Logfile of random's system information tool 1.10 (written by random/random) Run by Dany at 2015-09-15 09:52:08 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 31 GB (39%) free of 80 GB Total RAM: 3069 MB (29% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:52:14, on 15/09/2015 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16659) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe C:\Program Files\COMODO\COMODO Internet Security\cistray.exe C:\Windows\system32\conime.exe C:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe C:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe C:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\QuickNotesPlus\QNPlus.exe C:\Program Files\Chameleon Clock\ChamClock.exe C:\Program Files\Xmarks\IE Extension\xmarkssync.exe C:\Users\Dany\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe C:\Program Files\Sticky Password\stpass.exe C:\Program Files\Evernote\Evernote\EvernoteClipper.exe C:\Program Files\Firetrust\MailWasher\MailWasherPro.exe C:\Program Files\COMODO\COMODO Internet Security\cis.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe C:\Windows\system32\NOTEPAD.EXE D:\Desktop\RSIT.exe C:\Program Files\trend micro\Dany.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.telenet.be:8080 O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Genie TimeLine Tray] C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [QNPlus] C:\Program Files\QuickNotesPlus\QNPlus.exe O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe O4 - HKCU\..\Run: [Xmarks] C:\Program Files\Xmarks\IE Extension\xmarkssync.exe -q O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dany\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [WinPatrol] C:\Program Files\Ruiware\WinPatrol\winpatrol.exe -expressboot O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Dany\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [StickyPassword] C:\Program Files\Sticky Password\stpass.exe O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe O4 - Startup: MailWasherPro.lnk = C:\Program Files\Firetrust\MailWasher\MailWasherPro.exe O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM O8 - Extra context menu item: Clip Image - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: Clip selection - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Clip this page - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 O8 - Extra context menu item: Clip URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: LastPass - file://C:\Users\Dany\AppData\LocalLow\LastPass\context.html?cmd=lastpass O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Dany\AppData\LocalLow\LastPass\context.html?cmd=fillforms O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Dany\AppData\LocalLow\LastPass\context.html?cmd=fillforms O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM O8 - Extra context menu item: New Note - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra button: (no name) - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU) O9 - Extra 'Tools' menuitem: Xmarks for IE... - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.bancopopular.es O15 - Trusted Zone: *.belfius.be O15 - Trusted Zone: *.dell.com O15 - Trusted Zone: *.minfin.fgov.be O15 - Trusted Zone: *.kbc.be O15 - Trusted Zone: *.kbcsecurities.be O15 - Trusted Zone: *.zoomit.be O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Chameleon Clock Set Time for Vista (ChamClock Set Time Service for Vista) - Unknown owner - C:\Program Files\Chameleon Clock\settime.exe O23 - Service: COMODO Chromodo Update Service (ChromodoUpdater) - Comodo - C:\Program Files\Comodo\Chromodo\chromodo_updater.exe O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie-Soft - C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: soft Xpansion Dispatch Service (SXDS10) - soft Xpansion - C:\Program Files\Common Files\soft Xpansion\sxds10.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- End of file - 12058 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3053347038-3038983606-3769375406-1000Core.job - C:\Users\Dany\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3053347038-3038983606-3769375406-1000UA.job - C:\Users\Dany\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3053347038-3038983606-3769375406-1000.job - C:\Users\Dany\AppData\Local\Citrix\GoToMeeting\3356\g2mupdate.exe C:\Windows\tasks\G2MUploadTask-S-1-5-21-3053347038-3038983606-3769375406-1000.job - C:\Users\Dany\AppData\Local\Citrix\GoToMeeting\3356\g2mupload.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\SyncBack Dag BU Doc naar S.job - C:\Program Files\SyncBack\SyncBack.exe -m "Dag BU Doc naar S" C:\Windows\tasks\SyncBack Dag BU Doc naar T (verwijderde weg uit doel).job - C:\Program Files\SyncBack\SyncBack.exe -m "Dag BU Doc naar T (verwijderde weg uit doel)" C:\Windows\tasks\SyncBack Dag BU Favorieten naar T.job - C:\Program Files\SyncBack\SyncBack.exe -m "Dag BU Favorieten naar T" C:\Windows\tasks\SyncBack Dag BU Outlook naar Dropbox Folder bij opstart.job - C:\Program Files\SyncBack\SyncBack.exe -m "Dag BU Outlook naar Dropbox Folder bij opstart" C:\Windows\tasks\SyncBack Dag BU Outlook naar S.job - C:\Program Files\SyncBack\SyncBack.exe -m "Dag BU Outlook naar S" C:\Windows\tasks\SyncBack Dag BU Outlook naar T (verwijder uit doel als uit bron weg).job - C:\Program Files\SyncBack\SyncBack.exe -m "Dag BU Outlook naar T (verwijder uit doel als uit bron weg)" C:\Windows\tasks\SyncBack Dag BU Recepten naar Dropbox(P).job - C:\Program Files\SyncBack\SyncBack.exe -m "Dag BU Recepten naar Dropbox(P)" C:\Windows\tasks\SyncBack Maand BU P naar S.job - C:\Program Files\SyncBack\SyncBack.exe -m "Maand BU P naar S" C:\Windows\tasks\SyncBack Maand BU P naar WD.job - C:\Program Files\SyncBack\SyncBack.exe -m "Maand BU P naar WD" C:\Windows\tasks\SyncBack Wek BU D naar