Logfile of random's system information tool 1.09 (written by random/random)
Run by Brian_Pc at 2013-12-16 21:05:14
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 88 GB (72%) free of 122 GB
Total RAM: 3959 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:05:16, on 16-12-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
P:\Norton Internet Security 2013\Engine\20.4.0.40\ccSvcHst.exe
P:\Winbar\WinBar.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
P:\Canon\OpWareSE4.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
P:\Teamviewer\TeamViewer.exe
C:\Users\Brian_Pc\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
T:\FireFox\firefox.exe
C:\Program Files\trend micro\Brian_Pc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.nl/search?hl=nl&q=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - P:\Norton Internet Security 2013\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - P:\Norton Internet Security 2013\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - P:\Norton Internet Security 2013\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [OpwareSE4] "P:\Canon\OpwareSE4.exe"
O4 - HKCU\..\Run: [WinBar (x86)] P:\Winbar\WinBar.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Coolbarz.lnk = Brian_Pc\Desktop\Coolbarz.exe
O4 - Startup: EvernoteClipper.lnk = P:\Evernote\EvernoteClipper.exe
O4 - Startup: Facebook Messenger.lnk = Brian_Pc\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: FSL Launcher.lnk = T:\FSL_Launcher\FSL_Launcher.exe
O4 - Global Startup: DeskDrive.lnk = C:\Program Files (x86)\Mountain Lion Skin Pack\DeskDrive\DeskDrive.exe
O4 - Global Startup: Finderbar.lnk = C:\Program Files (x86)\Mountain Lion Skin Pack\Finderbar\Finderbar.exe
O4 - Global Startup: Refresh.lnk = ?
O4 - Global Startup: RocketDock.lnk = C:\Program Files (x86)\Mountain Lion Skin Pack\RocketDock\RocketDock.exe
O4 - Global Startup: SkinPackMenu.lnk = C:\Program Files (x86)\Mountain Lion Skin Pack\SP.exe
O4 - Global Startup: UberIcon.lnk = C:\Program Files (x86)\Mountain Lion Skin Pack\UberIcon\UberIcon.exe
O4 - Global Startup: VirtuaWin.lnk = C:\Program Files (x86)\Mountain Lion Skin Pack\VirtuaWin\VirtuaWin.exe
O4 - Global Startup: Winroll.lnk = C:\Program Files (x86)\Mountain Lion Skin Pack\Winroll\winroll.exe
O4 - Global Startup: xwidget.lnk = C:\Program Files (x86)\Mountain Lion Skin Pack\Xwidget\xwidget.exe
O4 - Global Startup: YzShadow.lnk = C:\Program Files (x86)\Mountain Lion Skin Pack\YzShadow\YzShadow.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://P:\OFFICE~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Afbeelding knippen - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://P:\OFFICE~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Kopieer selectie - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Kopieer URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Nieuwe notitie - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Pagina opemen - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BlackBerry Device Manager - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: BootRacerServ - Greatis Software, LLC - C:\Program Files (x86)\BootRacer\BootRacerServ.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - P:\Norton Internet Security 2013\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - P:\Macrium Reflect\ReflectService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - P:\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynoDrService - Unknown owner - T:\Data Replicator\SynoDrServicex64.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - P:\Teamviewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: UsbClientService - Unknown owner - T:\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13292 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\BootRacer\BootRacerServ.exe"
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {578C9344-2AD6-4E32-B4C2-85FE88837F88}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\CISVC.EXE
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"P:\Norton Internet Security 2013\Engine\20.4.0.40\ccSvcHst.exe" /s "NIS" /m "P:\Norton Internet Security 2013\Engine\20.4.0.40\diMaster.dll" /prefetch:1
"P:\Macrium Reflect\ReflectService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"T:\Data Replicator\SynoDrServicex64.exe"
"P:\Teamviewer\TeamViewer_Service.exe"
"P:\Norton Internet Security 2013\Engine\20.4.0.40\ccSvcHst.exe" /c /a /s UserSession2
T:\Assistant\UsbClientService.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2252
