Logfile of random's system information tool 1.10 (written by random/random) Run by Esha at 2016-10-19 23:22:50 Microsoft Windows 8.1 System drive C: has 308 GB (75%) free of 413 GB Total RAM: 3986 MB (35% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:22:52, on 19-10-2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17037) Boot mode: Normal Running processes: C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Esha\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\Esha.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: 0.0.0.1 mssplus.mcafee.com O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] c:\program files (x86)\common files\wondershare\wondershare helper compact\wshelper.exe O4 - HKCU\..\Run: [Skype] "c:\program files (x86)\skype\phone\skype.exe" /minimized /regrun O4 - HKCU\..\Run: [uTorrent] "c:\users\esha\appdata\roaming\utorrent\utorrent.exe" /minimized O4 - HKCU\..\Run: [GoogleDriveSync] "c:\program files (x86)\google\drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [AppLauncher] c:\program files (x86)\medion mediapack 3\ashampoo applauncher (medion)\applauncher.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} (Camera Stream Client Control Object) - https://192.168.0.118/camclictrl.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing) O23 - Service: Intel(R) Biometric and Context Agent Service (IntelBCAsvc) - Intel(R) Corporation - C:\Program Files\Intel\BCA\pabeSvc64.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: WinZipSmartMonitorService - Unknown owner - C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitorService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10092 bytes ======Scheduled tasks folder====== C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns C:\Windows\tasks\ParetoLogic Update Version3.job - C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe C:\Windows\tasks\PC Health Advisor Defrag.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -defrag C:\Windows\tasks\PC Health Advisor.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -scan C:\Windows\tasks\Start WinZip Driver Updater for Erika@Esha(logon).job - C:\Program Files\WinZip Driver Updater\DriverUpdater.exe StartAndScan C:\Windows\tasks\WinThruster64-Esha-Notification.job - C:\Program Files\Solvusoft\WinThruster\Sync.exe C:\Windows\tasks\WinThruster64-Esha-Startup.job - C:\Program Files\Solvusoft\WinThruster\WinThruster64.exe /delay 180 =========Mozilla firefox========= ProfilePath - C:\Users\Esha\AppData\Roaming\Mozilla\Firefox\Profiles\7ewxgb3v.default prefs.js - "browser.startup.homepage" - "about:home|about:preferences" "belgiumeid@eid.belgium.be"=C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0] "Description"=Microsoft Lync Plug-in for Firefox "Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll npMeetingJoinPluginOC.dll nppdf32.dll WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}] True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12 163016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 1741104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Wondershare Helper Compact.exe"=c:\program files (x86)\common files\wondershare\wondershare helper compact\wshelper.exe [2016-06-20 2131344] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=c:\program files (x86)\skype\phone\skype.exe [2015-03-25 31682144] "uTorrent"=c:\users\esha\appdata\roaming\utorrent\utorrent.exe [2016-05-15 2133504] "GoogleDriveSync"=c:\program files (x86)\google\drive\googledrivesync.exe [2016-07-29 23375200] "AppLauncher"=c:\program files (x86)\medion mediapack 3\ashampoo applauncher (medion)\applauncher.exe [2012-08-10 969656] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.yuy2"=msyuv.dll "vidc.i420"=iyuv_32.dll "vidc.cvid"=iccvid.dll "vidc.yvyu"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "vidc.uyvy"=msyuv.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2016-10-19 23:22:50 ----D---- C:\Program Files (x86)\trend micro 2016-10-19 23:20:51 ----D---- C:\rsit 2016-10-18 16:52:19 ----D---- C:\ProgramData\WinZip 2016-10-18 14:51:34 ----A---- C:\0.bak 2016-10-18 14:07:01 ----D---- C:\backup 2016-10-18 13:58:23 ----D---- C:\Users\Esha\AppData\Roaming\ParetoLogic 2016-10-18 13:58:23 ----D---- C:\Users\Esha\AppData\Roaming\DriverCure 2016-10-18 13:58:06 ----D---- C:\Program Files (x86)\Common Files\ParetoLogic 2016-10-18 13:57:57 ----D---- C:\Program Files (x86)\ParetoLogic 2016-10-18 13:57:56 ----D---- C:\ProgramData\ParetoLogic 2016-10-18 12:25:52 ----D---- C:\Windows\SysWOW64\sda 2016-10-18 12:23:43 ----A---- C:\Windows\SysWOW64\RtsUVStoricon.dll 2016-10-17 10:48:36 ----D---- C:\Users\Esha\AppData\Roaming\D-Link 2016-10-16 18:04:18 ----D---- C:\Program Files (x86)\Medion MediaPack 3 2016-10-16 12:22:56 ----D---- C:\Users\Esha\AppData\Roaming\IsolatedStorage 2016-10-16 12:22:56 ----D---- C:\ProgramData\IsolatedStorage 2016-10-16 11:45:47 ----D---- C:\Users\Esha\AppData\Roaming\Solvusoft 