Logfile of random's system information tool 1.10 (written by random/random) Run by Mira at 2015-10-25 09:40:36 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 130 GB (38%) free of 343 GB Total RAM: 3977 MB (30% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:40:55, on 25/10/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.18057) Boot mode: Normal Running processes: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\Users\Mira\AppData\Local\Dropbox\Update\DropboxUpdate.exe C:\Users\Mira\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe C:\windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\windows\SysWOW64\cmd.exe C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Mira\Downloads\RSIT.exe C:\Users\Mira\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\Mira.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/5 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Mira\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Mira\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAH\FAHConsole.exe O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: McAfee Application Installer Cleanup (0250081445678069) (0250081445678069mcinstcleanup) - McAfee, Inc. - C:\windows\TEMP\025008~1.EXE O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing) O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15850 bytes ======Scheduled tasks folder====== C:\windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-3102891605-829722875-464236951-1001Core.job - C:\Users\Mira\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-3102891605-829722875-464236951-1001UA.job - C:\Users\Mira\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}] File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22 122456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-09-29 153768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-21 707800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-09-15 1733240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088] "PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2012-03-07 684024] "QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360] ""= [] "USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608] "DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456] "HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-03-16 184704] "BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-08-16 364032] "File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-22 12310616] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Dropbox Update"=C:\Users\Mira\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-03 136048] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup FAH.lnk - C:\Program Files (x86)\WinZip\FAH\FAHConsole.exe WinZip Preloader.lnk - C:\Program Files (x86)\WinZip\WzPreloader.exe C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Mira\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP] C:\windows\system32\DeviceNP.dll [2012-11-19 75648] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=DPPassFilter scecli [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoRun"=0 "NoFolderOptions"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-10-25 09:40:37 ----D---- C:\Program Files (x86)\trend micro 2015-10-25 09:40:36 ----D---- C:\rsit 2015-10-14 13:23:29 ----A---- C:\windows\SysWOW64\shell32.dll 2015-10-14 13:23:28 ----A---- C:\windows\SysWOW64\ExplorerFrame.dll 2015-10-14 13:23:05 ----A---- C:\windows\SysWOW64\ntoskrnl.exe 2015-10-14 13:23:05 ----A---- C:\windows\SysWOW64\ntkrnlpa.exe 2015-10-14 13:23:02 ----A---- C:\windows\SysWOW64\kernel32.dll 2015-10-14 13:23:00 ----A---- C:\windows\SysWOW64\schannel.dll 2015-10-14 13:23:00 ----A---- C:\windows\SysWOW64\ntdll.dll 2015-10-14 13:23:00 ----A---- C:\windows\SysWOW64\msv1_0.dll 2015-10-14 13:23:00 ----A---- C:\windows\SysWOW64\kerberos.dll 2015-10-14 13:22:59 ----A---- C:\windows\SysWOW64\wdigest.dll 2015-10-14 13:22:59 ----A---- C:\windows\SysWOW64\TSpkg.dll 2015-10-14 13:22:59 ----A---- C:\windows\SysWOW64\ncrypt.dll 2015-10-14 13:22:55 ----A---- C:\windows\SysWOW64\srclient.dll 2015-10-14 13:22:55 ----A---- C:\windows\SysWOW64\setup16.exe 2015-10-14 13:22:55 ----A---- C:\windows\SysWOW64\cryptbase.dll 2015-10-14 13:22:55 ----A---- C:\windows\SysWOW64\auditpol.exe 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-10-14 13:22:54 ----AH---- C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-10-14 13:22:54 ----A---- C:\windows\SysWOW64\wow32.dll 2015-10-14 13:22:54 ----A---- C:\windows\SysWOW64\sspicli.dll 2015-10-14 13:22:54 ----A---- C:\windows\SysWOW64\secur32.dll 2015-10-14 13:22:54 ----A---- C:\windows\SysWOW64\rpcrt4.dll 2015-10-14 13:22:54 ----A---- C:\windows\SysWOW64\ntvdm64.dll 2015-10-14 13:22:54 ----A---- C:\windows\SysWOW64\KernelBase.dll 2015-10-14 13:22:54 ----A---- C:\windows\SysWOW64\instnm.exe 2015-10-14 13:22:54 ----A---- C:\windows\SysWOW64\credssp.dll 2015-10-14 13:22:54 ----A---- C:\windows\SysWOW64\apisetschema.dll 2015-10-14 13:22:53 ----AH---- C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-10-14 13:22:53 ----AH---- C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-10-14 13:22:53 ----A---- C:\windows\SysWOW64\user.exe 2015-10-14 13:22:53 ----A---- C:\windows\SysWOW64\adtschema.dll 2015-10-14 13:22:52 ----A---- C:\windows\SysWOW64\msobjs.dll 2015-10-14 13:22:52 ----A---- C:\windows\SysWOW64\msaudite.dll 2015-10-14 13:22:34 ----A---- C:\windows\SysWOW64\wuwebv.dll 2015-10-14 13:22:34 ----A---- C:\windows\SysWOW64\wuapi.dll 2015-10-14 13:22:33 ----A---- C:\windows\SysWOW64\wups.dll 2015-10-14 13:22:33 ----A---- C:\windows\SysWOW64\wudriver.dll 2015-10-14 13:22:33 ----A---- C:\windows\SysWOW64\wuapp.exe 2015-10-14 13:22:18 ----A---- C:\windows\SysWOW64\vbscript.dll 2015-10-14 13:22:18 ----A---- C:\windows\SysWOW64\urlmon.dll 2015-10-14 13:22:18 ----A---- C:\windows\SysWOW64\occache.dll 2015-10-14 13:22:18 ----A---- C:\windows\SysWOW64\mshtmled.dll 2015-10-14 13:22:18 ----A---- C:\windows\SysWOW64\MshtmlDac.dll 2015-10-14 13:22:18 ----A---- C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-10-14 13:22:18 ----A---- C:\windows\SysWOW64\ieetwproxystub.dll 2015-10-14 13:22:18 ----A---- C:\windows\SysWOW64\iedkcs32.dll 2015-10-14 13:22:17 ----A---- C:\windows\SysWOW64\mshtml.dll 2015-10-14 13:22:17 ----A---- C:\windows\SysWOW64\msfeeds.dll 2015-10-14 13:22:17 ----A---- C:\windows\SysWOW64\dxtrans.dll 2015-10-14 13:22:16 ----A---- C:\windows\SysWOW64\jsproxy.dll 2015-10-14 13:22:16 ----A---- C:\windows\SysWOW64\jscript9diag.dll 2015-10-14 13:22:16 ----A---- C:\windows\SysWOW64\jscript.dll 2015-10-14 13:22:16 ----A---- C:\windows\SysWOW64\ieui.dll 2015-10-14 13:22:16 ----A---- C:\windows\SysWOW64\iesetup.dll 2015-10-14 13:22:16 ----A---- C:\windows\SysWOW64\iertutil.dll 2015-10-14 13:22:16 ----A---- C:\windows\SysWOW64\iernonce.dll 2015-10-14 13:22:16 ----A---- C:\windows\SysWOW64\ieframe.dll 2015-10-14 13:22:16 ----A---- C:\windows\SysWOW64\ieapfltr.dll 2015-10-14 13:22:16 ----A---- C:\windows\SysWOW64\dxtmsft.dll 2015-10-14 13:22:14 ----A---- C:\windows\SysWOW64\wininet.dll 2015-10-14 13:22:14 ----A---- C:\windows\SysWOW64\webcheck.dll 2015-10-14 13:22:14 ----A---- C:\windows\SysWOW64\msrating.dll 2015-10-14 13:22:14 ----A---- C:\windows\SysWOW64\mshtmlmedia.dll 2015-10-14 13:22:14 ----A---- C:\windows\SysWOW64\jscript9.dll 2015-10-14 13:22:14 ----A---- C:\windows\SysWOW64\ieUnatt.exe 2015-10-14 13:21:46 ----A---- C:\windows\SysWOW64\appidapi.dll 2015-10-14 13:21:21 ----A---- C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-14 13:21:21 ----A---- C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 13:21:21 ----A---- C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 13:21:21 ----A---- C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-14 13:21:21 ----A---- C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2015-10-14 13:21:21 ----A---- C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2015-10-14 13:21:21 ----A---- C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2015-10-14 13:21:21 ----A---- C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2015-10-14 13:21:21 ----A---- C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2015-10-14 13:21:21 ----A---- C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\ucrtbase.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 13:21:20 ----A---- C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll ======List of files/folders modified in the last 1 month====== 2015-10-25 09:40:52 ----D---- C:\windows\Temp 2015-10-25 09:40:49 ----D---- C:\windows\Prefetch 2015-10-25 09:40:37 ----RD---- C:\Program Files (x86) 2015-10-24 11:00:25 ----D---- C:\windows\rescache 2015-10-24 10:54:01 ----SHD---- C:\System Volume Information 2015-10-24 10:13:56 ----D---- C:\Program Files (x86)\McAfee 2015-10-23 13:09:52 ----D---- C:\windows\System32 2015-10-23 13:09:51 ----D---- C:\windows\inf 2015-10-23 10:45:01 ----A---- C:\windows\SysWOW64\FlashPlayerApp.exe 2015-10-23 08:28:51 ----A---- C:\windows\SysWOW64\log.txt 2015-10-23 08:28:39 ----D---- C:\Users\Mira\AppData\Roaming\Dropbox 2015-10-23 08:25:13 ----D---- C:\ProgramData\PDFC 2015-10-23 08:24:30 ----A---- C:\windows\SysWOW64\bscs.ini 2015-10-19 19:32:29 ----RSD---- C:\windows\assembly 2015-10-19 17:01:03 ----D---- C:\windows\winsxs 2015-10-19 17:00:54 ----D---- C:\windows\AppPatch 2015-10-16 15:33:32 ----D---- C:\windows\SysWOW64\nl-NL 2015-10-16 15:33:32 ----D---- C:\windows\SysWOW64\en-US 2015-10-16 15:33:32 ----D---- C:\windows\SysWOW64 2015-10-16 15:33:31 ----D---- C:\Program Files (x86)\Internet Explorer 2015-10-16 15:09:08 ----SHD---- C:\windows\Installer 2015-10-16 15:08:47 ----D---- C:\ProgramData\Microsoft Help 2015-10-16 15:04:26 ----A---- C:\windows\win.ini 2015-10-09 06:56:59 ----SD---- C:\windows\SysWOW64\GWX ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [] R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [] R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\DRIVERS\iusb3hcs.sys [] R0 MfeEpeOpal;MfeEpeOpal; C:\windows\SysWOW64\drivers\MfeEpeOpal.sys [] R0 MfeEpePc;MfeEpePc; C:\windows\SysWOW64\drivers\MfeEpePc.sys [] R0 