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-004c2fee-46a7-45ce-b09d-78d7f8599763 -SystemEventPortName:HostProcess-89f51cd4-6bb3-4318-be65-1fa07b973b01 -IoCancelEventPortName:HostProcess-84f1f113-37ac-4385-b817-fb29dd679246 -NonStateChangingEventPortName:HostProcess-9a338c8f-65aa-456d-8a23-d0559318b53a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:516578d8-77fe-4a88-9352-74e494052897 -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\wbengine.exe"
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"P:\Canon\BJMYPRT.EXE" /logon
"P:\Winbar\WinBar.exe" 
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" 
"P:\Canon\OpWareSE4.exe" 
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe"  /hide
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe"
"C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe" -Embedding
"P:\Teamviewer\TeamViewer.exe"
"P:\Teamviewer\tv_w32.exe" --action hooks  --log P:\Teamviewer\TeamViewer8_Logfile.log  
"P:\Teamviewer\tv_x64.exe" --action hooks  --log P:\Teamviewer\TeamViewer8_Logfile.log  
"C:\Users\Brian_Pc\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe" 
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528 
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"T:\FireFox\firefox.exe" 
"C:\Windows\system32\taskmgr.exe" /4
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Brian_Pc\Desktop\RSITx64.exe" 
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\Windows\system32\sppsvc.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2191765731-929917457-40214162-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2191765731-929917457-40214162-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Brian_Pc\AppData\Roaming\Mozilla\Firefox\Profiles\v3rmnfky.default

prefs.js - "browser.startup.homepage" -  "https://www.google.nl/"
prefs.js - "keyword.URL" -  "http://nortonsafe.search.ask.com/web?o=APN10506&gct=kwd&qsrc=2869&l=dis&prt=NIS&chn=retail&geo=NL&ver=20&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=T:\Picasa\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rim.com/npappworld]
"Description"=
"Path"=C:\Program Files (x86)\Research In Motion Limited\Browserplug-in voor BlackBerry World\npappworld.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=P:\Vlc Player\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=P:\Vlc Player\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=P:\Vlc Player\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=P:\Vlc Player\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Users\Brian_Pc\AppData\Roaming\Mozilla\Firefox\Profiles\v3rmnfky.default\searchplugins\
safesearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-30 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-30 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - P:\Norton Internet Security 2013\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - P:\Norton Internet Security 2013\Engine\20.4.0.40\IPS\IPSBHO.DLL [2012-09-06 387040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-10-22 583520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - P:\Norton Internet Security 2013\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=P:\Canon\BJMyPrt.exe [2010-07-26 2782096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2013-12-12 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinBar (x86)"=P:\Winbar\WinBar.exe [2009-09-29 271360]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Users\Brian_Pc\AppData\Roaming\BitTorrent\BitTorrent.exe [2013-11-21 895328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner]
P:\Ccleaner\CCleaner64.exe [2013-11-22 5910296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect]
C:\Users\Brian_Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [2013-10-02 370]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Brian_Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-11 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
P:\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
T:\virus scanners\SUPERAntiSpyware.exe [2013-12-13 6604568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tango]
P:\Tango\Tango.exe [2011-11-04 13489992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2013-01-17 267792]
"SSBkgdUpdate"=C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-24 343168]
"OpwareSE4"=P:\Canon\OpwareSE4.exe [2007-02-04 79400]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DeskDrive.lnk - C:\Program Files (x86)\Mountain Lion Skin Pack\DeskDrive\DeskDrive.exe
Finderbar.lnk - C:\Program Files (x86)\Mountain Lion Skin Pack\Finderbar\Finderbar.exe
Refresh.lnk - C:\Program Files (x86)\Mountain Lion Skin Pack\Tools\Refresh.cmd
RocketDock.lnk - C:\Program Files (x86)\Mountain Lion Skin Pack\RocketDock\RocketDock.exe
SkinPackMenu.lnk - C:\Program Files (x86)\Mountain Lion Skin Pack\SP.exe
