Logfile of random's system information tool 1.10 (written by random/random) Run by Julian at 2015-03-02 18:03:16 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 17 GB (7%) free of 256 GB Total RAM: 4007 MB (43% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:03:22, on 2-3-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17631) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Windows\Samsung\PanelMgr\SSMMgr.exe C:\Program Files (x86)\QuickTime\QTTask.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavMain.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Julian.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [SophosAlert] cmd.exe /c IF EXIST "C:\Program Files (x86)\Sophos\AutoUpdate\SophosAlert.exe" start "Sophos" /B "C:\Program Files (x86)\Sophos\AutoUpdate\SophosAlert.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F1BA3CFD996AAE420970E29746AC5B8F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2560616651-1580283860-1295699340-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2560616651-1580283860-1295699340-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll, C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sophos AutoUpdate Service - Sophos Limited - C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Sophos Web Intelligence Service (swi_service) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe O23 - Service: Sophos Web Intelligence Update (swi_update_64) - Sophos Limited - C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17125 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe" "C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe" C:\Windows\system32\nvvsvc.exe -session -first "C:\Windows\system32\Dwm.exe" C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe" C:\Windows\system32\WLANExt.exe 31696160 "C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe" \??\C:\Windows\system32\conhost.exe "-19329946426901512711617424413199057443910705186301257906269907774729-656872727 C:\Windows\System32\spoolsv.exe "taskhost.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe" taskeng.exe {53C9D082-C521-4A77-BF4F-3527119ABC4C} "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" "C:\Program Files\P4G\BatteryLife.exe" taskeng.exe {8C4F0337-179F-450D-A91C-E6124F21881B} "C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" "C:\Program Files\ASUS\Splendid\ACMON.exe" "C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe" "C:\Program Files\Intel\TurboBoost\TurboBoost.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 3432 "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3 "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe" "C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" "C:\Windows\Samsung\PanelMgr\SSMMgr.exe" /autorun "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime "C:\Program Files\PowerISO\PWRISOVM.EXE" -startup C:\Windows\Samsung\PanelMgr\caller64.exe Samsung PanelMgr "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "C:\Windows\AsScrPro.exe" "C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\servicing\TrustedInstaller.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1508.0.1677789978\1234489894" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,39 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2559 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="1508.4.556203815\1622593757" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="1508.5.1110386917\284381693" /prefetch:673131151 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="1508.11.26046060\399603133" /prefetch:673131151 explorer.exe "taskhost.exe" "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavMain.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="1508.19.198561286\1441172691" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="1508.21.2055140847\451915323" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="1508.23.728724025\1080436923" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1508.24.524517228\1987290174" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe taskhost.exe $(Arg0) C:\Windows\system32\igfxsrvc.exe -Embedding "C:\Users\Julian\Desktop\RSITx64 (1).exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\DriverNavigator Scheduled Scan.job - C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe --scan C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler =========Mozilla firefox========= ProfilePath - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\71co5k89.default prefs.js - "browser.search.useDBForOrder" - true [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0] "Description"= "Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}] TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 