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [] R0 mfewfpk;McAfee Inc. mfewfpk; C:\windows\system32\drivers\mfewfpk.sys [] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [] R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [] R3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service; C:\windows\System32\Drivers\BtAudioBus.sys [] R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [] R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [] R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [] R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\iusb3hub.sys [] R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\DRIVERS\iusb3xhc.sys [] R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [] R3 mfeaack;McAfee Inc. mfeaack; C:\windows\system32\drivers\mfeaack.sys [] R3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [] R3 mfefirek;McAfee Inc. mfefirek; C:\windows\system32\drivers\mfefirek.sys [] R3 mfencbdc;McAfee Inc. mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [] R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2015-09-22 37960] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [] R3 rtbth;RTBTH Bluetooth Device Driver; C:\windows\system32\DRIVERS\rtbth.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\windows\system32\drivers\BthEnum.sys [] S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\windows\System32\Drivers\BtL2caScoIf.sys [] S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [] S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\windows\System32\Drivers\IvtUrbBtFlt.sys [] S3 cfwids;McAfee Inc. cfwids; C:\windows\system32\drivers\cfwids.sys [] S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [] S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [] S3 HipShieldK;McAfee Inc. HipShieldK; C:\windows\system32\drivers\HipShieldK.sys [] S3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [] S3 mfeavfk01;McAfee Inc.; \Device\mfeavfk01.sys [] S3 mfencrk;McAfee Inc. mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [] S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [] S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [] S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [] S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [] S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [] S3 usbscan;Stuurprogramma voor USB-scanner; C:\windows\system32\DRIVERS\usbscan.sys [] S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [] S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-08-14 1578496] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-15 493904] R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048] R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072] R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824] R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440] R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984] R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784] R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-03-22 1327104] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2015-09-22 157928] R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2015-08-21 782608] R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [2015-07-23 1694152] R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048] R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048] R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [2015-07-06 373704] R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [] R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048] R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-03-07 1134584] R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2014-10-10 966336] R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880] R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-04-05 498352] R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800] R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-03-20 2325584] R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-08-14 138752] R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-16 1420160] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-03-14 994176] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-01-23 5132888] S2 0250081445678069mcinstcleanup;McAfee Application Installer Cleanup (0250081445678069); C:\windows\TEMP\025008~1.EXE [2015-05-04 883024] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200] S2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048] S2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048] S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-23 269000] S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-04-02 276248] S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-11-19 477056] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe /V [] S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2015-07-17 639456] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [] S4 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2015-06-29 232656] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552] -----------------EOF-----------------