Logfile of random's system information tool 1.10 (written by random/random) Run by Charlie at 2016-08-04 17:17:49 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 218 GB (30%) free of 715 GB Total RAM: 16361 MB (92% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:17:50, on 4/08/2016 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Charlie.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp-006&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-006 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-006 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local; R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll O2 - BHO: DownloadHelper Class - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {444785F1-DE89-4295-863A-D46C3A781394} - http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9441 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\Explorer.EXE ctfmon.exe C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1196 CREDAT:996392 /prefetch:2 C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1196 CREDAT:996461 /prefetch:2 "C:\Users\Charlie\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =========Mozilla firefox========= ProfilePath - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\s9eofe9f.default prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006" prefs.js - "keyword.URL" - "https://www.google.com/search?trackid=sp-006" "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 22.0.0.209 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1223183.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.9\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@otee.dk/UnityWebPlayer] "Description"=Unity Web Player "Path"=C:\Program Files (x86)\OverTheEdge\Unity\WebPlayer\loader\npUnityWeb32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 22.0.0.209 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\s9eofe9f.default\searchplugins\ avg-secure-search.xml google-avast.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-29 952952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF2573AE-E1ED-40e1-83BA-F544CB2EE135}] DownloadHelper Class - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelperx64.dll [2012-12-11 945800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22 857792] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22 462400] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-29 716632] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22 173120] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF2573AE-E1ED-40e1-83BA-F544CB2EE135}] DownloadHelper Class - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll [2012-12-11 657544] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22 755392] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-30 2328360] "THXCfg64"=C:\Windows\system32\THXCfg64.dll [2010-09-14 25600] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-30 11663464] "Cm106Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "EnableAero"=winsat formal -xml log.xml [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2011-03-13 1475584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe --startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2016-11-01 7943072] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2014-04-30 113288] "THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2010-11-01 1374720] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-03 9071752] "PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-08-02 71440] "Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-08-02 58640] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-19 336384] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SoftwareSASGeneration"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2016-11-03 18:50:34 ----D---- C:\Users\Charlie\AppData\Roaming\PlaysTV 2016-11-03 18:49:28 ----D---- C:\Program Files (x86)\Raptr Inc 2016-11-03 18:43:12 ----A---- C:\Windows\system32\aswBoot.exe 2016-11-03 18:42:58 ----A---- C:\Windows\avastSS.scr 2016-11-01 15:45:21 ----D---- C:\Program Files (x86)\Unigine 2016-11-01 15:43:43 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll 2016-11-01 15:43:43 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll 2016-11-01 15:43:43 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll 2016-11-01 15:43:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll 2016-11-01 15:43:43 ----A---- C:\Windows\system32\XAudio2_7.dll 2016-11-01 15:43:43 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2016-11-01 15:43:43 ----A---- C:\Windows\system32\xactengine3_7.dll 2016-11-01 15:43:43 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2016-11-01 15:43:42 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll 2016-11-01 15:43:42 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll 2016-11-01 15:43:42 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll 2016-11-01 15:43:42 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll 2016-11-01 15:43:42 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll 2016-11-01 15:43:42 ----A---- C:\Windows\system32\D3DX9_43.dll 2016-11-01 15:43:42 ----A---- C:\Windows\system32\d3dx9_31.dll 2016-11-01 15:43:42 ----A---- C:\Windows\system32\d3dx11_43.dll 2016-11-01 15:43:42 ----A---- C:\Windows\system32\d3dx10_43.dll 2016-11-01 15:43:42 ----A---- C:\Windows\system32\d3dcsx_43.dll 2016-11-01 15:43:40 ----D---- C:\Program Files (x86)\Futuremark 2016-11-01 15:42:02 ----D---- C:\Program Files\Futuremark 2016-11-01 15:36:44 ----D---- C:\Program Files (x86)\Geeks3D 2016-08-04 17:13:50 ----D---- C:\rsit 2016-08-04 17:13:50 ----D---- C:\Program Files\trend micro 2016-08-03 19:24:24 ----D---- C:\Program Files (x86)\AMD APP 2016-08-03 19:23:48 ----D---- C:\Windows\LastGood.Tmp 2016-08-03 19:23:36 ----D---- C:\Program Files (x86)\ATI Technologies 2016-08-03 19:23:27 ----D---- C:\Program Files\ATI 2016-08-03 19:22:40 ----D---- C:\Program Files\ATI Technologies 2016-08-03 19:15:41 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll 2016-08-03 19:15:41 ----A---- C:\Windows\SYSWOW64\atiumdva.dll 2016-08-03 19:15:41 ----A---- C:\Windows\SYSWOW64\atiumdmv.dll 2016-08-03 19:15:41 ----A---- C:\Windows\SYSWOW64\atiumdag.dll 2016-08-03 19:15:41 ----A---- C:\Windows\system32\drivers\AtihdW76.sys 2016-08-03 19:15:41 ----A---- C:\Windows\system32\coinst.dll 2016-08-03 19:15:41 ----A---- C:\Windows\system32\atiuxp64.dll 2016-08-03 19:15:41 ----A---- C:\Windows\system32\atiumd6v.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\atipdlxx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\atipblag.dat 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\atioglxx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\atimpc32.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\atigktxx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\atidxx32.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\aticfx32.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\aticalrt.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\aticaldd.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\aticalcl.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\drivers\atikmpag.sys 2016-08-03 19:15:40 ----A---- C:\Windows\system32\drivers\atikmdag.sys 2016-08-03 19:15:40 ----A---- C:\Windows\system32\drivers\ati2erec.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atiumd6a.