Logfile of random's system information tool 1.10 (written by random/random) Run by Inge Wapstra at 2015-03-19 12:15:31 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 199 GB (43%) free of 463 GB Total RAM: 3959 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:16:05, on 19-3-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17689) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera_crashreporter.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files\trend micro\Inge Wapstra.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Search-Results Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O3 - Toolbar: Search-Results Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Reverse Word Processor (hycewyxo) - Unknown owner - C:\Users\Inge.exe (file missing) O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Earpiece Exclamation Mark (sikenyhu) - Unknown owner - C:\Users\Inge.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12251 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe" C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs atieclxx C:\Windows\system32\svchost.exe -k NetworkService "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE taskeng.exe {3CC23541-07BB-4A20-BDF8-DEE7A7BD329F} C:\Windows\System32\spoolsv.exe "taskhost.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Launch Manager\dsiwmis.exe" "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe" "C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe" "C:\Users\Inge Wapstra\AppData\Roaming\87861940-1425984793-9920-05F2-1C7508122D58\jnskE8B9.tmp" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe" "C:\Users\Inge Wapstra\AppData\Roaming\87861940-1425984793-9920-05F2-1C7508122D58\nsqB5A3.tmpfs" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe" "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k C:\Windows\system32\SearchIndexer.exe /Embedding "c:\Program Files\Microsoft Security Client\NisSrv.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --ran-launcher http://www.mystartsearch.com/?type=sc&ts=1426254723&from=ium6&uid=TOSHIBAXMK5055GSX_79G7S11BSXX79G7S11BS "C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --ran-launcher http://www.mystartsearch.com/?type=sc&ts=1426254723&from=ium6&uid=TOSHIBAXMK5055GSX_79G7S11BSXX79G7S11BS /crash-reporter-parent-id=4904 "C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=gpu-process --channel="4904.0.529233743\830436927" --enable-proprietary-media-types-playback --crash-reporter-pid=4940 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,19,41 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.692.1.0 --enable-proprietary-media-types-playback --crash-reporter-pid=4940 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=nl --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_141.dll" --ppapi-flash-version=17.0.0.141 --with-feature:enhanced-autofill --crash-reporter-pid=4940 --device-scale-factor=1 --font-cache-shared-mem-suffix=4904 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4904.3.303519180\355817286" /prefetch:673131151 "C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=nl --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_141.dll" --ppapi-flash-version=17.0.0.141 --with-feature:enhanced-autofill --crash-reporter-pid=4940 --device-scale-factor=1 --font-cache-shared-mem-suffix=4904 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4904.5.1496183919\1539712946" /prefetch:673131151 "C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=nl --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_141.dll" --ppapi-flash-version=17.0.0.141 --with-feature:enhanced-autofill --crash-reporter-pid=4940 --device-scale-factor=1 --font-cache-shared-mem-suffix=4904 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4904.8.1743526396\434379414" /prefetch:673131151 "C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=nl --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_141.dll" --ppapi-flash-version=17.0.0.141 --with-feature:enhanced-autofill --crash-reporter-pid=4940 --device-scale-factor=1 --font-cache-shared-mem-suffix=4904 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4904.9.1896171914\1320741813" /prefetch:673131151 "C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=nl --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_141.dll" --ppapi-flash-version=17.0.0.141 --with-feature:enhanced-autofill --crash-reporter-pid=4940 --device-scale-factor=1 --font-cache-shared-mem-suffix=4904 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4904.10.2142510603\1898622458" /prefetch:673131151 