Logfile of random's system information tool 1.10 (written by random/random) Run by rwest at 2016-01-15 16:30:52 Microsoft Windows 10 Home System drive C: has 869 GB (92%) free of 941 GB Total RAM: 8118 MB (75% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:30:59, on 15-1-2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10240.16412) Boot mode: Normal Running processes: C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\rwest.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/?pc=HRTE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKCU\..\Run: [OneDrive] "C:\Users\rwest\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\windows\System32\SensorDataService.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11950 bytes ======Listing Processes====== C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\svchost.exe -k LocalService C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k NetworkService "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe" C:\windows\system32\igfxCUIService.exe C:\windows\system32\WLANExt.exe 741894417440 \??\C:\windows\system32\conhost.exe 0x4 C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\svchost.exe -k apphost C:\windows\System32\svchost.exe -k utcsvc C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\svchost.exe -k appmodel dashost.exe {20064c1f-0b39-4bb7-ad93cf90e08606bf} "C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe" "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\CyberLink\Shared files\RichVideo64.exe" C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted taskeng.exe {1A713A3F-227C-4D77-9F6F-E07071A38937} C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c C:\windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch "C:\Program Files (x86)\Secunia\PSI\sua.exe" --service-launch C:\windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe" "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe" "C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe" "C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe" -- "C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe" C:\windows\System32\WinLogon.exe -SpecialSession "dwm.exe" taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E} sihost.exe igfxEM.exe igfxHK.exe "C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe" /startup "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray "C:\Program Files (x86)\Secunia\PSI\psi_tray.exe" "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac "C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" C:\windows\system32\svchost.exe -k UnistackSvcGroup C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\SettingSyncHost.exe -Embedding "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe" /SetSchedule true "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe" /Preinstall C:\windows\system32\ApplicationFrameHost.exe -Embedding "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" "fontdrvhost.exe" explorer.exe "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca "C:\windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4820.0.541716868\314384545" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0412 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Control/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4820.2.1985808023\395175228" --font-cache-shared-handle=2520 /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Control/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4820.3.114701012\1060596199" --font-cache-shared-handle=2664 /prefetch:673131151 C:\windows\System32\svchost.exe -k WerSvcGroup "C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\windows\system32\SearchFilterHost.exe" 0 604 608 616 8192 612 "C:\Users\rwest\Downloads\RSITx64 (4).exe" ======Scheduled tasks folder====== C:\windows\tasks\ASC9_SkipUac_rwest.job - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1120304455-756585421-3900323258-1001Core.job - C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1120304455-756585421-3900323258-1001UA.job - C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\windows\tasks\HPCeeScheduleForrwest.