Logfile of random's system information tool 1.10 (written by random/random)
Run by Gebruiker at 2016-03-23 20:20:33
WIN_VISTA Service Pack 2
System drive C: has 82 GB (66%) free of 125 GB
Total RAM: 2038 MB (70% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"SystemClose"=D:\Documents\systemfile.exe []
"rec_be_192"=C:\Program Files\rec_be_192\rec_be_192.exe []
"rec_be_184"=C:\Program Files\rec_be_184\rec_be_184.exe []
"MTview"=C:\Program Files\MTV20160128\MTView.exe -mini []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-29 981688]
"mbot_be_014010212"=C:\Program Files\mbot_be_014010212\mbot_be_014010212.exe []
"LightGate"=C:\ProgramData\LightGate.exe [2015-12-04 1081344]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 1821576]
"HomePageHelper"=C:\ProgramData\HomePage.exe [2015-11-25 1100288]
"gmsd_be_005010235"=C:\Program Files\gmsd_be_005010235\gmsd_be_005010235.exe [2016-02-11 3956912]
"cessrs.exe -start"=C:\Users\Gebruiker\AppData\Roaming\UPUpdata\cessrs.exe [2016-02-29 155648]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe [2016-03-07 2094080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-07-17 6453528]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"msiql"=C:\ProgramData\msiql.exe [2016-01-26 2415616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-23 20:20:33 ----D---- C:\rsit
2016-03-23 20:20:33 ----D---- C:\Program Files\trend micro
2016-03-22 15:54:12 ----D---- C:\Users\Gebruiker\AppData\Roaming\LightGate
2016-03-22 15:51:57 ----A---- C:\Windows\system32\drivers\yk60x86.sys
2016-03-22 15:51:04 ----A---- C:\Windows\system32\NETw4r32.dll
2016-03-22 15:51:04 ----A---- C:\Windows\system32\NETw4c32.dll
2016-03-22 15:51:04 ----A---- C:\Windows\system32\drivers\NETw4v32.sys
2016-03-22 15:47:10 ----D---- C:\Program Files\DIFX
2016-03-22 15:46:54 ----D---- C:\Windows\ITECIR
2016-03-22 15:46:54 ----A---- C:\Windows\system32\drivers\itecir.sys
2016-03-22 15:46:54 ----A---- C:\Windows\system32\CIRCoInst.dll
2016-03-22 15:46:53 ----HD---- C:\Program Files\InstallShield Installation Information
2016-03-22 15:46:51 ----D---- C:\Users\Gebruiker\AppData\Roaming\InstallShield
2016-03-22 15:46:44 ----D---- C:\drivers
2016-03-14 21:05:43 ----A---- C:\ProgramData\xcgui_debug.txt
2016-03-14 20:33:20 ----ASH---- C:\hiberfil.sys
2016-03-14 20:20:28 ----A---- C:\Windows\ntbtlog.txt
2016-03-07 19:36:45 ----D---- C:\Program Files\CleanBrowser
2016-03-07 19:08:37 ----D---- C:\Windows\TempF09BDC3E-50C7-AC96-20B1-8B5608ECCA61-Signatures
2016-03-07 19:08:31 ----A---- C:\Windows\system32\drivers\{e764433c-1dc3-4660-8ad4-19c7ae7282fc}Gt.sys
2016-03-07 19:04:27 ----D---- C:\Users\Gebruiker\AppData\Roaming\talimama
2016-02-29 20:47:25 ----A---- C:\Users\Gebruiker\AppData\Roaming\GiftBag.db
2016-02-29 20:45:34 ----D---- C:\ProgramData\TXQMPC
2016-02-29 20:44:40 ----D---- C:\Program Files\Common Files\Tencent
2016-02-29 20:39:23 ----D---- C:\Program Files\Tencent
2016-02-29 20:39:05 ----D---- C:\Users\Gebruiker\AppData\Roaming\Tencent
2016-02-29 20:39:01 ----D---- C:\ProgramData\Tencent
2016-02-29 20:38:55 ----A---- C:\ProgramData\MTViewbuildmtview_316.exe
