Logfile of random's system information tool 1.10 (written by random/random) Run by Paul at 2015-10-19 19:11:44 Microsoft Windows XP Professional Service Pack 3 System drive C: has 159 GB (86%) free of 185 GB Total RAM: 1014 MB (14% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:12:08, on 19/10/2015 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\SvcHost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HitmanPro\hmpsched.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\SvcHost.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\SvcHost.exe C:\WINDOWS\System32\SvcHost.exe C:\WINDOWS\System32\SvcHost.exe c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\CCleaner\CCleaner.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TeamViewer\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Opera\32.0.1948.69\opera.exe C:\Program Files\Opera\32.0.1948.69\opera_crashreporter.exe C:\Program Files\Opera\32.0.1948.69\opera.exe C:\Program Files\Opera\32.0.1948.69\opera.exe C:\Program Files\Opera\32.0.1948.69\opera.exe C:\Program Files\Opera\32.0.1948.69\opera.exe C:\Program Files\Opera\32.0.1948.69\opera.exe C:\Documents and Settings\Paul\Mijn documenten\RSIT.exe C:\Program Files\trend micro\Paul.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ O4 - HKLM\..\Run: [BullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O20 - AppInit_DLLs: c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe -- End of file - 5202 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe -c C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job - C:\WINDOWS\system32\xp_eos.exe C:\WINDOWS\tasks\Opera scheduled Autoupdate 1443177067.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\98tjfgal.default prefs.js - "browser.startup.homepage" - "http://ereporter.concentra.be" "smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 "{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "antiphishing@bullguard"=C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 19.0.0.226 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2] "Description"=Java™ Deployment Toolkit "Path"=C:\WINDOWS\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre1.8.0_51\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""= [] "BullGuardUpdate2"=c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2015-10-12 2081832] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-08-20 6490904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\SYSTEM32\igfxdev.dll [2011-12-23 204800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\SYSTEM32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsUpdate] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLUA"=0 "EnableVirtualization"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "VIDC.YVYU"=msyuv.dll "wavemapper"=msacm32.drv "MSVideo8"=VfWWDM32.dll "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2015-10-19 19:11:46 ----D---- C:\Program Files\trend micro 2015-10-19 19:11:44 ----D---- C:\rsit 2015-10-16 16:51:58 ----D---- C:\Documents and Settings\Paul\Application Data\AVG 2015-10-16 16:50:00 ----D---- C:\Documents and Settings\All Users\Application Data\Avg 2015-10-16 16:49:57 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files 2015-10-16 16:45:53 ----D---- C:\Program Files\commview 2015-10-10 20:40:49 ----A---- C:\WINDOWS\system32\muweb.dll 2015-10-10 12:05:29 ----D---- C:\progamma'spat 2015-10-09 13:30:58 ----A---- C:\WINDOWS\system32\d3d9caps.dat 2015-10-09 03:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$ 2015-10-09 03:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$ 2015-10-09 03:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$ 2015-10-09 03:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2934207$ 2015-10-09 02:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$ 2015-10-09 02:58:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$ 2015-10-09 02:57:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2929961$ 2015-10-09 02:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$ 2015-10-09 02:55:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2930275$ 2015-10-09 02:55:13 ----D---- C:\Program Files\Common Files\DESIGNER 2015-10-09 02:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$ 2015-10-09 02:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$ 2015-10-09 02:48:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$ 2015-10-09 02:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$ 2015-10-09 02:27:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$ 2015-10-09 02:12:23 ----N---- C:\WINDOWS\system32\xp_eos.exe 2015-10-08 20:42:58 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP 2015-10-08 20:27:37 ----D---- C:\Documents and Settings\Paul\Application Data\Simply Super Software 2015-10-08 19:20:33 ----A---- C:\WINDOWS\system32\SET28F.tmp 2015-10-08 19:20:33 ----A---- C:\WINDOWS\system32\SET275.tmp 2015-10-08 19:20:33 ----A---- C:\WINDOWS\system32\SET233.tmp 2015-10-08 19:20:33 ----A---- C:\WINDOWS\system32\SET20E.tmp 2015-10-08 19:20:32 ----A---- C:\WINDOWS\system32\SET285.tmp 2015-10-08 19:20:32 ----A---- C:\WINDOWS\system32\SET284.tmp 2015-10-08 19:20:32 ----A---- C:\WINDOWS\system32\SET277.tmp 2015-10-08 19:20:32 ----A---- C:\WINDOWS\system32\SET276.tmp 2015-10-08 19:20:32 ----A---- C:\WINDOWS\system32\SET21F.tmp 2015-10-08 19:20:32 ----A---- C:\WINDOWS\system32\SET21D.tmp 2015-10-08 19:20:32 ----A---- C:\WINDOWS\system32\SET212.tmp 2015-10-08 19:20:32 ----A---- C:\WINDOWS\system32\SET210.tmp 2015-10-08 19:20:31 ----A---- C:\WINDOWS\system32\SET286.tmp 2015-10-08 19:20:31 ----A---- C:\WINDOWS\system32\SET221.