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForrwest (null) C:\windows\tasks\Uninstaller_SkipUac_rwest.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-11-23 131064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-11-23 115192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-11-23 131064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-11-23 115192] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-12-22 8522496] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-12-09 170256] "IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-11-17 71168] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"=C:\Users\rwest\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-15 551112] "Google Update"=C:\Users\rwest\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-16 144200] "Advanced SystemCare 9"=C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2015-11-30 2010912] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056] ""= [] "PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2015-12-07 99064] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DSCAutomationHostEnabled"=2 "SoftwareSASGeneration"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoSimpleNetIDList"=1 "NoDriveTypeAutoRun"=221 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "vidc.i420"=iyuv_32.dll "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2016-01-15 16:30:52 ----D---- C:\rsit 2016-01-15 16:30:52 ----D---- C:\Program Files\trend micro 2016-01-15 10:25:27 ----A---- C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-01-14 19:09:48 ----D---- C:\Users\rwest\AppData\Roaming\pandasecuritytb 2016-01-14 19:04:50 ----A---- C:\windows\system32\drivers\PSKMAD.sys 2016-01-14 19:04:41 ----D---- C:\Program Files (x86)\pandasecuritytb 2016-01-14 19:04:33 ----A---- C:\windows\system32\drivers\PSINProt.sys 2016-01-14 19:04:33 ----A---- C:\windows\system32\drivers\PSINAflt.sys 2016-01-14 19:04:32 ----A---- C:\windows\system32\drivers\PSINReg.sys 2016-01-14 19:04:26 ----A---- C:\windows\system32\drivers\PSINProc.sys 2016-01-14 19:04:25 ----A---- C:\windows\system32\drivers\PSINKNC.sys 2016-01-14 19:04:25 ----A---- C:\windows\system32\drivers\PSINFile.sys 2016-01-14 19:04:00 ----D---- C:\Program Files (x86)\Panda Security 2016-01-14 11:06:10 ----D---- C:\Program Files (x86)\Secunia 2016-01-13 20:58:57 ----A---- C:\windows\system32\drivers\Smb_driver_Intel.sys 2016-01-13 20:44:08 ----D---- C:\Users\rwest\AppData\Roaming\Intel Corporation 2016-01-13 20:37:36 ----D---- C:\windows\system32\MRT 2016-01-13 20:37:29 ----A---- C:\windows\system32\MRT.exe 2016-01-13 20:36:53 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe 2016-01-13 20:36:15 ----A---- C:\windows\system32\Rtlihvs.dll 2016-01-13 20:36:15 ----A---- C:\windows\system32\drivers\rtwlane.sys 2016-01-13 20:36:02 ----A---- C:\windows\SYSWOW64\ISSRemoveSP.exe 2016-01-13 20:30:53 ----D---- C:\Program Files (x86)\Mozilla Thunderbird 2016-01-12 16:03:37 ----HD---- C:\$WINDOWS.~BT 2016-01-12 15:29:48 ----N---- C:\windows\system32\MpSigStub.exe 2016-01-10 14:38:41 ----D---- C:\Users\rwest\AppData\Roaming\DriverCure 2016-01-10 14:38:40 ----D---- C:\Users\rwest\AppData\Roaming\ParetoLogic 2016-01-10 14:38:32 ----D---- C:\ProgramData\ParetoLogic 2016-01-10 14:38:32 ----D---- C:\Program Files (x86)\ParetoLogic 2016-01-10 14:03:52 ----SHD---- C:\found.000 2016-01-06 20:16:49 ----ASH---- C:\pagefile.sys 2015-12-30 19:03:05 ----D---- C:\ProgramData\mquadr.at 2015-12-30 19:03:02 ----N---- C:\windows\SYSWOW64\WiFiMan.dll 2015-12-30 19:03:02 ----N---- C:\windows\system32\WiFiMan.dll 2015-12-30 16:13:15 ----D---- C:\Program Files (x86)\FrostWire 6 2015-12-27 13:12:37 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys 2015-12-27 13:12:23 ----D---- C:\ProgramData\Malwarebytes 2015-12-27 13:12:23 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-12-27 13:12:23 ----A---- C:\windows\system32\drivers\mwac.sys 2015-12-27 13:12:23 ----A---- C:\windows\system32\drivers\mbamchameleon.sys 2015-12-27 13:12:23 ----A---- C:\windows\system32\drivers\mbam.sys 2015-12-27 11:37:00 ----D---- C:\Users\rwest\AppData\Roaming\Azureus 2015-12-26 20:00:14 ----D---- C:\windows\Minidump 2015-12-24 19:19:03 ----D---- C:\ProgramData\Avira 