C:\Windows\system32\sppsvc.exe "C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=nl --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_141.dll" --ppapi-flash-version=17.0.0.141 --with-feature:enhanced-autofill --crash-reporter-pid=4940 --device-scale-factor=1 --font-cache-shared-mem-suffix=4904 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4904.12.1227066357\12719994" /prefetch:673131151 "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" "C:\Users\Inge Wapstra\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-02 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30 460712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-02 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15 1164680] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Search-Results Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28 1435112] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30 172968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-02 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {D4027C7F-154A-4066-A1AD-4243D8127440} - Search-Results Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28 1435112] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-02 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-29 9913376] "Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-03-17 860704] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-01-30 1332296] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-02-19 7416088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet] C:\Program Files (x86)\BitComet\BitComet.exe [2011-06-28 11499824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-05-23 844168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-04-23 1561968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-04-23 311152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mbot_nl_214] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI] C:\Windows\PLFSetI.exe [2010-04-09 206208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE [2014-03-11 377368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-04-26 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoWebCamera] C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-05-03 1480032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Inge Wapstra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IeiqEce43t.lnk] C:\PROGRA~3\{E565D~1\IEIQEC~1.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Inge Wapstra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk] C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-24 284696] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [2010-03-09 258560] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux5"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "aux7"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "aux8"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "aux9"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-03-19 12:15:31 ----D---- C:\rsit 2015-03-19 12:15:31 ----D---- C:\Program Files\trend micro 2015-03-15 21:45:18 ----A---- C:\autoexec.bat 2015-03-15 21:45:00 ----D---- C:\Users\Inge Wapstra\AppData\Roaming\Enigma Software Group 2015-03-15 21:44:52 ----D---- C:\sh4ldr 2015-03-15 21:44:16 ----A---- C:\Windows\system32\drivers\EsgScanner.sys 2015-03-15 21:44:09 ----D---- C:\Program Files\Enigma Software Group 2015-03-15 20:34:22 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2015-03-15 20:33:42 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-03-15 20:33:42 ----A---- C:\Windows\system32\drivers\mwac.sys 2015-03-15 20:33:42 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2015-03-13 13:00:28 ----A---- C:\Windows\SYSWOW64\ubpm.dll 2015-03-13 13:00:28 ----A---- C:\Windows\system32\ubpm.dll 2015-03-11 15:01:19 ----A---- C:\Windows\system32\win32k.sys 2015-03-11 15:00:56 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2015-03-11 15:00:56 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2015-03-11 15:00:56 ----A---- C:\Windows\system32\lpk.dll 2015-03-11 15:00:56 ----A---- C:\Windows\system32\dciman32.dll 2015-03-11 15:00:56 ----A---- C:\Windows\system32\atmlib.dll 2015-03-11 15:00:56 ----A---- C:\Windows\system32\atmfd.dll 2015-03-11 15:00:55 ----A---- C:\Windows\SYSWOW64\lpk.dll 2015-03-11 15:00:55 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2015-03-11 15:00:55 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2015-03-11 15:00:55 ----A---- C:\Windows\system32\fontsub.dll 2015-03-11 15:00:49 ----A---- C:\Windows\SYSWOW64\blackbox.dll 2015-03-11 15:00:49 ----A---- C:\Windows\system32\blackbox.dll 2015-03-11 15:00:48 ----A---- C:\Windows\system32\drmv2clt.dll 2015-03-11 15:00:47 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll 2015-03-11 15:00:46 ----A---- C:\Windows\system32\wmp.dll 2015-03-11 15:00:45 ----A---- C:\Windows\system32\mf.dll 2015-03-11 15:00:43 ----A---- C:\Windows\SYSWOW64\wmp.dll 2015-03-11 15:00:43 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll 2015-03-11 15:00:43 ----A---- C:\Windows\SYSWOW64\mf.dll 2015-03-11 15:00:43 ----A---- C:\Windows\system32\wmdrmsdk.dll 2015-03-11 15:00:43 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-03-11 15:00:41 ----A---- C:\Windows\system32\drmmgrtn.dll 2015-03-11 15:00:41 ----A---- C:\Windows\system32\crypt32.dll 2015-03-11 15:00:40 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll 2015-03-11 15:00:40 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2015-03-11 15:00:40 ----A---- C:\Windows\system32\quartz.dll 2015-03-11 15:00:40 ----A---- C:\Windows\system32\drivers\PEAuth.sys 2015-03-11 15:00:40 ----A---- C:\Windows\system32\cryptsvc.dll 2015-03-11 15:00:39 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2015-03-11 15:00:39 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-03-11 15:00:39 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-03-11 15:00:39 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2015-03-11 15:00:39 ----A---- C:\Windows\system32\wintrust.dll 2015-03-11 15:00:39 ----A---- C:\Windows\system32\evr.dll 2015-03-11 15:00:38 ----A---- C:\Windows\SYSWOW64\evr.dll 2015-03-11 15:00:38 ----A---- C:\Windows\system32\cryptui.dll 2015-03-11 15:00:37 ----A---- C:\Windows\SYSWOW64\quartz.dll 2015-03-11 15:00:37 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2015-03-11 15:00:37 ----A---- C:\Windows\SYSWOW64\cryptui.dll 2015-03-11 15:00:37 ----A---- C:\Windows\system32\winresume.exe 2015-03-11 15:00:37 ----A---- C:\Windows\system32\qdvd.dll 2015-03-11 15:00:37 ----A---- C:\Windows\system32\mfplat.dll 2015-03-11 15:00:36 ----A---- C:\Windows\SYSWOW64\mfplat.dll 2015-03-11 15:00:36 ----A---- C:\Windows\SYSWOW64\cryptsp.dll 2015-03-11 15:00:36 ----A---- C:\Windows\system32\pcasvc.dll 2015-03-11 15:00:36 ----A---- C:\Windows\system32\msscp.dll 2015-03-11 15:00:36 ----A---- C:\Windows\system32\drivers\mountmgr.sys 2015-03-11 15:00:36 ----A---- C:\Windows\system32\cryptsp.dll 2015-03-11 15:00:35 ----A---- C:\Windows\system32\winload.exe 2015-03-11 15:00:33 ----A---- C:\Windows\system32\msnetobj.dll 2015-03-11 15:00:33 ----A---- C:\Windows\system32\appidsvc.dll 2015-03-11 15:00:29 ----A---- C:\Windows\SYSWOW64\msscp.dll 2015-03-11 15:00:29 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2015-03-11 15:00:29 ----A---- C:\Windows\system32\srcore.dll 2015-03-11 15:00:29 ----A---- C:\Windows\system32\cryptnet.dll 2015-03-11 15:00:29 ----A---- C:\Windows\system32\ci.dll 2015-03-11 15:00:29 ----A---- C:\Windows\system32\audiosrv.dll 2015-03-11 15:00:27 ----A---- C:\Windows\system32\rstrui.exe 2015-03-11 15:00:27 ----A---- C:\Windows\system32\drivers\appid.sys 2015-03-11 15:00:27 ----A---- C:\Windows\system32\AUDIOKSE.dll 2015-03-11 15:00:27 ----A---- C:\Windows\system32\audiodg.exe 2015-03-11 15:00:23 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe 2015-03-11 15:00:23 ----A---- C:\Windows\SYSWOW64\msnetobj.dll 2015-03-11 15:00:23 ----A---- C:\Windows\SYSWOW64\mfps.dll 2015-03-11 15:00:23 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2015-03-11 15:00:23 ----A---- C:\Windows\system32\rrinstaller.exe 2015-03-11 15:00:23 ----A---- C:\Windows\system32\pcadm.dll 2015-03-11 15:00:23 ----A---- C:\Windows\system32\mfps.dll 2015-03-11 15:00:23 ----A---- C:\Windows\system32\AudioSes.dll 2015-03-11 15:00:23 ----A---- C:\Windows\system32\AudioEng.dll 2015-03-11 15:00:23 ----A---- C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 15:00:22 ----A---- C:\Windows\SYSWOW64\mfpmp.exe 2015-03-11 15:00:22 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2015-03-11 15:00:22 ----A---- C:\Windows\SYSWOW64\appidapi.dll 2015-03-11 15:00:22 ----A---- C:\Windows\system32\smss.exe 2015-03-11 15:00:22 ----A---- C:\Windows\system32\msmmsp.dll 2015-03-11 15:00:22 ----A---- C:\Windows\system32\mfpmp.exe 2015-03-11 15:00:21 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-03-11 15:00:21 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2015-03-11 15:00:21 ----A---- C:\Windows\system32\srclient.dll 2015-03-11 15:00:21 ----A---- C:\Windows\system32\setbcdlocale.dll 2015-03-11 15:00:21 ----A---- C:\Windows\system32\pcawrk.exe 2015-03-11 15:00:21 ----A---- C:\Windows\system32\pcalua.exe 2015-03-11 15:00:21 ----A---- C:\Windows\system32\EncDump.dll 2015-03-11 15:00:21 ----A---- C:\Windows\system32\csrsrv.dll 2015-03-11 15:00:21 ----A---- C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 15:00:21 ----A---- C:\Windows\system32\appidapi.dll 2015-03-11 15:00:20 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2015-03-11 15:00:20 ----A---- C:\Windows\SYSWOW64\spwmp.dll 2015-03-11 15:00:20 ----A---- C:\Windows\SYSWOW64\mferror.dll 2015-03-11 15:00:20 ----A---- C:\Windows\SYSWOW64\dxmasf.dll 2015-03-11 15:00:20 ----A---- C:\Windows\SYSWOW64\apisetschema.dll 2015-03-11 15:00:20 ----A---- C:\Windows\system32\spwmp.dll 2015-03-11 15:00:20 ----A---- C:\Windows\system32\pcaevts.dll 2015-03-11 15:00:20 ----A---- C:\Windows\system32\mferror.dll 2015-03-11 15:00:20 ----A---- C:\Windows\system32\dxmasf.dll 2015-03-11 15:00:20 ----A---- C:\Windows\system32\apisetschema.dll 2015-03-11 15:00:19 ----A---- C:\Windows\system32\wmploc.DLL 2015-03-11 15:00:08 ----A---- C:\Windows\system32\shell32.dll 2015-03-11 15:00:07 ----A---- C:\Windows\SYSWOW64\shell32.dll 2015-03-11 14:59:59 ----A---- C:\Windows\SYSWOW64\schannel.dll 2015-03-11 14:59:59 ----A---- C:\Windows\system32\schannel.dll 2015-03-11 14:59:59 ----A---- C:\Windows\system32\lsasrv.dll 2015-03-11 14:59:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2015-03-11 14:59:59 ----A---- C:\Windows\system32\drivers\cng.sys 2015-03-11 14:59:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2015-03-11 14:59:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2015-03-11 14:59:57 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2015-03-11 14:59:57 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2015-03-11 14:59:57 ----A---- C:\Windows\system32\wdigest.dll 2015-03-11 14:59:57 ----A---- C:\Windows\system32\TSpkg.dll 2015-03-11 14:59:57 ----A---- C:\Windows\system32\sspicli.dll 2015-03-11 14:59:57 ----A---- C:\Windows\system32\ncrypt.dll 2015-03-11 14:59:57 ----A---- C:\Windows\system32\msv1_0.dll 2015-03-11 14:59:57 ----A---- C:\Windows\system32\kerberos.dll 2015-03-11 14:59:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2015-03-11 14:59:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2015-03-11 14:59:56 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2015-03-11 14:59:56 ----A---- C:\Windows\SYSWOW64\secur32.dll 2015-03-11 14:59:56 ----A---- C:\Windows\SYSWOW64\credssp.dll 2015-03-11 14:59:56 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2015-03-11 14:59:56 ----A---- C:\Windows\system32\sspisrv.dll 2015-03-11 14:59:56 ----A---- C:\Windows\system32\secur32.dll 2015-03-11 14:59:56 ----A---- C:\Windows\system32\lsass.exe 2015-03-11 14:59:56 ----A---- C:\Windows\system32\credssp.dll 2015-03-11 14:59:56 ----A---- C:\Windows\system32\auditpol.exe 2015-03-11 14:59:55 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2015-03-11 14:59:55 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2015-03-11 14:59:55 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2015-03-11 14:59:55 ----A---- C:\Windows\system32\msobjs.dll 2015-03-11 14:59:55 ----A---- C:\Windows\system32\msaudite.dll 2015-03-11 14:59:55 ----A---- C:\Windows\system32\adtschema.dll 2015-03-11 14:59:51 ----A---- C:\Windows\SYSWOW64\msctf.dll 2015-03-11 14:59:51 ----A---- C:\Windows\system32\msctf.dll 2015-03-11 14:59:49 ----A---- C:\Windows\system32\WindowsCodecs.dll 2015-03-11 14:59:48 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2015-03-11 14:59:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2015-03-11 14:59:43 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2015-03-11 14:59:43 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2015-03-11 14:59:43 ----A---- C:\Windows\system32\ieetwproxystub.dll 2015-03-11 14:59:43 ----A---- C:\Windows\system32\ieetwcollector.exe 2015-03-11 14:59:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-03-11 14:59:42 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2015-03-11 14:59:42 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2015-03-11 14:59:42 ----A---- C:\Windows\system32\iernonce.dll 2015-03-11 14:59:42 ----A---- C:\Windows\system32\ie4uinit.exe 2015-03-11 14:59:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-03-11 14:59:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-03-11 14:59:41 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2015-03-11 14:59:41 