S.job - C:\Program Files\SyncBack\SyncBack.exe -m "Wek BU D naar S" C:\Windows\tasks\SyncBack Wek BU D naar WD.job - C:\Program Files\SyncBack\SyncBack.exe -m "Wek BU D naar WD" ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-11 460384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}] Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2015-01-29 629256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}] LastPass Vault - C:\Program Files\LastPass\LPToolbar.dll [2015-06-19 2283576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-06 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-11 172640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files\LastPass\LPToolbar.dll [2015-06-19 2283576] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-06 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Genie TimeLine Tray"=C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe [2011-01-11 1051264] "COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-09-08 1361088] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-09-11 597552] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "QNPlus"=C:\Program Files\QuickNotesPlus\QNPlus.exe [2007-04-10 696896] "HomeAlarm"=C:\Program Files\Chameleon Clock\ChamClock.exe [2007-12-11 709632] "Xmarks"=C:\Program Files\Xmarks\IE Extension\xmarkssync.exe [2014-11-06 1178680] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-02-01 39408] "OneDrive"=C:\Users\Dany\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-09-11 405584] "WinPatrol"=C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [2015-05-24 1238152] "Dropbox Update"=C:\Users\Dany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-14 134512] "StickyPassword"=C:\Program Files\Sticky Password\stpass.exe [2015-01-19 58120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2009-10-27 365560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-30 909208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2007-10-04 307200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2565520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe [2015-09-12 6490904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect] C:\Users\Dany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [2014-01-20 370] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] C:\Windows\ehome\ehTray.exe [2008-01-19 125952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe -update activex [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Folder Size] C:\Program Files\FolderSize\FolderSize.exe [2013-02-13 126976] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 1821576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2014-12-24 578560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe [2014-12-24 1475952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2014-12-24 310128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivDogService] C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] C:\Windows\RtHDVCpl.exe [2007-11-12 4706304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Delayer.exe /LaunchType=Auto /LaunchApps=Common [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickyPassword] C:\Program Files\Sticky Password\stpass.exe [2015-01-19 58120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-09-11 597552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-30 2595616] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol] C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe -controlservice -slave [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk] C:\PROGRA~1\COMMON~1\LPUNIN~1.EXE [2015-06-19 11873336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RVS 2010.lnk] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dany^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Keyndicate.lnk] C:\PROGRA~1\KEYNDI~1\KEYNDI~1.EXE [2013-03-09 748061] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dany^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Portfolio2000.exe.lnk] C:\PROGRA~1\Portfolio2000 - KBC\Portfolio2000.exe [2002-01-31 6501376] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Install LastPass FF RunOnce.lnk - C:\Program Files\Common Files\lpuninstall.exe Install LastPass IE RunOnce.lnk - C:\Program Files\Common Files\lpuninstall.exe C:\Users\Dany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe MailWasherPro.lnk - C:\Program Files\Firetrust\MailWasher\MailWasherPro.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\System32\guard32.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2015-02-21 115440] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "ShutdownWithoutLogon"=1 "EnableLinkedConnections"=1 "HideFastUserSwitching"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 "NoResolveTrack"=1 "NoFileAssociate"=0 "NoDriveTypeAutoRun"=255 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2015-09-15 09:50:38 ----D---- C:\rsit 2015-09-12 14:44:51 ----D---- C:\Program Files\Mozilla Firefox 2015-09-12 11:46:44 ----A---- C:\ProgramData\ntuser.dat 2015-09-11 18:56:26 ----D---- C:\Users\Dany\AppData\Roaming\Sun 2015-09-06 20:59:11 ----D---- C:\Program Files\SnipSnipSetup ======List of files/folders modified in the last 1 month====== 2015-09-15 09:52:13 ----D---- C:\Program Files\Trend Micro 2015-09-15 09:50:46 ----D---- C:\Windows\Prefetch 2015-09-15 09:36:56 ----D---- C:\Windows\Temp 2015-09-15 09:36:46 ----D---- C:\Program Files\SyncBack 2015-09-15 09:36:25 ----A---- C:\Windows\system32\TempWmicBatchFile.bat 2015-09-14 19:53:51 ----D---- C:\Windows\System32 2015-09-14 19:53:51 ----D---- C:\Windows\inf 2015-09-14 19:53:51 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-09-14 18:00:20 ----D---- C:\Users\Dany\AppData\Roaming\Dropbox 2015-09-14 10:19:05 ----SHD---- C:\System Volume Information 2015-09-13 09:45:02 ----D---- C:\Program Files\Mozilla Maintenance Service 