UberIcon.lnk - C:\Program Files (x86)\Mountain Lion Skin Pack\UberIcon\UberIcon.exe
VirtuaWin.lnk - C:\Program Files (x86)\Mountain Lion Skin Pack\VirtuaWin\VirtuaWin.exe
Winroll.lnk - C:\Program Files (x86)\Mountain Lion Skin Pack\Winroll\winroll.exe
xwidget.lnk - C:\Program Files (x86)\Mountain Lion Skin Pack\Xwidget\xwidget.exe
YzShadow.lnk - C:\Program Files (x86)\Mountain Lion Skin Pack\YzShadow\YzShadow.exe

C:\Users\Brian_Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Coolbarz.lnk - C:\Users\Brian_Pc\Desktop\Coolbarz.exe
EvernoteClipper.lnk - P:\Evernote\EvernoteClipper.exe
Facebook Messenger.lnk - C:\Users\Brian_Pc\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
FSL Launcher.lnk - T:\FSL_Launcher\FSL_Launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - P:\Fences\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-12-15 23:09:03 ----SHD---- C:\$RECYCLE.BIN
2013-12-15 16:26:59 ----D---- C:\Windows\Temp
2013-12-15 01:09:17 ----D---- C:\Program Files (x86)\GemistDownloader
2013-12-14 01:13:42 ----D---- C:\Users\Brian_Pc\AppData\Roaming\vlc
2013-12-13 02:07:25 ----SH---- C:\ProgramData\desktop.ini
2013-12-11 23:23:17 ----D---- C:\Program Files (x86)\Evernote
2013-12-10 21:30:26 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-10 21:30:25 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-10 21:30:25 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-10 21:30:24 ----A---- C:\Windows\system32\wmp.dll
2013-12-10 21:29:38 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 21:29:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-10 21:29:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-10 21:29:37 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-10 21:29:37 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-10 21:29:37 ----A---- C:\Windows\system32\ieui.dll
2013-12-10 21:29:37 ----A---- C:\Windows\system32\iesetup.dll
2013-12-10 21:29:37 ----A---- C:\Windows\system32\iernonce.dll
2013-12-10 21:29:37 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-10 21:29:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-10 21:29:37 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-10 21:29:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-10 21:29:36 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-10 21:29:36 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-10 21:29:36 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-10 21:29:36 ----A---- C:\Windows\system32\mshtml.dll
2013-12-10 21:29:36 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-10 21:29:36 ----A---- C:\Windows\system32\iertutil.dll
2013-12-10 21:29:36 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-10 21:29:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-10 21:29:35 ----A---- C:\Windows\system32\wininet.dll
2013-12-10 21:29:35 ----A---- C:\Windows\system32\urlmon.dll
2013-12-10 21:29:35 ----A---- C:\Windows\system32\ieframe.dll
2013-12-10 21:29:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-10 21:29:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-10 21:29:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-10 21:29:34 ----A---- C:\Windows\system32\jscript9.dll
2013-12-10 21:25:50 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-10 21:25:50 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-10 21:25:49 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-10 21:25:49 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-10 21:25:49 ----A---- C:\Windows\system32\win32k.sys
2013-12-10 21:25:49 ----A---- C:\Windows\system32\msieftp.dll
2013-12-10 21:25:49 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-10 21:25:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-10 21:25:48 ----A---- C:\Windows\system32\tzres.dll
2013-12-10 21:25:46 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-10 21:25:46 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-10 21:25:46 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-10 21:25:46 ----A---- C:\Windows\system32\wscript.exe
2013-12-10 21:25:46 ----A---- C:\Windows\system32\scrrun.dll
2013-12-10 21:25:46 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-10 21:25:46 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-10 21:25:46 ----A---- C:\Windows\system32\cscript.exe
2013-12-08 23:15:03 ----D---- C:\Users\Brian_Pc\AppData\Roaming\SeriousBit
2013-12-08 23:05:15 ----D---- C:\Users\Brian_Pc\AppData\Roaming\Bump Technologies, Inc