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2015-03-11 14:59:41 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 14:59:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2015-03-11 14:59:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2015-03-11 14:59:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-03-11 14:59:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-03-11 14:59:39 ----A---- C:\Windows\system32\urlmon.dll 2015-03-11 14:59:39 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 14:59:39 ----A---- C:\Windows\system32\iedkcs32.dll 2015-03-11 14:59:38 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2015-03-11 14:59:38 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2015-03-11 14:59:38 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2015-03-11 14:59:38 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 14:59:37 ----A---- C:\Windows\SYSWOW64\ieui.dll 2015-03-11 14:59:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-03-11 14:59:37 ----A---- C:\Windows\system32\msfeeds.dll 2015-03-11 14:59:37 ----A---- C:\Windows\system32\iesetup.dll 2015-03-11 14:59:37 ----A---- C:\Windows\system32\dxtrans.dll 2015-03-11 14:59:36 ----A---- C:\Windows\system32\ieapfltr.dll 2015-03-11 14:59:35 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2015-03-11 14:59:35 ----A---- C:\Windows\system32\iertutil.dll 2015-03-11 14:59:33 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-03-11 14:59:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-03-11 14:59:33 ----A---- C:\Windows\SYSWOW64\msrating.dll 2015-03-11 14:59:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-03-11 14:59:33 ----A---- C:\Windows\system32\jsproxy.dll 2015-03-11 14:59:33 ----A---- C:\Windows\system32\ieUnatt.exe 2015-03-11 14:59:32 ----A---- C:\Windows\system32\ieui.dll 2015-03-11 14:59:32 ----A---- C:\Windows\system32\dxtmsft.dll 2015-03-11 14:59:31 ----A---- C:\Windows\system32\mshtmlmedia.dll 2015-03-11 14:59:31 ----A---- C:\Windows\system32\mshtmled.dll 2015-03-11 14:59:31 ----A---- C:\Windows\system32\ieframe.dll 2015-03-11 14:59:30 ----A---- C:\Windows\system32\wininet.dll 2015-03-11 14:59:30 ----A---- C:\Windows\system32\vbscript.dll 2015-03-11 14:59:30 ----A---- C:\Windows\system32\jscript9diag.dll 2015-03-11 14:59:30 ----A---- C:\Windows\system32\jscript9.dll 2015-03-11 14:59:29 ----A---- C:\Windows\system32\msrating.dll 2015-03-11 14:59:29 ----A---- C:\Windows\system32\MshtmlDac.dll 2015-03-11 14:59:28 ----A---- C:\Windows\system32\mshtml.dll 2015-03-11 14:56:55 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll 2015-03-11 14:56:55 ----A---- C:\Windows\system32\WMPhoto.dll 2015-03-10 12:14:41 ----D---- C:\Program Files (x86)\predm 2015-03-10 11:53:13 ----D---- C:\Users\Inge Wapstra\AppData\Roaming\87861940-1425984793-9920-05F2-1C7508122D58 2015-03-10 11:52:23 ----D---- C:\Program Files (x86)\Browser Capability 2015-03-10 11:51:49 ----D---- C:\Program Files (x86)\PPrriceeLeSs 2015-03-10 11:51:34 ----D---- C:\ProgramData\ccjlodpkdhgmnbmlhpflgjelkalhfebm 2015-03-10 11:51:30 ----D---- C:\ProgramData\333c9d22d20a49c6830214d1e03e2800 2015-03-10 11:51:24 ----D---- C:\ProgramData\bdc62371b58d4ea3bd46ebe8f21bb370 2015-03-10 11:51:17 ----D---- C:\ProgramData\{e565d002-5151-ab7c-e565-5d0025154009} ======List of files/folders modified in the last 1 month====== 2015-03-19 12:15:44 ----D---- C:\Windows\Prefetch 2015-03-19 12:15:31 ----RD---- C:\Program Files 2015-03-19 12:14:47 ----D---- C:\Windows\Temp 2015-03-19 12:09:14 ----D---- C:\Windows\system32\config 2015-03-19 12:08:30 ----A---- C:\Windows\SYSWOW64\log.txt 2015-03-19 12:08:14 ----D---- C:\Windows 2015-03-18 20:52:33 ----D---- C:\Windows\SysWOW64 2015-03-18 20:52:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-03-18 20:52:09 ----RD---- C:\Program Files (x86) 2015-03-18 20:32:25 ----SHD---- C:\System Volume Information 2015-03-18 20:28:10 ----D---- C:\Windows\system32\Tasks 2015-03-18 20:28:10 ----D---- C:\Program Files (x86)\Opera 2015-03-16 10:43:18 ----D---- C:\Windows\inf 2015-03-15 21:44:16 ----D---- C:\Windows\system32\drivers 2015-03-15 21:24:02 ----D---- C:\Windows\System32 2015-03-15 21:24:02 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-03-15 21:17:36 ----D---- C:\Windows\TAPI 2015-03-15 21:04:53 ----HD---- C:\ProgramData 2015-03-15 20:33:53 ----D---- C:\Users\Inge Wapstra\AppData\Roaming\Malwarebytes 2015-03-15 20:33:42 ----D---- C:\ProgramData\Malwarebytes 2015-03-15 20:33:42 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2015-03-15 20:31:37 ----D---- C:\Windows\pss 