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\SET28E.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\SET28D.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\SET28A.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\SET287.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\SET278.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\SET231.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\SET22F.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\SET229.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\SET223.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\SET214.tmp 2015-10-08 19:20:30 ----A---- C:\WINDOWS\system32\igfxCoIn_v5218.dll 2015-10-08 19:04:06 ----D---- C:\Documents and Settings\All Users\Application Data\DriverGenius 2015-10-08 17:38:34 ----D---- C:\Program Files\DriverToolkit 2015-10-08 15:13:34 ----D---- C:\Program Files\CCleaner 2015-10-08 14:05:24 ----A---- C:\WINDOWS\system32\drivers\revoflt.sys 2015-10-08 14:05:22 ----D---- C:\Program Files\VS Revo Group 2015-10-08 13:49:27 ----D---- C:\Documents and Settings\All Users\Application Data\VS Revo Group 2015-10-07 19:46:30 ----D---- C:\Program Files\HitmanPro 2015-10-07 19:45:52 ----D---- C:\Documents and Settings\All Users\Application Data\HitmanPro 2015-10-07 17:59:39 ----A---- C:\WINDOWS\system32\npDeployJava1.dll 2015-10-07 17:59:39 ----A---- C:\WINDOWS\system32\deployJava1.dll 2015-10-07 17:59:02 ----D---- C:\Program Files\Common Files\Java 2015-10-07 17:57:03 ----D---- C:\Documents and Settings\All Users\Application Data\Oracle 2015-10-07 17:54:45 ----D---- C:\Documents and Settings\All Users\Application Data\Ashampoo 2015-10-07 17:11:33 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 2015-10-07 17:10:46 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys 2015-10-07 17:10:46 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2015-10-07 17:10:45 ----D---- C:\Program Files\Malwarebytes Anti-Malware 2015-10-07 17:10:45 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2015-10-06 20:09:21 ----D---- C:\Documents and Settings\Paul\Application Data\TeamViewer 2015-10-06 20:09:02 ----D---- C:\Program Files\TeamViewer 2015-09-25 12:31:37 ----D---- C:\Documents and Settings\Paul\Application Data\Opera Software 2015-09-25 12:30:40 ----D---- C:\Program Files\Opera ======List of files/folders modified in the last 1 month====== 2015-10-19 19:12:02 ----D---- C:\WINDOWS\Prefetch 2015-10-19 19:11:46 ----RD---- C:\Program Files 2015-10-19 19:11:16 ----D---- C:\Documents and Settings\All Users\Application Data\BullGuard 2015-10-19 19:10:03 ----D---- C:\WINDOWS\system32 2015-10-19 19:01:41 ----D---- C:\WINDOWS\temp 2015-10-19 10:06:42 ----D---- C:\WINDOWS\system32\drivers 2015-10-19 10:05:32 ----D---- C:\WINDOWS\system32\CatRoot2 2015-10-18 23:50:54 ----A---- C:\WINDOWS\SchedLgU.Txt 2015-10-18 16:51:08 ----D---- C:\WINDOWS 2015-10-18 08:38:41 ----D---- C:\Config.Msi 2015-10-17 17:27:10 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2015-10-17 15:20:48 ----SHD---- C:\WINDOWS\Installer 2015-10-16 17:11:44 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2015-10-16 16:52:30 ----D---- C:\WINDOWS\system32\config 2015-10-15 22:28:26 ----D---- C:\WINDOWS\Minidump 2015-10-15 22:28:26 ----D---- C:\WINDOWS\Debug 2015-10-15 01:27:27 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2015-10-15 01:25:59 ----D---- C:\WINDOWS\system32\MRT 2015-10-15 01:18:02 ----A---- C:\WINDOWS\system32\MRT.exe 2015-10-12 16:25:57 ----HD---- C:\WINDOWS\inf 2015-10-12 16:19:04 ----A---- C:\WINDOWS\system32\BGLsp.dll 2015-10-12 16:19:03 ----A---- C:\WINDOWS\system32\BgGamingMonitor.dll 2015-10-10 12:46:06 ----SD---- C:\WINDOWS\Downloaded Program Files 2015-10-10 00:41:51 ----D---- C:\Documents and Settings\Paul\Application Data\HPAppData 2015-10-09 11:48:39 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2015-10-09 08:46:22 ----SD---- C:\WINDOWS\Tasks 2015-10-09 08:45:54 ----D---- C:\Program Files\Microsoft Silverlight 2015-10-09 03:02:06 ----RSHDC---- C:\WINDOWS\system32\dllcache 2015-10-09 02:57:31 ----RSD---- C:\WINDOWS\assembly 2015-10-09 02:55:59 ----D---- C:\WINDOWS\Microsoft.NET 2015-10-09 02:55:13 ----D---- C:\Program Files\Common Files 2015-10-09 02:51:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2015-10-09 