Logfile of random's system information tool 1.09 (written by random/random)
Run by Terry at 2013-10-08 10:17:46
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 112 GB (68%) free of 165 GB
Total RAM: 1917 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:18:20, on 8-10-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal
Running processes:
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE
C:\Program Files\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe
C:\Users\Terry_2\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Users\Terry_2\AppData\Local\Temp\bwgo000143b3.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Philips\Wi-Fi MediaConnect\HTSRecover.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Terry_2\Downloads\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\Terry.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll
O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll (file missing)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: conatiiNuettosaavve - {8D83BF0B-A10C-10AA-6820-E58AB5950187} - C:\ProgramData\conatiiNuettosaavve\51b4dd0b2b506.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\RunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq
O4 - HKLM\..\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
O4 - HKCU\..\RunOnce: [RegistryDefrag Success Message] "C:\Program Files\TuneUp Utilities 2013\TUMessages.exe" /RegDefrag_Success
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[s0].txt
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1166265066-3392905436-491142532-1006\..\Run: [sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background (User 'Terry_2')
O4 - HKUS\S-1-5-21-1166265066-3392905436-491142532-1006\..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE (User 'Terry_2')
O4 - S-1-5-21-1166265066-3392905436-491142532-1006 Startup: Dropbox.lnk = Terry_2\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Terry_2')
O4 - S-1-5-21-1166265066-3392905436-491142532-1006 Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (User 'Terry_2')
O4 - S-1-5-21-1166265066-3392905436-491142532-1006 User Startup: Dropbox.lnk = Terry_2\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Terry_2')
O4 - S-1-5-21-1166265066-3392905436-491142532-1006 User Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (User 'Terry_2')
O4 - Global Startup: Wi-Fi MediaConnect.lnk = C:\Program Files\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Password Manager Pro (PMP) - Unknown owner - C:\Program Files\PMP\bin\wrapper.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI8634.tmp
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
--
End of file - 9794 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SymInstallStub.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\agrnll87.default
prefs.js - "browser.search.useDBForOrder" - true
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Program Files\TVUPlayer\npTVUAx.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation®Network Downloader.
"Path"=C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@TelevisionFanatic.com/Plugin]
"Description"=TelevisionFanatic Plugin
"Path"=C:\Program Files\TelevisionFanatic\bar\1.bin\NP64Stub.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@threeships.nl/TSHelper;version=1.0.1.3]
"Description"=TSHelper
"Path"=C:\Program Files\Common Files\ThreeShips Shared\Dll\\npTSHelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
bing.xml
google.xml
yahoo.xml
C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\agrnll87.default\extensions\
crossriderapp2258@crossrider.com
firefox@tvunetworks.com
ny@yeyuuye.edu
{a3250d7b-7f0b-4f5c-8a51-0351885c8bd4}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17FDB9F8-DCC4-4F6A-AE07-B16018A48469}]
ThreeShips IE Helper - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll [2012-04-16 586168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}]
Toolbar BHO - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}]
Search Assistant BHO - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-08 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D83BF0B-A10C-10AA-6820-E58AB5950187}]
conatiiNuettosaavve - C:\ProgramData\conatiiNuettosaavve\51b4dd0b2b506.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-19 192592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-08 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-19 192592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 995176]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"=C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 360448]
"*Restore"=C:\Windows\system32\rstrui.exe [2010-11-20 262656]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"VoipBuster"=C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe [2013-06-17 19378496]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RegistryDefrag Success Message"=C:\Program Files\TuneUp Utilities 2013\TUMessages.exe [2013-01-31 134432]
"Report"=\AdwCleaner\AdwCleaner[s0].txt [2013-10-07 86117]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*Restore]
C:\Windows\System32\rstrui.exe [2010-11-20 262656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper]
C:\Users\Terry\AppData\Local\Smartbar\Application\SnapDo.exe startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2012-11-13 450560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2012-11-30 1263512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Terry\AppData\Local\Google\Update\GoogleUpdate.exe /c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList]