2015-03-15 01:13:23 ----D---- C:\Users\Inge Wapstra\AppData\Roaming\vlc 2015-03-15 00:07:50 ----D---- C:\Downloads 2015-03-14 22:11:19 ----D---- C:\Users\Inge Wapstra\AppData\Roaming\BitComet 2015-03-14 20:38:07 ----D---- C:\Windows\rescache 2015-03-13 20:54:08 ----D---- C:\Windows\debug 2015-03-13 20:46:52 ----D---- C:\Windows\system32\catroot2 2015-03-13 20:46:08 ----D---- C:\Windows\winsxs 2015-03-13 20:42:43 ----D---- C:\Program Files\Windows Media Player 2015-03-13 20:42:42 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-03-13 20:42:42 ----D---- C:\Windows\SYSWOW64\Dism 2015-03-13 20:42:42 ----D---- C:\Program Files (x86)\Windows Media Player 2015-03-13 20:42:40 ----D---- C:\Windows\system32\nl-NL 2015-03-13 20:42:39 ----D---- C:\Windows\system32\Dism 2015-03-13 20:42:36 ----D---- C:\Windows\system32\CodeIntegrity 2015-03-13 20:42:36 ----D---- C:\Windows\system32\Boot 2015-03-13 13:23:42 ----D---- C:\Windows\SYSWOW64\en-US 2015-03-13 13:23:42 ----D---- C:\Windows\system32\en-US 2015-03-13 13:23:42 ----D---- C:\Program Files\Internet Explorer 2015-03-13 13:23:41 ----D---- C:\Program Files (x86)\Internet Explorer 2015-03-13 13:07:56 ----SHD---- C:\Windows\Installer 2015-03-13 13:07:56 ----SHD---- C:\Config.Msi 2015-03-13 13:07:52 ----D---- C:\ProgramData\Microsoft Help 2015-03-13 12:57:43 ----D---- C:\Windows\system32\MRT 2015-03-13 12:49:04 ----A---- C:\Windows\system32\MRT.exe 2015-03-13 12:45:54 ----D---- C:\Windows\system32\wdi 2015-03-11 14:59:16 ----D---- C:\Windows\system32\catroot 2015-03-10 17:32:22 ----D---- C:\ProgramData\Spybot - Search & Destroy 2015-03-10 17:22:49 ----D---- C:\Program Files\CCleaner 2015-03-10 14:27:58 ----A---- C:\Windows\wininit.ini 2015-03-10 12:22:26 ----A---- C:\Windows\win.ini 2015-03-10 12:09:53 ----D---- C:\Windows\Tasks 2015-03-10 11:51:53 ----HD---- C:\Windows\system32\GroupPolicy 2015-03-10 11:51:53 ----D---- C:\Windows\SYSWOW64\GroupPolicy 2015-03-03 14:17:35 ----N---- C:\Windows\system32\MpSigStub.exe 2015-03-01 10:23:03 ----D---- C:\ProgramData\Citrix 2015-03-01 10:23:03 ----D---- C:\Program Files (x86)\Citrix 2015-03-01 10:22:51 ----D---- C:\Program Files (x86)\Common Files 2015-03-01 10:21:45 ----D---- C:\Windows\system32\DriverStore ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-11-15 274696] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2014-03-11 129944] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 124560] R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-01-22 6233088] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-01-22 161280] R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-29 2231584] R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432] R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-02 213280] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-03-02 1098784] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 BthAvrcp;Bluetooth AVRCP-profiel; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 csr_a2dp;Bluetooth AV-profiel; C:\Windows\system32\drivers\bthav.sys [2009-12-21 78848] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2015-03-15 15920] S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2015-03-15 22704] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-04-18 37344] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-04-19 245280] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-01-22 202752] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-03-17 866336] R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584] R2 hycewyxo;Reverse Word Processor; C:\Users\Inge Wapstra\AppData\Roaming\87861940-1425984793-9920-05F2-1C7508122D58\jnskE8B9.tmp [2015-03-10 179712] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 23784] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-03-09 250368] R2 sikenyhu;Earpiece Exclamation Mark; C:\Users\Inge Wapstra\AppData\Roaming\87861940-1425984793-9920-05F2-1C7508122D58\nsqB5A3.tmpfs [2015-03-10 137728] R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2015-03-15 1026432] R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920] R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 366512] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22 107912] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-18 268976] S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-05-27 867080] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [2009-10-10 238328] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-31 1255736] -----------------EOF-----------------