2013-12-08 23:05:13 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2013-12-08 23:05:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2013-12-08 23:05:13 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-12-08 23:05:13 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-12-08 23:05:12 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-12-08 23:05:12 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-12-08 23:05:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2013-12-08 23:05:12 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-12-08 23:05:12 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-12-08 23:05:12 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-12-08 23:05:11 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-12-08 23:05:11 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-12-08 23:05:11 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-12-08 23:05:11 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-12-08 23:05:11 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2013-12-08 23:05:11 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-12-08 23:05:11 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-12-08 23:05:11 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-12-08 23:05:11 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-12-08 23:05:11 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-12-08 23:05:11 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-12-08 23:05:11 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-12-08 23:05:10 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2013-12-08 23:05:10 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2013-12-08 23:05:10 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-12-08 23:05:10 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-12-08 23:05:10 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-12-08 23:05:10 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-12-08 23:05:09 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-12-08 23:05:09 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2013-12-08 23:05:09 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2013-12-08 23:05:09 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2013-12-08 23:05:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-12-08 23:05:09 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-12-08 23:05:09 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-12-08 23:05:09 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-12-08 23:05:09 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-12-08 23:05:09 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-12-08 23:05:08 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2013-12-08 23:05:08 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2013-12-08 23:05:08 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-12-08 23:05:08 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-12-08 23:05:08 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-12-08 23:05:08 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-12-08 23:05:08 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-12-08 23:05:08 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-12-08 23:05:07 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2013-12-08 23:05:07 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2013-12-08 23:05:07 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-12-08 23:05:07 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-12-08 23:05:07 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-12-08 23:05:07 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-12-08 23:05:07 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-12-08 23:05:07 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-12-08 23:05:07 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-12-08 23:05:07 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-12-08 23:05:06 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2013-12-08 23:05:06 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2013-12-08 23:05:06 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2013-12-08 23:05:06 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2013-12-08 23:05:06 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2013-12-08 23:05:06 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2013-12-08 23:05:06 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-12-08 23:05:06 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-12-08 23:05:06 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-12-08 23:05:06 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-12-08 23:05:06 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-12-08 23:05:06 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-12-08 23:05:05 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2013-12-08 23:05:05 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2013-12-08 23:05:05 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2013-12-08 23:05:05 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2013-12-08 23:05:05 ----A---- C:\Windows\system32\XAudio2_1.dll