2015-09-13 09:45:02 ----D---- C:\Program Files\FileZilla FTP Client 2015-09-12 21:14:36 ----D---- C:\ProgramData 2015-09-12 21:08:17 ----D---- C:\Program Files 2015-09-12 20:52:02 ----D---- C:\AdwCleaner 2015-09-12 20:06:46 ----D---- C:\Program Files\Malwarebytes Anti-Malware 2015-09-12 20:06:41 ----D---- C:\Windows\system32\drivers 2015-09-12 15:33:38 ----D---- C:\Users\Dany\AppData\Roaming\KeePass 2015-09-12 12:00:15 ----D---- C:\Users\Dany\AppData\Roaming\FileZilla 2015-09-12 11:56:45 ----D---- C:\Program Files\CCleaner 2015-09-12 11:47:45 ----SHD---- C:\Windows\Installer 2015-09-12 11:46:57 ----D---- C:\Windows\system32\catroot 2015-09-11 19:12:46 ----D---- C:\ProgramData\Oracle 2015-09-11 18:57:19 ----D---- C:\Program Files\Java 2015-09-11 18:56:36 ----D---- C:\Program Files\Common Files\Java 2015-09-11 18:55:44 ----A---- C:\Windows\system32\WindowsAccessBridge.dll 2015-09-09 12:37:03 ----D---- C:\Program Files\MyDrive Connect 2015-09-08 18:40:51 ----D---- C:\Windows\Tasks 2015-09-07 00:12:50 ----D---- C:\Program Files\SnipSnip 2015-09-06 21:38:26 ----D---- C:\Windows\system32\catroot2 2015-09-06 21:12:45 ----D---- C:\Windows\system32\wbem 2015-09-06 21:12:45 ----D---- C:\Windows 2015-09-06 21:04:51 ----D---- C:\Windows\system32\config 2015-09-06 21:04:43 ----D---- C:\Windows\registration 2015-09-06 11:55:14 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2015-09-06 11:03:22 ----D---- C:\Program Files\COMODO 2015-09-03 13:52:03 ----A---- C:\Windows\system32\guard32.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-11-14 43840] R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2008-06-11 129248] R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2008-06-11 368544] R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2008-06-11 441760] R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-08-05 17064] R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2015-08-05 627824] R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-08-05 40712] R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-08-05 91176] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664] R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2008-06-11 44384] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-05-12 3592704] R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-04-13 228224] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-09-12 23256] R3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648] R3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208] S3 cpuz136;cpuz136; \??\T:\Temp\cpuz136\cpuz136_x32.sys [] S3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-01 45288] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 83168] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2010-07-15 14216] S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2010-07-15 8456] S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2007-03-08 8320] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-09-12 51928] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32.sys [2011-08-01 40936] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 181344] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872] S3 USBCCID;USB Smart Card reader; C:\Windows\system32\DRIVERS\usbccid.sys [2012-06-13 29184] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [] S3 winusb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\winusb.sys [2009-07-14 34944] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S4 catchme;catchme; \??\C:\ComboFix\catchme.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-07-23 142648] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-05-12 675840] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 ChamClock Set Time Service for Vista;Chameleon Clock Set Time for Vista; C:\Program Files\Chameleon Clock\settime.exe [2007-06-27 58880] R2 ChromodoUpdater;COMODO Chromodo Update Service; C:\Program Files\Comodo\Chromodo\chromodo_updater.exe [2015-09-09 1998520] R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-09-08 4353840] R2 CronService;Cron Service for Prey; C:\Prey\platform\windows\cronsvc.exe [2011-02-15 19968] R2 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2013-02-13 114688] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-10-28 244448] R2 GenieTimelineService;Genie Timeline Service; C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe [2011-01-11 362624] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-02-02 5429520] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2015-05-18 93040] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2015-01-18 772296] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-01-18 103608] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-06 144200] S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-09-12 1133880] S3 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2009-10-27 660504] S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-06 269000] S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-09-08 1664704] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-06 144200] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-02-28 194032] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-12 149160] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-12-02 74384] S3 SXDS10;soft Xpansion Dispatch Service; C:\Program Files\Common Files\soft Xpansion\sxds10.exe [2011-12-08 229520] S3 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-30 492720] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-01-18 45744] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-01-18 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-01-18 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-01-18 139944] S4 PuranDefrag;PuranDefrag; C:\Windows\system32\PuranDefragS.exe [2013-08-15 260992] -----------------EOF-----------------