235344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-04-13 346736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-04-13 318960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}] TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17 264528] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}] TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-27 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-13 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-04-13 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}] TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2011-04-13 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-27 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-04-13 346736] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-13 256112] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2010-10-12 192520] "VizorHtmlDialog.exe"=C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2010-10-08 1123664] "Trend Micro Titanium"=C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [2010-09-17 322384] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-05-05 2785064] "SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2011-05-05 97064] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-05-17 11855976] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-05-17 2226280] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-21 416024] "IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [] "IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-05-02 1935120] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-21 167704] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-21 392472] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760] "GoogleChromeAutoLaunch_F1BA3CFD996AAE420970E29746AC5B8F"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-02-17 843592] "DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2011-08-17 4527424] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536] "UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] "UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "Sophos AutoUpdate Monitor"=C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [2015-02-05 1618728] "SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-10 984400] "Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2010-06-07 618496] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888] "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-12-16 377368] "Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-09-09 421776] "HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016] "CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992] "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624] "ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472] "ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-13 2018032] "ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2011-08-07 3058304] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "SophosAlert"=cmd.exe /c IF EXIST C:\Program Files (x86)\Sophos\AutoUpdate\SophosAlert.exe start Sophos /B C:\Program Files (x86)\Sophos\AutoUpdate\SophosAlert.exe [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-10-21 390144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SAVService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "aux5"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "aux6"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "aux7"=wdmaud.drv "aux8"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-03-02 18:03:16 ----D---- C:\rsit 2015-03-02 15:32:02 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2015-03-02 15:31:41 ----A---- C:\Windows\system32\drivers\mwac.sys 2015-03-02 15:31:41 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2015-03-02 15:31:40 ----D---- C:\ProgramData\Malwarebytes 2015-03-02 15:31:40 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-03-02 15:31:40 ----A---- C:\Windows\system32\drivers\mbam.sys 2015-03-02 11:22:55 ----A---- C:\Windows\ntbtlog.txt 2015-02-26 01:06:42 ----A---- C:\Windows\SYSWOW64\sho735F.tmp 2015-02-22 17:58:02 ----D---- C:\Users\Julian\AppData\Roaming\VST3 Presets 2015-02-22 17:57:18 ----D---- C:\Users\Julian\AppData\Roaming\Plugin Alliance 2015-02-22 17:56:21 ----D---- C:\Program Files (x86)\Brainworx Music 2015-02-22 16:07:58 ----D---- C:\ProgramData\Sonic Academy 2015-02-12 18:12:22 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2015-02-12 18:12:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-02-12 18:12:22 ----A---- C:\Windows\system32\jscript9.dll 2015-02-12 18:12:21 ----A---- C:\Windows\system32\jscript9diag.dll 2015-02-11 22:50:50 ----A---- C:\Windows\SYSWOW64\wdi.dll 2015-02-11 22:50:50 ----A---- C:\Windows\system32\wdi.dll 2015-02-11 22:50:50 ----A---- C:\Windows\system32\powertracker.dll 2015-02-11 22:50:50 ----A---- C:\Windows\system32\perftrack.dll 2015-02-11 22:50:03 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-02-11 22:50:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-02-11 22:50:01 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-02-11 22:50:00 ----A---- C:\Windows\system32\srcore.dll 2015-02-11 22:50:00 ----A---- C:\Windows\system32\rstrui.exe 2015-02-11 22:49:59 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-02-11 22:49:59 ----A---- C:\Windows\system32\srclient.dll 2015-02-11 22:38:38 ----A---- C:\Windows\system32\generaltel.dll 2015-02-11 22:38:38 ----A---- C:\Windows\system32\appraiser.dll 2015-02-11 22:38:38 ----A---- C:\Windows\system32\aeinv.dll 2015-02-11 22:38:36 ----A---- C:\Windows\system32\invagent.dll 2015-02-11 22:38:36 ----A---- C:\Windows\system32\devinv.dll 2015-02-11 22:38:36 ----A---- C:\Windows\system32\aitstatic.exe 2015-02-11 22:38:34 ----A---- C:\Windows\system32\aepdu.dll 2015-02-11 22:38:33 ----A---- C:\Windows\system32\aepic.dll 2015-02-11 22:38:22 ----A---- C:\Windows\system32\schannel.dll 2015-02-11 22:38:21 ----A---- C:\Windows\SYSWOW64\schannel.dll 2015-02-11 22:38:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2015-02-11 22:38:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2015-02-11 22:38:20 ----A---- C:\Windows\system32\msv1_0.dll 2015-02-11 22:38:20 ----A---- C:\Windows\system32\kerberos.dll 2015-02-11 22:38:19 ----A---- C:\Windows\system32\wdigest.dll 2015-02-11 22:38:19 ----A---- C:\Windows\system32\ncrypt.dll 2015-02-11 22:38:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2015-02-11 22:38:17 ----A---- C:\Windows\system32\TSpkg.dll 2015-02-11 22:38:15 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2015-02-11 22:38:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2015-02-11 22:38:13 ----A---- C:\Windows\SYSWOW64\credssp.dll 2015-02-11 22:38:13 ----A---- C:\Windows\system32\credssp.dll 2015-02-11 22:37:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2015-02-11 22:37:14 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2015-02-11 22:37:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2015-02-11 22:37:14 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2015-02-11 22:37:14 ----A---- C:\Windows\system32\ieetwproxystub.dll 2015-02-11 22:37:14 ----A---- C:\Windows\system32\ieetwcollector.exe 2015-02-11 22:37:13 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-02-11 22:37:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-02-11 22:37:13 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-02-11 22:37:13 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2015-02-11 22:37:13 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2015-02-11 22:37:13 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2015-02-11 22:37:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 22:37:13 ----A---- C:\Windows\system32\iernonce.dll 2015-02-11 22:37:13 ----A---- C:\Windows\system32\ie4uinit.exe 2015-02-11 22:37:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2015-02-11 22:37:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2015-02-11 22:37:12 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2015-02-11 22:37:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-02-11 22:37:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-02-11 22:37:12 ----A---- C:\Windows\system32\urlmon.dll 2015-02-11 22:37:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 22:37:12 ----A---- C:\Windows\system32\iedkcs32.dll 2015-02-11 22:37:11 ----A---- C:\Windows\SYSWOW64\ieui.dll 2015-02-11 22:37:11 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-02-11 22:37:11 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2015-02-11 22:37:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 22:37:11 ----A---- C:\Windows\system32\msfeeds.dll 2015-02-11 22:37:11 ----A---- C:\Windows\system32\iesetup.dll 2015-02-11 22:37:11 ----A---- C:\Windows\system32\ieapfltr.dll 2015-02-11 22:37:11 ----A---- C:\Windows\system32\dxtrans.dll 2015-02-11 22:37:10 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2015-02-11 22:37:10 ----A---- C:\Windows\system32\iertutil.dll 2015-02-11 22:37:09 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-02-11 22:37:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-02-11 22:37:09 ----A---- C:\Windows\SYSWOW64\msrating.dll 2015-02-11 22:37:09 ----A---- C:\Windows\system32\jsproxy.dll 2015-02-11 22:37:09 ----A---- C:\Windows\system32\ieUnatt.exe 2015-02-11 22:37:09 ----A---- C:\Windows\system32\dxtmsft.dll 2015-02-11 