2016-02-29 20:38:37 ----RA---- C:\Yeabeats Browser.lnk
2016-02-29 20:37:50 ----A---- C:\ProgramData\HomePage.exe
2016-02-29 20:37:06 ----A---- C:\ProgramData\LightGate.exe
2016-02-29 20:36:48 ----A---- C:\ProgramData\msiql.exe
2016-02-29 20:36:25 ----D---- C:\Program Files\MTV20160128
2016-02-29 20:36:18 ----A---- C:\ProgramData\service.exe
2016-02-29 20:35:07 ----D---- C:\Users\Gebruiker\AppData\Roaming\UPUpdata
2016-02-29 20:11:32 ----D---- C:\ProgramData\Hayzumflexs
2016-02-29 20:10:43 ----A---- C:\Users\Gebruiker\AppData\Roaming\noah.dat
2016-02-29 20:10:43 ----A---- C:\Users\Gebruiker\AppData\Roaming\Main.dat
2016-02-29 20:10:41 ----A---- C:\Users\Gebruiker\AppData\Roaming\agent.dat
2016-02-29 20:10:39 ----A---- C:\Users\Gebruiker\AppData\Roaming\Uni-Lab.exe
2016-02-29 20:10:32 ----D---- C:\ProgramData\CloudPrinter
2016-02-29 20:10:31 ----A---- C:\Users\Gebruiker\AppData\Roaming\lobby.dat
2016-02-29 20:10:31 ----A---- C:\Users\Gebruiker\AppData\Roaming\ApplicationHosting.dat
2016-02-29 20:10:28 ----A---- C:\Users\Gebruiker\AppData\Roaming\SilTom.exe
2016-02-29 20:04:59 ----A---- C:\Windows\system32\drivers\{4bf99d86-1f37-4311-a79d-5136408f4421}Gt.sys

======List of files/folders modified in the last 1 month======

2016-03-23 20:20:33 ----RD---- C:\Program Files
2016-03-23 20:20:29 ----D---- C:\Windows\Temp
2016-03-23 20:18:15 ----D---- C:\Users\Gebruiker\AppData\Roaming\uTorrent
2016-03-22 15:58:54 ----D---- C:\Windows
2016-03-22 15:52:12 ----D---- C:\Windows\system32\drivers
2016-03-22 15:52:07 ----D---- C:\Windows\system32\catroot
2016-03-22 15:52:07 ----D---- C:\Windows\inf
2016-03-22 15:51:22 ----D---- C:\Windows\System32
2016-03-14 21:05:43 ----HD---- C:\ProgramData
2016-03-14 20:42:37 ----SD---- C:\Users\Gebruiker\AppData\Roaming\Microsoft
2016-03-14 20:42:36 ----SD---- C:\ProgramData\Microsoft
2016-03-12 00:43:34 ----D---- C:\Users\Gebruiker\AppData\Roaming\BitTorrent
2016-03-12 00:43:06 ----D---- C:\Windows\SoftwareDistribution
2016-03-11 22:31:11 ----D---- C:\Users\Gebruiker\AppData\Roaming\vlc
2016-03-11 22:15:45 ----D---- C:\Program Files\Sharp Angle
2016-03-07 22:39:05 ----A---- C:\Windows\win.ini
2016-03-07 21:01:30 ----D---- C:\Program Files\60602E55-1455229961-A324-B79C-4E45435F4349
2016-03-07 20:36:54 ----D---- C:\Windows\Prefetch
2016-03-07 19:41:41 ----SHD---- C:\System Volume Information
2016-03-07 19:17:00 ----SHD---- C:\Windows\Installer
2016-03-07 19:04:27 ----D---- C:\Program Files\rec_be_192
2016-03-07 19:03:41 ----D---- C:\Program Files\rec_be_184
2016-02-29 20:52:25 ----D---- C:\Windows\system32\Tasks
2016-02-29 20:47:44 ----D---- C:\Program Files\mbot_be_014010212
2016-02-29 20:44:52 ----RSD---- C:\Windows\Fonts
2016-02-29 20:44:40 ----D---- C:\Program Files\Common Files
2016-02-29 20:39:33 ----D---- C:\Windows\winsxs
2016-02-29 20:20:57 ----D---- C:\Windows\Tasks
2016-02-29 20:20:52 ----D---- C:\Program Files\RCP
2016-02-29 20:20:50 ----D---- C:\Users\Gebruiker\AppData\Roaming\systweak

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 354840]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 245096]