2015-12-24 19:12:22 ----SD---- C:\windows\SYSWOW64\Microsoft 2015-12-23 19:49:44 ----D---- C:\Users\rwest\AppData\Roaming\ProductData 2015-12-23 19:49:41 ----D---- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} 2015-12-23 19:48:56 ----A---- C:\windows\SYSWOW64\IObitSmartDefragExtension.dll 2015-12-23 19:48:52 ----A---- C:\windows\system32\IObitSmartDefragExtension.dll 2015-12-23 19:48:51 ----A---- C:\windows\system32\SmartDefragBootTime.exe 2015-12-23 19:48:43 ----A---- C:\windows\system32\drivers\SmartDefragDriver.sys 2015-12-22 21:00:57 ----A---- C:\windows\SYSWOW64\SRCOM.dll 2015-12-22 21:00:57 ----A---- C:\windows\SYSWOW64\SFCOM.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\SRSWOW64.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\SRSTSX64.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\SRSTSH64.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\SRSHP64.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\SRRPTR64.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\SRCOM64.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\SRCOM.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\SRAPO64.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\sltech64.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\slprp64.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\slcnt64.dll 2015-12-22 21:00:57 ----A---- C:\windows\system32\sl3apo64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RtPgEx64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RtlCPAPI64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RTEEP64A.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RTEEL64A.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RTEEG64A.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RTEED64A.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RtDataProc64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RTCOM64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RP3DHT64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RP3DAA64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RCoRes64.dat 2015-12-22 21:00:56 ----A---- C:\windows\system32\RCoInstII64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\drivers\RTAIODAT.DAT 2015-12-22 21:00:54 ----A---- C:\windows\system32\FMAPO64.dll 2015-12-22 21:00:54 ----A---- C:\windows\system32\CX64APO.dll 2015-12-22 21:00:54 ----A---- C:\windows\system32\CONEQMSAPOGUILibrary.dll 2015-12-22 21:00:54 ----A---- C:\windows\system32\AERTAR64.dll 2015-12-22 21:00:54 ----A---- C:\windows\system32\AERTAC64.dll 2015-12-22 21:00:34 ----A---- C:\windows\system32\RtNicProp64.dll 2015-12-22 20:59:58 ----A---- C:\windows\system32\drivers\IntcDAud.sys 2015-12-22 20:59:39 ----D---- C:\Program Files\Synaptics 2015-12-22 20:59:37 ----A---- C:\windows\system32\WdfCoInstaller01011.dll 2015-12-22 20:52:05 ----D---- C:\ProgramData\ProductData 2015-12-22 20:50:42 ----D---- C:\Users\rwest\AppData\Roaming\IObit 2015-12-22 20:50:42 ----D---- C:\ProgramData\IObit 2015-12-22 20:50:42 ----A---- C:\windows\SYSWOW64\drivers\HWiNFO64A.SYS 2015-12-22 20:50:39 ----D---- C:\Program Files (x86)\IObit 2015-12-20 14:37:28 ----D---- C:\Program Files\AVAST Software 2015-12-16 16:48:32 ----D---- C:\windows\system32\SleepStudy 2015-12-16 10:06:19 ----D---- C:\Program Files\Common Files\AV ======List of files/folders modified in the last 1 month====== 2016-01-15 16:30:52 ----RD---- C:\Program Files 2016-01-15 16:23:47 ----D---- C:\windows\Temp 2016-01-15 16:23:39 ----D---- C:\windows\Prefetch 2016-01-15 16:19:52 ----D---- C:\windows\system32\sru 2016-01-15 16:19:04 ----D---- C:\windows\System32 2016-01-15 10:27:55 ----D---- C:\windows\system32\config 2016-01-15 10:25:54 ----D---- C:\Windows 2016-01-15 10:25:51 ----D---- C:\windows\CbsTemp 2016-01-15 10:25:05 ----D---- C:\windows\INF 2016-01-15 10:25:03 ----D---- C:\windows\AppReadiness 2016-01-14 19:52:39 ----D---- C:\windows\WinSxS 2016-01-14 19:51:03 ----D---- C:\windows\Microsoft.NET 2016-01-14 19:51:00 ----D---- C:\windows\debug 2016-01-14 19:05:16 ----SHD---- C:\windows\Installer 2016-01-14 19:05:14 ----D---- C:\windows\system32\drivers 2016-01-14 19:05:13 ----D---- C:\windows\system32\DriverStore 