-02-03 16:13:17 ----D---- C:\Windows\security 2015-02-03 14:23:46 ----RD---- C:\Program Files (x86)\Skype 2015-02-03 14:16:04 ----D---- C:\ProgramData\Skype 2015-02-03 03:48:32 ----D---- C:\Users\Ani\AppData\Roaming\Azureus 2015-02-02 19:42:21 ----A---- C:\Windows\win.ini 2015-02-02 08:18:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2015-02-02 08:10:21 ----D---- C:\Windows\system32\drivers\UMDF 2015-02-01 18:37:02 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2015-01-31 15:39:41 ----D---- C:\downloads 2015-01-30 15:52:46 ----D---- C:\Users\Ani\AppData\Roaming\AVS4YOU 2015-01-29 14:07:16 ----D---- C:\Woning 2015-01-29 13:12:16 ----D---- C:\0 medisch VGZ 2015-01-28 12:07:53 ----D---- C:\computer 2015-01-27 18:43:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-27 15:42:59 ----D---- C:\Program Files (x86)\Mozilla Firefox 2015-01-24 09:51:02 ----D---- C:\ProgramData\ProductData 2015-01-23 13:03:52 ----D---- C:\000 Hulp 2015-01-22 14:40:21 ----D---- C:\Windows\system32\drivers\etc 2015-01-22 14:05:35 ----D---- C:\Windows\SYSWOW64\drivers 2015-01-22 14:05:34 ----D---- C:\Windows\AppPatch 2015-01-20 10:43:11 ----D---- C:\Indonsië 2015-01-19 11:50:13 ----D---- C:\Users\Ani\AppData\Roaming\IObit 2015-01-19 08:57:01 ----D---- C:\Program Files (x86)\Adobe 2015-01-19 08:53:00 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll 2015-01-19 08:53:00 ----A---- C:\Windows\system32\atiuxp64.dll 2015-01-19 08:52:58 ----A---- C:\Windows\SYSWOW64\atidxx32.dll 2015-01-19 08:52:58 ----A---- C:\Windows\SYSWOW64\aticfx32.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atiesrxx.exe 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atieclxx.exe 2015-01-19 08:52:58 ----A---- C:\Windows\system32\atidxx64.dll 2015-01-19 08:52:58 ----A---- C:\Windows\system32\aticfx64.dll 2015-01-19 08:52:57 ----A---- C:\Windows\system32\atiadlxx.dll 2015-01-19 08:51:34 ----A---- C:\Windows\system32\RTNUninst64.dll 2015-01-17 13:42:40 ----D---- C:\handleidingen 2015-01-17 11:13:02 ----D---- C:\ProgramData\TuneUp Software ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-01-19 83656] R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-01-19 43720] R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512] R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2014-12-22 535576] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184] R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-08-13 254496] R0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251); C:\Windows\system32\DRIVERS\tdrpm251.sys [2014-08-13 1455648] R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2014-08-13 929312] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-12-08 260888] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-11 283200] R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-19 26528] R1 RapportCerberus_80120;RapportCerberus_80120; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys [2015-01-12 845464] R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2014-12-22 445816] R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2014-12-22 558872] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512] R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2014-08-13 250400] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-01-19 18959360] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-01-19 589312] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2015-01-19 94720] R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088] R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2015-01-19 52584] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-02-16 129752] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704] R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2015-01-19 45416] R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2015-01-19 359128] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-19 942808] R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-03-25 3073752] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-12-17 520192] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2013-10-14 53376] S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136] S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 cpuz136;cpuz136; \??\C:\Users\Ani\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [] S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 14920] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys [] S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys [] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800] S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\Windows\system32\DRIVERS\rtl8192Ce.sys [2013-10-14 878184] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 tswNT;toolstar*testWIN support driver; \??\C:\Users\ADMINI~1\AppData\Local\Temp\001068A1\tswnt.sys [] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; C:\Windows\system32\drivers\TuneUpUtilitiesDrv.sys [] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-09-12 891432] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704] R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-08-13 2326920] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-01-19 244736] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 344064] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-01-06 3440080] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-01-06 309232] R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-05-06 1220608] R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528] R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200] R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-10-14 2413056] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016] R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-12-22 1919256] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-04-16 39056] R2 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [2015-02-12 1141848] R2 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856] R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2010-12-17 276992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-12 268464] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-08 50921648] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-06 1255736] S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] S4 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536] S4 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] -----------------EOF-----------------