2016-10-16 11:44:48 ----D---- C:\Program Files (x86)\Solvusoft 2016-10-16 11:43:39 ----HD---- C:\ProgramData\{B96EB44A-7860-4F13-BC9A-0A73CA5F11C2} 2016-10-16 11:43:39 ----D---- C:\ProgramData\Solvusoft 2016-10-14 16:39:34 ----D---- C:\Program Files (x86)\CardRecovery ======List of files/folders modified in the last 1 month====== 2016-10-19 23:22:50 ----RD---- C:\Program Files (x86) 2016-10-19 23:22:41 ----D---- C:\Windows\Temp 2016-10-19 23:21:07 ----D---- C:\Windows\Prefetch 2016-10-19 23:20:51 ----D---- C:\Program Files 2016-10-19 17:07:13 ----D---- C:\Windows\Microsoft.NET 2016-10-19 12:43:57 ----D---- C:\Windows\System32 2016-10-19 12:43:55 ----D---- C:\Windows\Inf 2016-10-18 17:01:11 ----D---- C:\Windows\Tasks 2016-10-18 16:52:19 ----HD---- C:\ProgramData 2016-10-18 16:09:42 ----D---- C:\Windows\SoftwareDistribution 2016-10-18 15:21:02 ----D---- C:\Windows 2016-10-18 15:21:00 ----SHD---- C:\Config.Msi 2016-10-18 14:53:52 ----D---- C:\Users\Esha\AppData\Roaming\Macromedia 2016-10-18 13:58:06 ----D---- C:\Program Files (x86)\Common Files 2016-10-18 12:49:02 ----SHD---- C:\Windows\Installer 2016-10-18 12:25:52 ----D---- C:\Windows\SysWOW64 2016-10-18 12:24:32 ----SHD---- C:\System Volume Information 2016-10-18 12:23:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2016-10-18 12:23:42 ----D---- C:\Program Files (x86)\REALTEK 2016-10-16 12:19:59 ----D---- C:\Spacekace 2016-10-16 11:16:54 ----D---- C:\Program Files (x86)\Wondershare 2016-10-14 16:22:22 ----D---- C:\Windows\AppReadiness 2016-10-05 11:54:31 ----D---- C:\Program Files (x86)\Opera 2016-10-01 21:07:15 ----D---- C:\Program Files (x86)\Google ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\SysWOW64\drivers\Wof.sys [] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\Windows\system32\DRIVERS\BthEnum.sys [] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\Windows\system32\DRIVERS\BthLEEnum.sys [] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [] R3 cpuz138;cpuz138; \??\C:\Users\Esha\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [2016-10-19 27320] R3 ew_usbccgpfilter;@oem21.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [] R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [] R3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Stuurprogramma van Microsoft voor geheugenmodule; C:\Windows\system32\DRIVERS\pnpmem.sys [] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [] R3 RSUSBVSTOR;@oem38.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [] R3 RtkBtFilter;@oem1.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [] R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT-stuurprogramma; C:\Windows\system32\DRIVERS\Rt630x64.sys [] R3 RTWlanE;@oem5.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [] R3 WINUSB;@winusb.inf,%WINUSB_SvcDesc%;WinUsb-stuurprogramma; C:\Windows\System32\drivers\WinUSB.SYS [] S3 61883;@61883.inf,%61883_Unit.ServiceDesc%;61883-eenheidsapparaat; C:\Windows\system32\DRIVERS\61883.sys [] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [] S3 dg_ssudbus;@oem37.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [] S3 HWHandSet;HUAWEISPMODEM; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [] S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [] S3 netr28ux;@netr28ux.inf,%Generic.Service.DispName%;Stuurprogramma voor RT2870 USB Extensible draadloze LAN-kaart; C:\Windows\system32\DRIVERS\netr28ux.sys [] S3 ssudmdm;@oem36.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [] S3 ssudserd;@oem27.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [] S3 usbser;@oem18.inf,%SERVICE%;USB RS-232 Emulation Driver; C:\Windows\system32\DRIVERS\USBSER.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128] R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2013-09-26 61440] R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [2016-05-25 191688] R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [] R2 IntelBCAsvc;Intel(R) Biometric and Context Agent Service; C:\Program Files\Intel\BCA\pabeSvc64.exe [2016-05-06 3026584] R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2016-07-14 908256] R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-07-14 15736] R2 WinZipSmartMonitorService;WinZipSmartMonitorService; C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitorService.exe [2016-08-16 492032] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-20 144200] S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488] S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-27 291744] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-20 144200] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [2016-07-19 327944] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-30 147624] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600] S3 TrueKeyServiceHelper;Intel Security True Key Helper Service; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2016-07-14 86864] -----------------EOF-----------------