2016-01-14 19:05:08 ----D---- C:\ProgramData\panda_url_filtering 2016-01-14 19:04:41 ----RD---- C:\Program Files (x86) 2016-01-14 19:04:40 ----D---- C:\ProgramData\Panda Security 2016-01-14 19:04:36 ----D---- C:\Users\rwest\AppData\Roaming\Panda Security 2016-01-14 19:04:33 ----DC---- C:\windows\system32\DRVSTORE 2016-01-14 19:04:32 ----D---- C:\windows\system32\CatRoot 2016-01-14 19:04:01 ----RSD---- C:\windows\Fonts 2016-01-14 18:57:58 ----A---- C:\windows\system32\PerfStringBackup.INI 2016-01-14 18:51:11 ----D---- C:\windows\SYSWOW64\en-US 2016-01-14 18:51:11 ----D---- C:\windows\SYSWOW64\en-GB 2016-01-14 18:36:20 ----HD---- C:\ProgramData 2016-01-14 18:35:14 ----D---- C:\windows\Tasks 2016-01-14 18:35:14 ----D---- C:\windows\system32\Tasks 2016-01-14 11:42:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-13 20:58:39 ----SHD---- C:\System Volume Information 2016-01-13 20:46:01 ----HD---- C:\Program Files\WindowsApps 2016-01-13 20:36:53 ----D---- C:\windows\SysWOW64 2016-01-13 20:34:24 ----D---- C:\SWSETUP 2016-01-13 20:34:08 ----D---- C:\ProgramData\Intel 2016-01-13 20:34:08 ----D---- C:\Program Files\Intel 2016-01-13 20:34:08 ----D---- C:\Program Files (x86)\Common Files 2016-01-13 20:33:54 ----D---- C:\windows\SYSWOW64\drivers 2016-01-13 20:32:29 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI 2016-01-13 20:25:17 ----D---- C:\windows\system32\catroot2 2016-01-13 03:55:04 ----D---- C:\windows\system32\wbem 2016-01-13 03:54:01 ----SD---- C:\windows\SYSWOW64\F12 2016-01-13 03:54:01 ----SD---- C:\windows\system32\F12 2016-01-13 03:54:01 ----RD---- C:\windows\PurchaseDialog 2016-01-13 03:54:01 ----RD---- C:\windows\DevicesFlow 2016-01-13 03:54:01 ----D---- C:\windows\SYSWOW64\nl-NL 2016-01-13 03:54:01 ----D---- C:\windows\SYSWOW64\migration 2016-01-13 03:54:01 ----D---- C:\windows\system32\WinMetadata 2016-01-13 03:54:01 ----D---- C:\windows\system32\WinBioPlugIns 2016-01-13 03:54:01 ----D---- C:\windows\system32\SystemResetPlatform 2016-01-13 03:54:01 ----D---- C:\windows\system32\oobe 2016-01-13 03:54:01 ----D---- C:\windows\system32\nl-NL 2016-01-13 03:54:01 ----D---- C:\windows\system32\migration 2016-01-13 03:54:01 ----D---- C:\windows\system32\drivers\UMDF 2016-01-13 03:54:01 ----D---- C:\windows\system32\drivers\nl-NL 2016-01-13 03:54:01 ----D---- C:\windows\system32\CodeIntegrity 2016-01-13 03:54:01 ----D---- C:\windows\system32\Boot 2016-01-13 03:54:01 ----D---- C:\windows\system32\appraiser 2016-01-13 03:54:01 ----D---- C:\windows\Provisioning 2016-01-13 03:53:56 ----D---- C:\windows\AppPatch 2016-01-13 03:53:55 ----D---- C:\Program Files\Windows Journal 2016-01-13 03:53:55 ----D---- C:\Program Files\Internet Explorer 2016-01-13 03:53:55 ----D---- C:\Program Files (x86)\Internet Explorer 2016-01-13 03:53:42 ----D---- C:\windows\SystemResources 2016-01-13 03:53:42 ----D---- C:\windows\system32\Sysprep 2016-01-13 03:53:42 ----D---- C:\windows\servicing 2016-01-13 03:53:40 ----D---- C:\windows\Globalization 2016-01-13 03:53:38 ----D---- C:\Program Files\Common Files\microsoft shared 2016-01-13 03:50:19 ----D---- C:\windows\registration 2016-01-13 03:44:58 ----D---- C:\windows\system32\NDF 2016-01-12 16:06:20 ----D---- C:\windows\Panther 2016-01-12 16:03:35 ----D---- C:\windows\Logs 2016-01-12 15:24:56 ----D---- C:\Program Files (x86)\Windows Media Player 2016-01-12 15:19:11 ----SD---- C:\Users\rwest\AppData\Roaming\Microsoft 2016-01-10 14:04:46 ----D---- C:\windows\SoftwareDistribution 2015-12-28 14:46:27 ----D---- C:\Users\rwest\AppData\Roaming\Apple Computer 2015-12-26 19:59:04 ----D---- C:\windows\LiveKernelReports 2015-12-26 12:08:48 ----D---- C:\windows\system32\LogFiles 2015-12-26 11:33:00 ----D---- C:\ProgramData\Package Cache 2015-12-24 19:48:25 ----D---- C:\windows\SYSWOW64\LogFiles 2015-12-24 19:48:16 ----D---- C:\windows\system32\MsDtc 2015-12-24 19:48:16 ----D---- C:\windows\Hewlett-Packard 2015-12-24 19:48:16 ----D---- C:\Users\rwest\AppData\Roaming\HpUpdate 2015-12-24 19:23:11 ----D---- C:\Users\rwest\AppData\Roaming\Mozilla 2015-12-22 21:01:11 ----D---- C:\windows\SYSWOW64\RTCOM 2015-12-22 21:00:56 ----A---- C:\windows\system32\RtkCoLDR64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RtkCfg64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RtkApi64.dll 2015-12-22 21:00:56 ----A---- C:\windows\system32\RltkAPO64.dll 2015-12-22 20:44:44 ----D---- C:\windows\rescache 2015-12-22 20:40:45 ----D---- C:\windows\SYSWOW64\winrm 2015-12-22 20:40:45 ----D---- C:\windows\SYSWOW64\WCN 2015-12-22 20:40:45 ----D---- C:\windows\SYSWOW64\wbem 2015-12-22 20:40:45 ----D---- C:\windows\SYSWOW64\slmgr 2015-12-22 20:40:45 ----D---- C:\windows\SYSWOW64\Printing_Admin_Scripts 2015-12-22 20:40:45 ----D---- C:\windows\SYSWOW64\oobe 2015-12-22 20:40:43 ----SD---- C:\windows\SYSWOW64\DiagSvcs 2015-12-22 20:40:43 ----D---- C:\windows\SYSWOW64\en 2015-12-22 20:40:43 ----D---- C:\windows\SYSWOW64\drivers\UMDF 2015-12-22 20:40:43 ----D---- C:\windows\SYSWOW64\drivers\en-US 2015-12-22 20:40:43 ----D---- C:\windows\system32\winrm 2015-12-22 20:40:43 ----D---- C:\windows\system32\WCN 2015-12-22 20:40:43 ----D---- C:\windows\system32\slmgr 2015-12-22 20:40:43 ----D---- C:\windows\system32\Printing_Admin_Scripts 2015-12-22 20:40:43 ----D---- C:\windows\system32\migwiz 2015-12-22 20:40:43 ----D---- C:\windows\system32\en-US 2015-12-22 20:40:41 ----D---- C:\windows\system32\en-GB 2015-12-22 20:40:40 ----SD---- C:\windows\system32\DiagSvcs 2015-12-22 20:40:40 ----RD---- C:\windows\MiracastView 2015-12-22 20:40:40 ----RD---- C:\windows\ImmersiveControlPanel 2015-12-22 20:40:40 ----D---- C:\windows\system32\en 2015-12-22 20:40:40 ----D---- C:\windows\system32\drivers\en-US 2015-12-22 20:40:40 ----D---- C:\windows\PolicyDefinitions 2015-12-22 20:40:40 ----D---- C:\windows\IME 2015-12-22 20:40:40 ----D---- C:\windows\Help 2015-12-22 20:40:40 ----D---- C:\windows\en-US 2015-12-22 20:40:40 ----D---- C:\Program Files\Windows Photo Viewer 2015-12-22 20:40:40 ----D---- C:\Program Files\Windows Media Player 2015-12-22 20:40:40 ----D---- C:\Program Files\Windows Defender 2015-12-22 20:40:40 ----D---- C:\Program Files\Common Files\System 2015-12-22 20:40:40 ----D---- C:\Program Files (x86)\Windows Photo Viewer 2015-12-22 20:40:40 ----D---- C:\Program Files (x86)\Windows Defender 2015-12-20 18:49:25 ----RD---- C:\windows\assembly 2015-12-20 15:01:16 ----D---- C:\Program Files\Common Files\McAfee 2015-12-17 20:03:31 ----HD---- C:\windows\ELAMBKUP 2015-12-17 20:03:06 ----D---- C:\ProgramData\mcafee 2015-12-17 18:56:08 ----SD---- C:\ProgramData\Microsoft 2015-12-17 10:44:30 ----D---- C:\Program Files (x86)\McAfee 2015-12-16 16:22:57 ----D---- C:\Program Files (x86)\Google 2015-12-16 10:06:19 ----D---- C:\Program Files\Common Files 2015-12-16 09:37:52 ----D---- C:\windows\appcompat 2015-12-16 09:29:57 ----D---- C:\windows\system32\WDI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2015-11-12 1467912] R0 SmartDefragDriver;SmartDefragDriver; C:\windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184] R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\windows\system32\drivers\filecrypt.sys [2015-07-10 83968] R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\windows\System32\drivers\gpuenergydrv.sys [2015-07-10 8192] R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-12-22 26528] R1 NNSALPC;NNSALPC; C:\windows\system32\DRIVERS\NNSALPC.sys [2015-12-10 103856] R1 NNSHTTP;NNSHTTP; C:\windows\system32\DRIVERS\NNSHTTP.sys [2015-12-10 210864] R1 NNSHTTPS;NNSHTTPS; C:\windows\system32\DRIVERS\NNSHTTPS.sys [2015-12-10 120240] R1 NNSIDS;NNSIDS; C:\windows\system32\DRIVERS\NNSIDS.sys [2015-12-10 120240] R1 NNSNAHSL;@oem140.inf,%NNSNAHSL_Desc%;Network Activity Hook Server LightWeight Filter Driver; C:\windows\system32\DRIVERS\NNSNAHSL.sys [2015-06-19 58616] R1 NNSPICC;NNSPICC; C:\windows\system32\DRIVERS\NNSPICC.sys [2015-12-10 112560] R1 NNSPIHSW;NNSPIHSW; C:\windows\system32\DRIVERS\NNSPIHSW.sys [2015-12-10 87984] R1 NNSPOP3;NNSPOP3; C:\windows\system32\DRIVERS\NNSPOP3.sys [2015-12-10 133552] R1 NNSPROT;NNSPROT; C:\windows\system32\DRIVERS\NNSPROT.sys [2015-12-10 309680] R1 NNSPRV;NNSPRV; C:\windows\system32\DRIVERS\NNSPRV.sys [2015-12-10 179632] R1 NNSSMTP;NNSSMTP; C:\windows\system32\DRIVERS\NNSSMTP.sys [2015-12-10 122800] R1 NNSSTRM;NNSSTRM; C:\windows\system32\DRIVERS\NNSSTRM.sys [2015-12-10 267184] R1 NNSTLSC;NNSTLSC; C:\windows\system32\DRIVERS\NNSTLSC.sys [2015-12-10 115632] R1 PSINKNC;PSINKNC; C:\windows\system32\DRIVERS\PSINKNC.sys [2015-12-10 207280] R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\windows\system32\drivers\mmcss.sys [2015-07-10 48128] R2 PSINAflt;PSINAflt; C:\windows\system32\DRIVERS\PSINAflt.sys [2015-12-10 173488] R2 PSINFile;PSINFile; C:\windows\system32\DRIVERS\PSINFile.sys [2015-12-10 129456] R2 PSINProc;PSINProc; C:\windows\system32\DRIVERS\PSINProc.sys [2015-12-10 133552] R2 PSINProt;PSINProt; C:\windows\system32\DRIVERS\PSINProt.sys [2015-12-10 146352] R2 PSINReg;PSINReg; C:\windows\system32\DRIVERS\PSINReg.sys [2015-12-10 117168] R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\windows\system32\drivers\storqosflt.sys [2015-07-10 61952] R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2015-07-27 6389688] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2015-12-22 4592384] R3 MEIx64;@oem107.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\TeeDriverW8x64.sys [2015-10-08 185600] R3 panda_url_filteringd;panda_url_filteringd driver; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [2014-03-19 51288] R3 PSI;PSI; C:\windows\system32\DRIVERS\psi_mf_amd64.sys [2015-12-01 18456] R3 rt640x64;@oem122.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\windows\System32\drivers\rt640x64.sys [2015-12-22 935168] R3 RTWlanE;@oem100.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2016-01-13 4620504] R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-01-13 33960] R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Stuurprogramma voor seriële digitale fotocamera; C:\windows\system32\DRIVERS\serscan.sys [2015-07-10 12800] S0 LSI_SAS2i;LSI_SAS2i; C:\windows\System32\drivers\lsi_sas2i.sys [2015-07-10 104800] S0 LSI_SAS3i;LSI_SAS3i; C:\windows\System32\drivers\lsi_sas3i.sys [2015-07-10 99168] S0 percsas2i;percsas2i; C:\windows\System32\drivers\percsas2i.sys [2015-07-10 58208] S0 percsas3i;percsas3i; C:\windows\System32\drivers\percsas3i.sys [2015-07-10 58720] S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\windows\System32\drivers\storufs.sys [2015-07-10 40288] S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\windows\System32\drivers\buttonconverter.sys [2015-07-10 32256] S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\windows\System32\drivers\capimg.sys [2015-07-10 116736] S3 fcvsc;fcvsc; C:\windows\System32\drivers\fcvsc.sys [2015-07-10 31232] S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\windows\System32\drivers\genericusbfn.sys [2015-07-10 20992] S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\windows\System32\drivers\hidinterrupt.sys [2015-07-10 50016] S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\windows\System32\drivers\ibbus.sys [2015-07-10 424800] S3 IntcDAud;@oem119.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2015-12-22 475384] S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\windows\system32\drivers\ioqos.sys [2015-07-10 26624] S3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-10-05 25816] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2015-12-27 192216] S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-10-05 64216] S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\windows\System32\drivers\mlx4_bus.sys [2015-07-10 705376] S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\windows\System32\drivers\ndfltr.sys [2015-07-10 76128] S3 PSKMAD;PSKMAD; C:\windows\System32\DRIVERS\PSKMAD.sys [2015-06-16 62080] S3 ReFSv1;ReFSv1; C:\windows\system32\drivers\ReFSv1.sys [2015-09-10 934752] S3 RTSUER;@oem120.