C:\Program Files\Pinnacle\ShowCenter\LaunchList.exe [2003-06-18 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapsGalaxy Search Scope Monitor]
C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe /m=2 /w /h []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapsGalaxy_39 Browser Plugin Loader]
C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 995176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-01-16 717696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
C:\Windows\system32\PSDrvCheck.exe [2003-11-10 406016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPN]
C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe [2013-02-09 196784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2013-05-29 449248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SymInstallStub]
C:\ProgramData\DivX\Symantec\SymInstallStub.exe [2012-12-15 295392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TelevisionFanatic Browser Plugin Loader]
C:\PROGRA~1\TELEVI~2\bar\1.bin\64brmon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TelevisionFanatic Search Scope Monitor]
C:\PROGRA~1\TELEVI~2\bar\1.bin\64srchmn.exe /m=2 /w /h []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Urpoce]
C:\Users\Terry\AppData\Roaming\Riidcu\ynta.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe /MINIMIZED []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Users\Terry\AppData\Local\Temp\WinDefender\windefender.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2013-02-19 450560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Pinnacle ShowCenter StreamServer.lnk]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\STRMSE~1\STRMSE~1.EXE [2005-04-14 147456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Terry^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KÖNIG.lnk]
C:\PROGRA~1\KNIGVO~1\KONIG.exe [2007-07-23 409600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Terry^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SkypeMate.lnk]
C:\PROGRA~1\SKYPEM~1\SKYPEM~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Terry^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^windefender.exe]
C:\Users\Terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windefender.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Wi-Fi MediaConnect.lnk - C:\Program Files\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2010-01-21 4222864]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=iyvu9_32.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-08 10:17:46 ----D---- C:\rsit
2013-10-08 10:17:46 ----D---- C:\Program Files\trend micro
2013-10-07 16:57:17 ----D---- C:\Program Files\Common Files\DESIGNER
2013-10-07 09:01:34 ----D---- C:\AdwCleaner
2013-10-02 10:26:27 ----D---- C:\Program Files\Hewlett-Packard
2013-10-02 10:19:34 ----D---- C:\Users\Terry\AppData\Roaming\driver
2013-09-27 18:54:23 ----ASH---- C:\pagefile.sys
2013-09-27 14:39:54 ----D---- C:\Program Files\iPod
2013-09-27 14:39:53 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-27 14:39:53 ----D---- C:\Program Files\iTunes
2013-09-27 14:36:38 ----D---- C:\Program Files\Bonjour
2013-09-13 22:43:46 ----A---- C:\Windows\system32\jscript9.dll
2013-09-13 22:43:46 ----A---- C:\Windows\system32\jscript.dll
2013-09-13 22:43:45 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-13 22:43:45 ----A---- C:\Windows\system32\iesetup.dll
2013-09-13 22:43:44 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-13 22:43:44 ----A---- C:\Windows\system32\ieui.dll
2013-09-13 22:43:44 ----A---- C:\Windows\system32\iernonce.dll
2013-09-13 22:43:44 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-13 22:43:43 ----A---- C:\Windows\system32\urlmon.dll
2013-09-13 22:43:43 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 22:43:43 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-13 22:43:43 ----A---- C:\Windows\system32\iertutil.dll
2013-09-13 22:43:41 ----A---- C:\Windows\system32\wininet.dll
2013-09-13 22:43:40 ----A---- C:\Windows\system32\ieframe.dll
2013-09-13 22:43:38 ----A---- C:\Windows\system32\mshtml.dll
2013-09-13 19:14:04 ----A---- C:\Windows\system32\shell32.dll
2013-09-13 19:14:04 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-13 19:13:57 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-13 19:13:56 ----A---- C:\Windows\system32\win32k.sys
2013-09-13 19:13:55 ----A---- C:\Windows\system32\winsrv.dll
2013-09-13 19:13:55 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-13 19:13:55 ----A---- C:\Windows\system32\kernel32.dll
2013-09-13 19:13:55 ----A---- C:\Windows\system32\conhost.exe
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 19:13:54 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 19:13:53 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 19:13:53 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 19:13:53 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
======List of files/folders modified in the last 1 month======
2013-10-08 10:18:19 ----D---- C:\Windows\Temp
2013-10-08 10:17:58 ----D---- C:\Windows\Prefetch
2013-10-08 10:17:46 ----RD---- C:\Program Files
2013-10-08 10:11:43 ----D---- C:\Windows\system32\config
2013-10-08 10:11:39 ----D---- C:\Windows\System32
2013-10-08 10:11:39 ----D---- C:\Windows