2013-12-08 23:05:05 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2013-12-08 23:05:05 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-12-08 23:05:05 ----A---- C:\Windows\system32\xactengine3_1.dll
2013-12-08 23:05:05 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-12-08 23:05:05 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-12-08 23:05:05 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-12-08 23:05:04 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2013-12-08 23:05:04 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2013-12-08 23:05:04 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2013-12-08 23:05:04 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2013-12-08 23:05:04 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2013-12-08 23:05:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2013-12-08 23:05:04 ----A---- C:\Windows\system32\XAudio2_0.dll
2013-12-08 23:05:04 ----A---- C:\Windows\system32\xactengine3_0.dll
2013-12-08 23:05:04 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2013-12-08 23:05:04 ----A---- C:\Windows\system32\D3DX9_38.dll
2013-12-08 23:05:04 ----A---- C:\Windows\system32\d3dx10_38.dll
2013-12-08 23:05:04 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2013-12-08 23:05:03 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2013-12-08 23:05:03 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2013-12-08 23:05:03 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2013-12-08 23:05:03 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2013-12-08 23:05:03 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2013-12-08 23:05:03 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-12-08 23:05:03 ----A---- C:\Windows\system32\d3dx10_37.dll
2013-12-08 23:05:03 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2013-12-08 23:05:02 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2013-12-08 23:05:02 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2013-12-08 23:05:02 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2013-12-08 23:05:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2013-12-08 23:05:02 ----A---- C:\Windows\system32\xactengine2_10.dll
2013-12-08 23:05:02 ----A---- C:\Windows\system32\d3dx9_36.dll
2013-12-08 23:05:02 ----A---- C:\Windows\system32\d3dx10_36.dll
2013-12-08 23:05:02 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2013-12-08 23:05:01 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2013-12-08 23:05:01 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2013-12-08 23:05:01 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2013-12-08 23:05:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2013-12-08 23:05:01 ----A---- C:\Windows\system32\xactengine2_9.dll
2013-12-08 23:05:01 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-12-08 23:05:01 ----A---- C:\Windows\system32\d3dx10_35.dll
2013-12-08 23:05:01 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2013-12-08 23:05:00 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-12-08 23:05:00 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2013-12-08 23:05:00 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2013-12-08 23:05:00 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2013-12-08 23:05:00 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2013-12-08 23:05:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2013-12-08 23:05:00 ----A---- C:\Windows\system32\xinput1_3.dll
2013-12-08 23:05:00 ----A---- C:\Windows\system32\xactengine2_8.dll
2013-12-08 23:05:00 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2013-12-08 23:05:00 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-12-08 23:05:00 ----A---- C:\Windows\system32\d3dx10_34.dll
2013-12-08 23:05:00 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2013-12-08 23:04:59 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2013-12-08 23:04:59 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2013-12-08 23:04:59 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2013-12-08 23:04:59 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2013-12-08 23:04:59 ----A---- C:\Windows\system32\xactengine2_7.dll
2013-12-08 23:04:59 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-12-08 23:04:59 ----A---- C:\Windows\system32\d3dx10_33.dll
2013-12-08 23:04:59 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2013-12-08 23:04:58 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2013-12-08 23:04:58 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2013-12-08 23:04:58 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2013-12-08 23:04:58 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2013-12-08 23:04:58 ----A---- C:\Windows\system32\xactengine2_6.dll