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atiumd64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atiu9p64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atitmm64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atipdl64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atipblag.dat 2016-08-03 19:15:40 ----A---- C:\Windows\system32\ATIODE.exe 2016-08-03 19:15:40 ----A---- C:\Windows\system32\ATIODCLI.exe 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atio6axx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atimuixx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atimpc64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atiicdxx.dat 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atiglpxx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atig6txx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atig6pxx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atiesrxx.exe 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atiedu64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atieclxx.exe 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atidxx64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\ATIDEMGX.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\aticfx64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\aticalrt64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\aticaldd64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\aticalcl64.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atibtmon.exe 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atiapfxx.exe 2016-08-03 19:15:40 ----A---- C:\Windows\system32\atiadlxx.dll 2016-08-03 19:15:40 ----A---- C:\Windows\system32\amdpcom64.dll 2016-08-03 18:27:08 ----D---- C:\Users\Charlie\AppData\Roaming\ATI 2016-08-03 18:20:49 ----D---- C:\AMD ======List of files/folders modified in the last 1 month====== 2016-11-03 18:53:58 ----D---- C:\Windows\system32\Tasks 2016-11-03 18:50:09 ----D---- C:\Program Files (x86)\Raptr 2016-11-03 18:43:23 ----D---- C:\Windows\winsxs 2016-11-03 17:47:26 ----D---- C:\Windows\system32\catroot2 2016-11-01 15:52:33 ----D---- C:\Program Files\SUPERAntiSpyware 2016-11-01 15:43:41 ----D---- C:\Windows\Logs 2016-11-01 15:43:40 ----D---- C:\ProgramData\Package Cache 2016-08-04 17:14:58 ----D---- C:\Windows\System32 2016-08-04 17:14:58 ----D---- C:\Windows\inf 2016-08-04 17:14:58 ----A---- C:\Windows\system32\PerfStringBackup.INI 2016-08-04 17:13:50 ----RD---- C:\Program Files 2016-08-04 17:11:53 ----A---- C:\Windows\ntbtlog.txt 2016-08-03 19:25:09 ----D---- C:\Windows 2016-08-03 19:24:41 ----D---- C:\Windows\system32\catroot 2016-08-03 19:24:40 ----A---- C:\Windows\SYSWOW64\log.txt 2016-08-03 19:24:25 ----SHD---- C:\Windows\Installer 2016-08-03 19:24:25 ----D---- C:\Windows\SysWOW64 2016-08-03 19:24:24 ----RD---- C:\Program Files (x86) 2016-08-03 19:23:57 ----D---- C:\Windows\Temp 2016-08-03 19:23:55 ----D---- C:\Windows\system32\drivers 2016-08-03 19:23:54 ----D---- C:\Windows\system32\DriverStore 2016-08-03 19:21:59 ----D---- C:\Users\Charlie\AppData\Roaming\Raptr 2016-08-03 19:18:08 ----D---- C:\Program Files\Common Files 2016-08-03 19:18:08 ----D---- C:\Program Files (x86)\Common Files 2016-08-03 19:17:54 ----D---- C:\Windows\Microsoft.NET 2016-08-03 19:17:52 ----HD---- C:\ProgramData 2016-08-03 18:12:52 ----SHD---- C:\System Volume Information 2016-07-30 19:24:47 ----D---- C:\Users\Charlie\AppData\Roaming\vlc 2016-07-25 20:35:36 ----D---- C:\Windows\system32\config 2016-07-16 23:49:08 ----D---- C:\Windows\Prefetch 2016-07-14 21:54:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2016-07-14 19:03:32 ----D---- C:\Program Files (x86)\Internet Explorer 2016-07-12 18:54:05 ----D---- C:\Windows\system32\Macromed 2016-07-12 18:54:04 ----D---- C:\Windows\SYSWOW64\Macromed ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-03-13 213888] R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-11-03 37144] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-11-03 103064] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2011-03-13 514560] R1 PSSDK42;PSSDK42; \??\C:\Windows\system32\Drivers\pssdk42.sys [2015-08-26 53312] R1 PSSDKLBF;PSSDKLBF; \??\C:\Windows\system32\Drivers\pssdklbf.sys [2015-08-26 65600] R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2014-04-30 132624] R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2014-04-30 56344] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2014-04-30 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2014-04-30 181248] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-30 1393200] S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-11-03 74544] S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-11-03 292704] S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-11-03 968536] S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-11-03 513496] S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-11-03 37656] S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-11-03 108816] S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-11-03 163416] S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [] S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-19 9319936] S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-19 306176] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-16 115216] S3 dmvsc;dmvsc; C:\Windows\system32\DRIVERS\dmvsc.sys [2011-03-13 71168] S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-04-19 22704] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-30 2657000] S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2011-03-13 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2011-03-13 20992] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2011-03-13 6656] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2011-03-13 109056] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2011-03-13 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2011-03-13 88960] S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\DRIVERS\terminpt.sys [2011-03-13 34816] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2011-03-13 59392] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\DRIVERS\TsUsbGD.sys [2011-03-13 31232] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2011-03-13 117248] S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM10664.sys [2009-10-20 1307648] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2011-03-13 199552] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2011-03-13 21760] S3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUSB.sys [2011-03-13 41984] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344] S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128] S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-19 203776] S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744] S2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-11-03 197640] S2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856] S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-05-02 164864] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592] S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-04-30 325656] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 PlaysService;Plays.tv Update Service; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-08-02 32528] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 PowerBiosServer;PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2011-02-15 33792] S2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-05-12 7032080] S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-04-30 2656280] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14 270016] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-04-30 1045256] S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2014-01-29 520416] S3 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-29 111616] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-20 146888] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-30 1255736] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] -----------------EOF-----------------