22:37:08 ----A---- C:\Windows\system32\mshtmled.dll 2015-02-11 22:37:08 ----A---- C:\Windows\system32\ieui.dll 2015-02-11 22:37:08 ----A---- C:\Windows\system32\ieframe.dll 2015-02-11 22:37:07 ----A---- C:\Windows\system32\vbscript.dll 2015-02-11 22:37:07 ----A---- C:\Windows\system32\mshtmlmedia.dll 2015-02-11 22:37:06 ----A---- C:\Windows\system32\wininet.dll 2015-02-11 22:37:06 ----A---- C:\Windows\system32\msrating.dll 2015-02-11 22:37:06 ----A---- C:\Windows\system32\MshtmlDac.dll 2015-02-11 22:37:05 ----A---- C:\Windows\system32\mshtml.dll 2015-02-11 22:36:20 ----A---- C:\Windows\system32\WindowsCodecs.dll 2015-02-11 22:36:19 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2015-02-11 22:36:12 ----A---- C:\Windows\system32\lsasrv.dll 2015-02-11 22:36:12 ----A---- C:\Windows\system32\drivers\cng.sys 2015-02-11 22:36:11 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2015-02-11 22:36:11 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2015-02-11 22:36:11 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2015-02-11 22:36:11 ----A---- C:\Windows\system32\adtschema.dll 2015-02-11 22:36:10 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2015-02-11 22:36:10 ----A---- C:\Windows\SYSWOW64\secur32.dll 2015-02-11 22:36:10 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2015-02-11 22:36:10 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2015-02-11 22:36:10 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2015-02-11 22:36:10 ----A---- C:\Windows\system32\sspisrv.dll 2015-02-11 22:36:10 ----A---- C:\Windows\system32\sspicli.dll 2015-02-11 22:36:10 ----A---- C:\Windows\system32\secur32.dll 2015-02-11 22:36:10 ----A---- C:\Windows\system32\msobjs.dll 2015-02-11 22:36:10 ----A---- C:\Windows\system32\msaudite.dll 2015-02-11 22:36:10 ----A---- C:\Windows\system32\lsass.exe 2015-02-11 22:36:10 ----A---- C:\Windows\system32\auditpol.exe 2015-02-11 22:35:19 ----A---- C:\Windows\system32\cryptsvc.dll 2015-02-11 22:35:19 ----A---- C:\Windows\system32\crypt32.dll 2015-02-11 22:35:18 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2015-02-11 22:35:18 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2015-02-11 22:35:18 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2015-02-11 22:35:18 ----A---- C:\Windows\system32\wintrust.dll 2015-02-11 22:34:35 ----A---- C:\Windows\SYSWOW64\oleaut32.dll 2015-02-11 22:34:35 ----A---- C:\Windows\system32\oleaut32.dll 2015-02-11 22:34:31 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2015-02-11 22:34:31 ----A---- C:\Windows\SYSWOW64\aaclient.dll 2015-02-11 22:34:31 ----A---- C:\Windows\system32\mstscax.dll 2015-02-11 22:32:39 ----A---- C:\Windows\SYSWOW64\scesrv.dll 2015-02-11 22:32:39 ----A---- C:\Windows\system32\scesrv.dll 2015-02-11 22:31:13 ----A---- C:\Windows\system32\win32k.sys 2015-02-05 23:23:54 ----D---- C:\Program Files (x86)\GUMBA05.tmp 2015-02-05 23:23:54 ----AH---- C:\Program Files (x86)\GUTBA06.tmp ======List of files/folders modified in the last 1 month====== 2015-03-02 18:03:22 ----HD---- C:\Program Files\Trend Micro 2015-03-02 17:54:51 ----D---- C:\Windows\system32\wdi 2015-03-02 17:54:34 ----D---- C:\Windows\System32 2015-03-02 17:54:34 ----D---- C:\Windows\inf 2015-03-02 17:54:34 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-03-02 17:53:33 ----D---- C:\Windows\Temp 2015-03-02 17:53:07 ----D---- C:\Windows\system32\config 2015-03-02 17:52:03 ----D---- C:\Windows\system32\Tasks 2015-03-02 17:51:15 ----HD---- C:\ProgramData 2015-03-02 17:50:41 ----A---- C:\Windows\system32\acovcnt.exe 2015-03-02 17:50:38 ----D---- C:\ProgramData\NVIDIA 2015-03-02 17:44:39 ----D---- C:\Windows\pss 2015-03-02 15:45:04 ----D---- C:\Windows\Microsoft.NET 2015-03-02 15:32:02 ----D---- C:\Windows\system32\drivers 2015-03-02 15:31:40 ----RD---- C:\Program Files (x86) 2015-03-02 15:03:50 ----D---- C:\AdwCleaner 2015-03-02 15:03:29 ----SHD---- C:\Windows\Installer 2015-03-02 15:02:07 ----SHD---- C:\Config.Msi 2015-03-02 15:01:10 ----D---- C:\Windows\SysWOW64 2015-03-02 15:01:10 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2015-03-02 14:53:44 ----SHD---- C:\System Volume Information 2015-03-02 14:23:13 ----D---- C:\Windows 2015-03-02 13:57:49 ----D---- C:\Users\Julian\AppData\Roaming\PioneerLog 2015-03-02 11:37:10 ----A---- C:\Windows\system32\AutoRunFilter.ini 2015-03-02 11:06:45 ----HD---- C:\Program Files\ASUS 2015-03-02 11:06:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2015-03-02 10:58:50 ----D---- C:\Windows\Tasks 2015-03-02 10:58:49 ----D---- C:\Windows\system32\wfp 2015-03-02 10:58:47 ----D---- C:\Windows\system32\wbem 2015-03-02 10:58:03 ----D---- C:\Windows\system32\DriverStore 2015-03-02 10:58:03 ----D---- C:\Windows\system32\catroot2 2015-03-02 10:57:58 ----D---- C:\ProgramData\P4G 2015-03-02 10:57:49 ----D---- C:\Windows\registration 2015-03-01 21:02:03 ----HD---- C:\Program Files\Common Files 2015-03-01 21:02:03 ----HD---- C:\Program Files (x86)\Common Files 2015-03-01 21:02:03 ----D---- C:\ProgramData\KORG 2015-03-01 19:23:34 ----D---- C:\Users\Julian\AppData\Roaming\uTorrent 2015-03-01 19:23:11 ----D---- C:\Windows\Minidump 2015-03-01 19:23:11 ----D---- C:\Windows\Logs 2015-03-01 19:23:11 ----D---- C:\Windows\debug 2015-02-27 00:40:21 ----D---- C:\Windows\Prefetch 2015-02-25 21:23:21 ----D---- C:\Windows\winsxs 2015-02-22 17:56:07 ----HD---- C:\Program Files\Common Files\VST3 2015-02-22 17:55:50 ----D---- C:\Program Files (x86)\VstPlugins 2015-02-22 16:18:23 ----HD---- C:\Program Files\Vstplugins 2015-02-16 19:34:40 ----D---- C:\Windows\rescache 2015-02-12 22:37:48 ----D---- C:\Windows\SYSWOW64\en-US 2015-02-12 22:37:48 ----D---- C:\Windows\system32\en-US 2015-02-12 11:34:11 ----SD---- C:\Windows\system32\CompatTel 2015-02-12 11:34:10 ----D---- C:\Windows\system32\appraiser 2015-02-12 11:34:05 ----HD---- C:\Program Files\Internet Explorer 2015-02-12 11:34:05 ----D---- C:\Windows\system32\nl-NL 2015-02-12 11:34:02 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-02-12 11:33:52 ----D---- C:\Program Files (x86)\Internet Explorer 2015-02-12 11:33:47 ----D---- C:\Windows\tracing 2015-02-12 01:23:53 ----RSD---- C:\Windows\assembly 2015-02-12 01:22:56 ----A---- C:\Windows\win.ini 2015-02-12 01:22:55 ----D---- C:\ProgramData\Microsoft Help 2015-02-12 01:15:50 ----HD---- C:\Program Files\Common Files\Microsoft Shared 2015-02-12 01:15:15 ----D---- C:\Windows\system32\MRT 2015-02-12 01:09:16 ----A---- C:\Windows\system32\MRT.exe 2015-02-11 22:44:49 ----D---- C:\Windows\system32\catroot 2015-02-04 11:38:43 ----D---- C:\Windows\system32\NDF ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-05-10 25960] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-26 271424] R1 SAVOnAccess;SAVOnAccess; C:\Windows\system32\DRIVERS\savonaccess.sys [2013-05-17 154952] R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-12-16 129944] R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704] R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464] R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664] R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832] R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488] R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-05-17 2872680] R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-03-02 129752] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704] R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-22 56344] R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-05-05 1439792] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [] S2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 ffusb2audio;Focusrite USB 2.0 Audio Driver; C:\Windows\system32\DRIVERS\ffusb2audio.sys [2011-07-07 57688] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2010-08-03 290920] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] S4 SophosBootDriver;SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [2011-10-23 25608] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-05-02 1517328] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016] R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-05-11 1007208] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-11 2009704] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-05-02 844560] R2 SAVAdminService;Sophos Anti-Virus status reporter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2013-05-17 290296] R2 SAVService;Sophos Anti-Virus; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2013-05-17 206328] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2015-02-05 341800] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-11 378472] R2 swi_service;Sophos Web Intelligence Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2013-09-17 3109880] R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-27 116648] S2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2011-10-31 8192] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S2 swi_update_64;Sophos Web Intelligence Update; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2013-05-17 2012152] S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-27 116648] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-13 182768] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-13 114288] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-21 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] -----------------EOF-----------------