2013-10-08 09:45:00 ----D---- C:\Windows\tracing
2013-10-08 09:05:00 ----D---- C:\Windows\Minidump
2013-10-08 09:04:57 ----D---- C:\Windows\Downloaded Program Files
2013-10-08 09:03:26 ----SHD---- C:\System Volume Information
2013-10-08 08:32:32 ----RD---- C:\Users
2013-10-08 07:37:38 ----D---- C:\Windows\system32\catroot2
2013-10-07 22:28:31 ----D---- C:\Windows\Microsoft.NET
2013-10-07 17:04:23 ----SHD---- C:\Config.Msi
2013-10-07 17:01:05 ----SHD---- C:\Windows\Installer
2013-10-07 17:00:23 ----D---- C:\ProgramData\Microsoft Help
2013-10-07 16:58:01 ----RSD---- C:\Windows\Fonts
2013-10-07 16:57:36 ----D---- C:\Windows\system32\wbem
2013-10-07 16:57:36 ----D---- C:\Program Files\Common Files\microsoft shared
2013-10-07 16:57:17 ----D---- C:\Program Files\Common Files
2013-10-07 16:56:58 ----D---- C:\Program Files\MSBuild
2013-10-07 16:54:55 ----D---- C:\Windows\ShellNew
2013-10-07 16:48:28 ----A---- C:\Windows\win.ini
2013-10-07 16:08:21 ----D---- C:\Program Files\Watchtower
2013-10-07 09:05:39 ----D---- C:\Windows\system32\Tasks
2013-10-07 09:04:45 ----HD---- C:\ProgramData
2013-10-03 17:40:37 ----D---- C:\Windows\inf
2013-10-03 17:40:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-03 17:19:51 ----RSD---- C:\Windows\assembly
2013-10-03 17:04:43 ----D---- C:\Windows\system32\FxsTmp
2013-09-28 05:13:27 ----D---- C:\Windows\Tasks
2013-09-28 05:13:27 ----D---- C:\Windows\system32\wfp
2013-09-28 05:13:27 ----D---- C:\Windows\system32\DriverStore
2013-09-28 05:13:27 ----D---- C:\Windows\AutoKMS
2013-09-28 05:13:27 ----D---- C:\Windows\AppCompat
2013-09-28 05:13:26 ----D---- C:\Program Files\SUPERAntiSpyware
2013-09-28 05:13:10 ----D---- C:\Windows\registration
2013-09-28 05:13:06 ----D---- C:\Windows\system32\catroot
2013-09-28 05:12:55 ----D---- C:\ProgramData\Apple Computer
2013-09-28 05:12:54 ----D---- C:\Program Files\Common Files\Apple
2013-09-28 04:35:45 ----D---- C:\Windows\system32\LogFiles
2013-09-27 14:41:24 ----D---- C:\Users\Terry\AppData\Roaming\Apple Computer
2013-09-27 14:39:22 ----D---- C:\ProgramData\Apple
2013-09-25 16:19:47 ----D---- C:\Windows\LiveKernelReports
2013-09-21 19:07:08 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-09-19 15:46:34 ----HD---- C:\Program Files\InstallShield Installation Information
2013-09-16 00:29:27 ----D---- C:\Users\Terry\AppData\Roaming\uTorrent
2013-09-14 17:22:54 ----D---- C:\Windows\rescache
2013-09-14 10:45:36 ----D---- C:\Windows\winsxs
2013-09-14 10:45:29 ----D---- C:\Windows\Panther
2013-09-14 10:43:03 ----D---- C:\Program Files\Internet Explorer
2013-09-14 10:43:01 ----D---- C:\Windows\system32\nl-NL
2013-09-14 10:42:57 ----D---- C:\Windows\system32\drivers
2013-09-13 22:42:55 ----D---- C:\Windows\system32\MRT
2013-09-13 22:40:39 ----D---- C:\Windows\debug
2013-09-13 22:40:35 ----A---- C:\Windows\system32\MRT.exe
2013-09-09 10:52:46 ----A---- C:\Windows\system32\msvcr80.dll
2013-09-09 10:52:46 ----A---- C:\Windows\system32\msvcp80.dll
2013-09-09 10:52:46 ----A---- C:\Windows\system32\msvcm80.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AFS;AFS; C:\Windows\system32\drivers\AFS.sys [2012-11-13 77004]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-11-03 45968]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-05-03 477240]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-03 242240]
R1 InCDPass;InCdPass; C:\Windows\System32\DRIVERS\InCDPass.sys [2003-06-30 28208]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS [2011-07-12 67664]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R3 ASAPIW2k;ASAPIW2K; C:\Windows\system32\drivers\ASAPIW2k.sys [2002-04-17 11264]
R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2004-04-01 10368]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 17408]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-11-16 10088]
R3 WFMC_VAD;WFMCVAD (WDM); C:\Windows\system32\DRIVERS\wfmcvad.sys [2010-02-08 19456]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDfs.sys [2003-06-30 86496]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-09-14 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-09-14 25200]
S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2013-04-04 30616]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 25112]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-04-22 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-01-27 286720]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 22208]
R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2002-12-17 7520337]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [2005-04-20 49152]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\Windows\Installer\MSI8634.tmp [2013-06-12 189760]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2013-01-31 1724192]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 295376]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-26 136176]
S2 PMP;Password Manager Pro; C:\Program Files\PMP\bin\wrapper.exe [2012-03-30 204800]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-21 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-05-19 79360]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-26 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2002-12-17 311872]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-26 1343400]
S4 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2012-07-13 769432]
-----------------EOF-----------------