2013-12-08 23:04:58 ----A---- C:\Windows\system32\xactengine2_5.dll
2013-12-08 23:04:58 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-12-08 23:04:58 ----A---- C:\Windows\system32\d3dx10.dll
2013-12-08 23:04:57 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2013-12-08 23:04:57 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2013-12-08 23:04:57 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2013-12-08 23:04:57 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2013-12-08 23:04:57 ----A---- C:\Windows\system32\xinput1_2.dll
2013-12-08 23:04:57 ----A---- C:\Windows\system32\xactengine2_4.dll
2013-12-08 23:04:57 ----A---- C:\Windows\system32\xactengine2_3.dll
2013-12-08 23:04:57 ----A---- C:\Windows\system32\x3daudio1_1.dll
2013-12-08 23:04:57 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-12-08 23:04:56 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2013-12-08 23:04:56 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2013-12-08 23:04:56 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2013-12-08 23:04:56 ----A---- C:\Windows\system32\xinput1_1.dll
2013-12-08 23:04:56 ----A---- C:\Windows\system32\xactengine2_2.dll
2013-12-08 23:04:56 ----A---- C:\Windows\system32\xactengine2_1.dll
2013-12-08 23:04:55 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2013-12-08 23:04:55 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2013-12-08 23:04:55 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-12-08 23:04:55 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2013-12-08 23:04:55 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2013-12-08 23:04:55 ----A---- C:\Windows\system32\xactengine2_0.dll
2013-12-08 23:04:55 ----A---- C:\Windows\system32\x3daudio1_0.dll
2013-12-08 23:04:55 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-12-08 23:04:55 ----A---- C:\Windows\system32\d3dx9_29.dll
2013-12-08 23:04:55 ----A---- C:\Windows\system32\d3dx9_28.dll
2013-12-08 23:04:54 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2013-12-08 23:04:54 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2013-12-08 23:04:54 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2013-12-08 23:04:54 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2013-12-08 23:04:54 ----A---- C:\Windows\system32\d3dx9_27.dll
2013-12-08 23:04:54 ----A---- C:\Windows\system32\d3dx9_26.dll
2013-12-08 23:04:54 ----A---- C:\Windows\system32\d3dx9_25.dll
2013-12-08 23:04:54 ----A---- C:\Windows\system32\d3dx9_24.dll
2013-12-08 23:04:10 ----D---- C:\Windows\SYSWOW64\directx
2013-12-08 22:28:16 ----D---- C:\Users\Brian_Pc\AppData\Roaming\SideSlide
2013-12-08 21:29:49 ----D---- C:\Users\Brian_Pc\AppData\Roaming\Brynt Younce Software
2013-12-08 21:26:05 ----D---- C:\Users\Brian_Pc\AppData\Roaming\GemistDownloader
2013-12-08 20:37:25 ----D---- C:\Program Files (x86)\Skin Pack
2013-12-08 20:37:17 ----A---- C:\Windows\system32\xpsrchvw.exe
2013-12-08 20:37:17 ----A---- C:\Users\Brian_Pc\AppData\Roaming\regsvr32.exe_log.txt
2013-12-08 20:37:17 ----A---- C:\Users\Brian_Pc\AppData\Roaming\LiveSupport.exe_log.txt
2013-12-08 20:37:15 ----A---- C:\Windows\system32\StikyNot.exe
2013-12-08 20:37:15 ----A---- C:\Windows\system32\SoundRecorder.exe
2013-12-08 20:37:14 ----A---- C:\Windows\system32\SnippingTool.exe
2013-12-08 20:37:13 ----A---- C:\Windows\system32\rstrui.exe
2013-12-08 20:37:13 ----A---- C:\Windows\system32\recdisc.exe
2013-12-08 20:37:11 ----A---- C:\Windows\system32\osk.exe
2013-12-08 20:37:11 ----A---- C:\Windows\system32\notepad.exe
2013-12-08 20:37:11 ----A---- C:\Windows\system32\Narrator.exe
2013-12-08 20:37:10 ----A---- C:\Windows\system32\mstsc.exe
2013-12-08 20:37:10 ----A---- C:\Windows\system32\msra.exe
2013-12-08 20:37:09 ----A---- C:\Windows\system32\mspaint.exe
2013-12-08 20:37:09 ----A---- C:\Windows\system32\msinfo32.exe
2013-12-08 20:37:09 ----A---- C:\Windows\system32\msconfig.exe
2013-12-08 20:37:08 ----A---- C:\Windows\system32\mobsync.exe
2013-12-08 20:37:07 ----A---- C:\Windows\system32\MdSched.exe
2013-12-08 20:37:07 ----A---- C:\Windows\system32\mblctr.exe
2013-12-08 20:37:06 ----A---- C:\Windows\system32\Magnify.exe
2013-12-08 20:37:05 ----A---- C:\Windows\explorer.exe
2013-12-08 20:37:02 ----A---- C:\Windows\system32\eudcedit.exe
2013-12-08 20:37:02 ----A---- C:\Windows\system32\DisplaySwitch.exe
2013-12-08 20:37:02 ----A---- C:\Windows\system32\dfrgui.exe
2013-12-08 20:37:01 ----A---- C:\Windows\system32\control.exe
2013-12-08 20:37:01 ----A---- C:\Windows\system32\colorcpl.exe