R1 {117feb5f-3af6-434f-bdc0-9568483a3ec2}Gt;{117feb5f-3af6-434f-bdc0-9568483a3ec2}Gt; C:\Windows\system32\drivers\{117feb5f-3af6-434f-bdc0-9568483a3ec2}Gt.sys [2016-02-16 55824]
R1 {3ddc039a-2c4d-47e1-99a5-3a33888ac872}Gt;{3ddc039a-2c4d-47e1-99a5-3a33888ac872}Gt; C:\Windows\system32\drivers\{3ddc039a-2c4d-47e1-99a5-3a33888ac872}Gt.sys [2016-02-22 55824]
R1 {4bf99d86-1f37-4311-a79d-5136408f4421}Gt;{4bf99d86-1f37-4311-a79d-5136408f4421}Gt; C:\Windows\system32\drivers\{4bf99d86-1f37-4311-a79d-5136408f4421}Gt.sys [2016-02-29 55824]
R1 {e764433c-1dc3-4660-8ad4-19c7ae7282fc}Gt;{e764433c-1dc3-4660-8ad4-19c7ae7282fc}Gt; C:\Windows\system32\drivers\{e764433c-1dc3-4660-8ad4-19c7ae7282fc}Gt.sys [2016-03-07 55824]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-09-07 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-09-15 44544]
R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdptsk.sys [2009-09-23 46592]
R3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
R3 NETw4v32;Stuurprogramma voor Intel(R) Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-05-20 10533152]
R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-10-23 285184]
S0 MPCBase;MPCBase; C:\Windows\System32\drivers\MPCBase.sys []
S1 MPCKpt;MPCKpt; C:\Windows\system32\DRIVERS\MPCKpt.sys []
S1 QMUdisk;tencent QMUdisk; \??\C:\Program Files\Tencent\QQPCMgr\11.3.17201.218\QMUdisk.sys []
S1 softaal;softaal; \??\C:\Program Files\Tencent\QQPCMgr\11.3.17201.218\softaal.sys []
S2 tsnethlp;TsNetHlp.sys; \??\C:\Program Files\Tencent\QQPCMgr\11.3.17201.218\TsNetHlp.sys []
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 NETwLv32;    Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETwLv32.sys [2010-10-07 6639616]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32.sys [2011-08-01 40936]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 22216]
S2 wucotusy;Free Space Decimal Point; C:\Program Files\60602E55-1455229961-A324-B79C-4E45435F4349\hnshF115.tmp []
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S4 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S4 ggbugreport;ggbugreport; C:\Program Files\SearchesToYesbnd\bugreport.exe [2016-02-05 1588408]
S4 GoogleChromeUpService;GoogleChromeUpService; C:\ProgramData\service.exe [2016-02-29 1734656]
S4 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S4 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03 144200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 668104]
S4 quxizobyzbt;Ring Topology Stop; C:\Program Files\60602E55-1455229961-A324-B79C-4E45435F4349\knsu5240.tmp [2016-02-16 184320]
S4 Update Sharp Angle;Update Sharp Angle; C:\Program Files\Sharp Angle\updateSharpAngle.exe [2016-03-07 656112]
S4 Util Sharp Angle;Util Sharp Angle; C:\Program Files\Sharp Angle\bin\utilSharpAngle.exe [2016-03-07 656112]
S4 Winsere;Winsere; C:\Program Files\Winsere\Winsere\Winsere.exe [2016-02-03 302776]
S4 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 zutuzuni;Replicate Exit; C:\Program Files\60602E55-1455229961-A324-B79C-4E45435F4349\jnsxD95F.tmp [2016-02-11 307712]

-----------------EOF-----------------