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\windows\system32\Drivers\RtsUer.sys [2015-12-22 407768] S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\windows\System32\Drivers\UcmCx.sys [2015-07-10 61952] S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\windows\System32\drivers\UcmUcsi.sys [2015-09-10 46080] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2015-11-04 827680] R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2015-07-10 39856] R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 77104] R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\windows\system32\svchost.exe [2015-07-10 39856] R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\windows\System32\svchost.exe [2015-07-10 39856] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-11-04 19440] R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2015-07-27 350312] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-16 207648] R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-10-09 2934048] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-16 415520] R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-12-07 142072] R2 OneSyncSvc_Session2;Host synchroniseren_Session2; C:\windows\system32\svchost.exe [2015-07-10 39856] R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2015-11-30 72952] R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-12-07 38136] R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-15 389896] R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2015-12-01 1572056] R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2015-12-01 839384] R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\windows\system32\svchost.exe [2015-07-10 39856] R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472] R3 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-09-28 25800] R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872] R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\windows\System32\svchost.exe [2015-07-10 39856] R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\windows\System32\svchost.exe [2015-07-10 39856] R3 panda_url_filtering;panda_url_filtering Service; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [2015-11-06 287752] R3 PimIndexMaintenanceSvc_Session2;Contact Data_Session2; C:\windows\system32\svchost.exe [2015-07-10 39856] R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\windows\system32\svchost.exe [2015-07-10 39856] S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\windows\system32\svchost.exe [2015-07-10 39856] S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\windows\system32\svchost.exe [2015-07-10 39856] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-15 144200] S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680] S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\windows\System32\svchost.exe [2015-07-10 39856] S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\windows\system32\svchost.exe [2015-07-10 39856] S2 OneSyncSvc_Session3;Host synchroniseren_Session3; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-07-10 50352] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2015-07-10 39856] S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\windows\System32\svchost.exe [2015-07-10 39856] S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2015-07-27 282216] S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\windows\System32\svchost.exe [2015-07-10 39856] S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136] S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\windows\System32\svchost.exe [2015-07-10 39856] S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\windows\System32\svchost.exe [2015-07-10 39856] S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-15 144200] S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-09 644880] S3 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784] S3 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-13 146888] S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\windows\system32\lsass.exe [2015-07-10 56344] S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 PimIndexMaintenanceSvc_Session3;Contact Data_Session3; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\windows\System32\svchost.exe [2015-07-10 39856] S3 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-12-22 307456] S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\windows\System32\SensorDataService.exe [2015-09-10 1031680] S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\windows\system32\svchost.exe [2015-07-10 39856] S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\windows\system32\svchost.exe [2015-07-10 39856] -----------------EOF-----------------