2013-12-08 20:37:01 ----A---- C:\Windows\system32\cleanmgr.exe
2013-12-08 20:37:00 ----A---- C:\Windows\system32\charmap.exe
2013-12-08 20:37:00 ----A---- C:\Windows\system32\calc.exe
2013-12-08 20:36:59 ----A---- C:\Windows\system32\taskmgr.exe
2013-12-08 20:36:59 ----A---- C:\Windows\system32\SndVol.exe
2013-12-08 20:36:58 ----A---- C:\Windows\system32\stobject.dll
2013-12-08 20:36:58 ----A---- C:\Windows\system32\authui.dll
2013-12-08 20:36:57 ----A---- C:\Windows\system32\imagesp1.dll
2013-12-08 20:36:53 ----A---- C:\Windows\system32\imageres.dll
2013-12-08 20:36:53 ----A---- C:\Windows\system32\ExplorerFrame.dll
2013-12-08 20:36:52 ----A---- C:\Windows\system32\SndVolSSO.dll
2013-12-08 20:36:52 ----A---- C:\Windows\system32\pnpui.dll
2013-12-08 20:36:51 ----A---- C:\Windows\system32\pnidui.dll
2013-12-08 20:36:51 ----A---- C:\Windows\system32\batmeter.dll
2013-12-08 20:36:51 ----A---- C:\Windows\system32\ActionCenter.dll
2013-12-08 20:36:50 ----A---- C:\Windows\SYSWOW64\uxtheme.dll.tmp
2013-12-08 20:36:50 ----A---- C:\Windows\SYSWOW64\themeui.dll.tmp
2013-12-08 17:49:42 ----A---- C:\Users\Brian_Pc\AppData\Roaming\inst.exe
2013-12-08 17:45:49 ----A---- C:\ComboFix.txt
2013-12-04 17:31:28 ----D---- C:\AdwCleaner
2013-12-04 01:42:43 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-04 01:41:49 ----D---- C:\Windows\Migration
2013-12-02 23:34:56 ----A---- C:\Windows\system32\drivers\TVMonitor.sys
2013-12-02 23:30:57 ----A---- C:\Windows\ntbtlog.txt
2013-11-25 18:25:00 ----D---- C:\ProgramData\Logs

======List of files/folders modified in the last 1 month======

2013-12-16 21:05:15 ----D---- C:\Program Files\trend micro
2013-12-16 21:03:35 ----SHD---- C:\System Volume Information
2013-12-16 21:03:04 ----D---- C:\Windows\system32\LogFiles
2013-12-16 21:02:59 ----D---- C:\Program Files (x86)\BootRacer
2013-12-16 20:23:13 ----D---- C:\Windows\system32\config
2013-12-16 19:26:45 ----D---- C:\Windows\System32
2013-12-16 19:26:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-16 19:26:44 ----D---- C:\Windows\inf
2013-12-16 01:44:25 ----D---- C:\ProgramData\CanonIJPLM
2013-12-16 00:24:41 ----D---- C:\Windows\registration
2013-12-15 23:08:45 ----D---- C:\Windows\winsxs
2013-12-15 23:08:39 ----D---- C:\Windows\system32\catroot2
2013-12-15 23:08:39 ----D---- C:\Windows\system32\catroot
2013-12-15 23:08:22 ----D---- C:\Windows
2013-12-15 17:08:50 ----D---- C:\Users\Brian_Pc\AppData\Roaming\Macromedia
2013-12-15 16:36:46 ----D---- C:\Windows\system32\wbem
2013-12-15 16:26:54 ----RD---- C:\ProgramData
2013-12-15 01:09:17 ----RD---- C:\Program Files (x86)
2013-12-14 18:54:11 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-13 01:46:16 ----SHD---- C:\Windows\Installer
2013-12-13 01:42:13 ----D---- C:\Windows\system32\drivers
2013-12-12 19:08:11 ----D---- C:\Users\Brian_Pc\AppData\Roaming\ImgBurn
2013-12-12 18:58:25 ----D---- C:\Users\Brian_Pc\AppData\Roaming\BitTorrent
2013-12-11 22:44:13 ----D---- C:\Windows\SysWOW64
2013-12-11 22:44:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-11 14:24:08 ----D---- C:\Windows\system32\NDF
2013-12-10 21:32:57 ----D---- C:\Program Files\Windows Media Player
2013-12-10 21:32:57 ----D---- C:\Program Files\Internet Explorer
2013-12-10 21:32:57 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-10 21:32:57 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-10 21:32:56 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-12-10 21:32:56 ----D---- C:\Windows\system32\nl-NL
2013-12-10 21:32:56 ----D---- C:\Windows\system32\DriverStore
2013-12-10 21:29:28 ----D---- C:\Windows\system32\MRT
2013-12-10 21:28:19 ----A---- C:\Windows\system32\MRT.exe
2013-12-10 03:12:53 ----D---- C:\Users\Brian_Pc\AppData\Roaming\Skype
2013-12-08 23:19:51 ----RD---- C:\Program Files
2013-12-08 23:04:56 ----RSD---- C:\Windows\assembly
2013-12-08 23:04:53 ----D---- C:\Windows\Microsoft.NET
2013-12-08 23:04:10 ----D---- C:\Windows\Logs
2013-12-08 21:09:02 ----D---- C:\Windows\system32\Tasks
2013-12-08 21:05:38 ----D---- C:\Windows\system32\migwiz
2013-12-08 21:05:38 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-12-08 21:03:14 ----RSD---- C:\Windows\Media
2013-12-08 21:03:14 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-08 21:03:14 ----D---- C:\Windows\Cursors
2013-12-08 21:03:14 ----D---- C:\Windows\Branding
2013-12-08 21:03:12 ----D---- C:\Windows\system32\EventProviders
2013-12-08 21:03:12 ----D---- C:\Windows\system32\CodeIntegrity
2013-12-08 21:03:11 ----SD---- C:\Windows\system32\Microsoft
2013-12-08 21:03:11 ----D---- C:\Windows\Tasks
2013-12-08 21:03:11 ----D---- C:\Windows\system32\SPReview
2013-12-08 21:03:11 ----D---- C:\Windows\system32\Macromed
2013-12-08 21:03:11 ----D---- C:\Windows\system32\logishrd