02:50:47 ----D---- C:\WINDOWS\WinSxS 2015-10-09 02:12:15 ----D---- C:\WINDOWS\system32\CatRoot 2015-10-08 23:08:36 ----D---- C:\WINDOWS\SoftwareDistribution 2015-10-08 22:39:49 ----D---- C:\Documents and Settings\Paul\Application Data\Ahead 2015-10-08 21:35:02 ----D---- C:\WINDOWS\system32\Restore 2015-10-08 19:22:08 ----D---- C:\WINDOWS\system32\ReinstallBackups 2015-10-08 19:20:30 ----DC---- C:\WINDOWS\system32\DRVSTORE 2015-10-07 18:34:49 ----D---- C:\Program Files\Java 2015-10-07 18:34:26 ----D---- C:\Program Files\Mozilla Firefox 2015-10-07 17:58:05 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-10-07 17:43:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$ 2015-10-07 17:23:48 ----D---- C:\Documents and Settings\Paul\Application Data\Mozilla 2015-10-06 20:09:23 ----RSD---- C:\WINDOWS\Fonts 2015-10-01 13:49:33 ----D---- C:\Documents and Settings\Paul\Application Data\HpUpdate 2015-09-24 11:24:03 ----D---- C:\Program Files\HP ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R1 BdAgent;BullGuard Security Agent; C:\WINDOWS\system32\DRIVERS\BdAgent.sys [2015-01-21 100944] R1 BdSpy;BdSpy; C:\WINDOWS\system32\drivers\BdSpy.sys [2015-10-12 67088] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\WINDOWS\system32\DRIVERS\NSKernel.sys [2015-08-19 822456] R1 NovaShieldTDIDriver;NovaShieldTDIDriver; C:\WINDOWS\system32\DRIVERS\NSNetmon.sys [2015-08-19 20216] R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832] R1 WS2IFSL;Windows Socket 2.0 Non-IFS-omgeving voor serviceproviderondersteuning; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032] R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [] R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2011-12-23 12672] R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2015-06-15 32928] R3 afwcore;afwcore; C:\WINDOWS\system32\DRIVERS\afwcore.sys [2015-06-15 277152] R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256] R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2011-12-23 988800] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2011-12-23 209664] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-01-13 1730272] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-12-23 4424192] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288] R3 NETw4x32;Stuurprogramma voor Intel(R) Wireless WiFi Link Adapter onder Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2011-12-23 2206976] R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 NSCIRDA;Stuurprogramma voor NSC-infraroodapparaat; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672] R3 Rasirda;WAN-minipoort (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2011-12-23 290816] R3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\Trufos.sys [2015-10-12 422664] R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 usbvideo;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2011-12-23 730112] S3 catchme;catchme; \??\C:\DOCUME~1\Paul\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2009-08-05 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2009-08-05 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-05 21568] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976] S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 BsBackup;BullGuard backup service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336] R2 BsBhvScan;BullGuard Behavioural Detection; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2015-10-14 542760] R2 BsCache;BullGuard CODS service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336] R2 BsFileScan;BullGuard on-access service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336] R2 BsFire;BullGuard firewall service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336] R2 BsMailProxy;BullGuard e-mail monitoring service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336] R2 BsMain;BullGuard main service; C:\WINDOWS\System32\SvcHost.exe [2008-04-14 14336] R2 BsScanner;BullGuard scanning service; c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe [2015-10-12 240680] R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2015-10-12 342568] R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2015-10-10 106248] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 Irmon;Infraroodmonitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936] R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-05 144200] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17 269000] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-05 144200] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-15 119408] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 ‮etadpug;Google Update Service (gupdate); C:\Program Files\Google\Desktop\Install\{01ebdb1c-2f4e-b807-587a-d393259925f0}\ \ \‮ﯹ๛\{01ebdb1c-2f4e-b807-587a-d393259925f0}\GoogleUpdate.exe < [] S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] -----------------EOF-----------------