2013-12-08 20:36:49 ----A---- C:\Windows\system32\themeui.dll
2013-12-08 20:36:48 ----A---- C:\Windows\system32\uxtheme.dll
2013-12-08 20:36:48 ----A---- C:\Windows\system32\themeservice.dll
2013-12-08 17:49:47 ----D---- C:\Program Files (x86)\vso
2013-12-08 17:49:42 ----D---- C:\Users\Brian_Pc\AppData\Roaming\Vso
2013-12-08 17:48:07 ----D---- C:\Windows\erdnt
2013-12-08 17:44:50 ----A---- C:\Windows\system.ini
2013-12-08 17:44:45 ----D---- C:\Windows\system32\drivers\etc
2013-12-08 17:43:11 ----D---- C:\Windows\SYSWOW64\drivers
2013-12-08 17:43:11 ----D---- C:\Windows\AppPatch
2013-12-08 17:43:10 ----D---- C:\Program Files (x86)\Common Files
2013-12-04 01:41:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-04 01:41:53 ----D---- C:\Windows\system32\en-US
2013-12-04 01:41:49 ----SD---- C:\ProgramData\Microsoft
2013-12-02 22:58:23 ----D---- C:\ProgramData\Norton
2013-11-29 18:59:50 ----D---- C:\Program Files (x86)\Google
2013-11-28 00:13:44 ----D---- C:\ProgramData\Skype
2013-11-19 03:33:38 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [2013-05-20 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [2013-05-22 1139800]
R1 A2DDA;A2 Direct Disk Access Support Driver; \??\P:\EMSISOFT\RUN\a2ddax64.sys [2013-08-19 26176]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-03 1526488]
R1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [2013-04-15 169048]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20131213.001\IDSvia64.sys [2013-12-13 521944]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\P:\Ultra Iso\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R1 SASDIFSV;SASDIFSV; \??\T:\virus scanners\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\T:\virus scanners\SASKUTIL64.SYS [2011-07-12 12368]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [2013-03-04 36952]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [2012-09-06 224416]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [2013-04-24 433752]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2013-08-15 231376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-24 10203648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-24 310784]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-07 231440]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-07-04 2484072]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUVC64;Logitech HD Webcam C310(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 MonitorFunction;Driver for Monitor; C:\Windows\system32\DRIVERS\TVMonitor.sys [2013-06-06 16376]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20131215.005\ENG64.SYS [2013-12-14 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20131215.005\EX64.SYS [2013-12-14 2099288]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-07-04 349800]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [2013-05-15 796760]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-08-22 177312]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cleanhlp;cleanhlp; \??\P:\EMSISOFT\RUN\cleanhlp64.sys [2013-12-13 57024]
S3 DIRECTIO;DIRECTIO; \??\T:\PerformanceTest\DirectIo.sys [2012-08-13 22120]
S3 lvpopf64;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys [2010-05-14 271712]
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2013-08-15 82816]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2013-06-27 79872]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S4 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-24 204288]
R2 BootRacerServ;BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [2013-08-19 67888]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 NIS;Norton Internet Security; P:\Norton Internet Security 2013\Engine\20.4.0.40\ccSvcHst.exe [2013-05-20 144368]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service; P:\Macrium Reflect\ReflectService.exe [2013-06-28 409720]
R2 SynoDrService;SynoDrService; T:\Data Replicator\SynoDrServicex64.exe [2013-04-24 381312]
R2 TeamViewer8;TeamViewer 8; P:\Teamviewer\TeamViewer_Service.exe [2013-10-01 5087584]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 UsbClientService;UsbClientService; T:\Assistant\UsbClientService.exe [2012-09-18 248704]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 BlackBerry Device Manager;BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-09-09 585728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-29 116648]
S2 SkypeUpdate;Skype Updater; P:\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-29 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-12 1255736]
S4 !SASCORE;SAS Core Service; T:\virus scanners\SASCORE64.EXE [2013-05-23 143120]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------