Logfile of random's system information tool 1.10 (written by random/random) Run by Gabrielle at 2014-07-10 14:45:14 Microsoft Windows 8.1 System drive C: has 885 GB (94%) free of 936 GB Total RAM: 8122 MB (78% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:45:19, on 10/07/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Users\Gabrielle\AppData\Local\fst_be_50\upfst_be_50.exe C:\Users\Gabrielle\AppData\Local\Google\Update\GoogleUpdate.exe C:\Users\Gabrielle\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe C:\Program Files (x86)\di4BlockAndSurf\BlockAndSurf.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\fst_be_50\fst_be_50.exe C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Gabrielle.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON14/2 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_kms&tt=na&mntrId=0263fbca52052e6150cc3f4909181e57&affID=128493&tsp=5304 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON14/2 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: BlockAndSurf - {932223CA-E363-89BE-9BD1-5CCC44FDE039} - C:\Program Files (x86)\di4BlockAndSurf\175.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [AnyProtect Scanner] "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe" O4 - HKLM\..\Run: [fst_be_50] "C:\Program Files (x86)\fst_be_50\fst_be_50.exe" O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe O4 - HKLM\..\RunOnce: [upfst_be_50.exe] C:\Users\Gabrielle\AppData\Local\fst_be_50\upfst_be_50.exe -runonce O4 - HKCU\..\Run: [Google Update] "C:\Users\Gabrielle\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Gabrielle\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart O4 - HKCU\..\Run: [buenosearch] C:\Users\Gabrielle\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe O4 - HKCU\..\Run: [BlockAndSurf] C:\Program Files (x86)\di4BlockAndSurf\BlockAndSurf.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: HP SimplePass Cachedrv Service (Cachedrv server) - Unknown owner - C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @oem21.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11513 bytes ======Listing Processes====== wininit.exe C:\Windows\system32\lsass.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe" "C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe" "dwm.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\Hpservice.exe "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost "C:\Program Files\Bonjour\mDNSResponder.exe" "c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe" dashost.exe {c34d1a70-4173-4f4d-a723cdbff4a736d7} "C:\Program Files\Intel\iCLS Client\HeciServer.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} taskhostex.exe taskeng.exe {AC7573BE-0CAA-482C-90DF-417FABBCAEDE} C:\Windows\Explorer.EXE "C:\Users\Gabrielle\AppData\Local\fst_be_50\upfst_be_50.exe" -runhelper "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe" C:\Windows\System32\skydrive.exe -Embedding "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Windows\System32\hkcmd.exe" "C:\Windows\system32\igfxsrvc.exe" -Embedding "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Users\Gabrielle\AppData\Local\Google\Update\GoogleUpdate.exe" /c "C:\Users\Gabrielle\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe" "C:\Program Files (x86)\di4BlockAndSurf\BlockAndSurf.exe" "C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe" "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s "C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "C:\Program Files (x86)\fst_be_50\fst_be_50.exe" "C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" /byrunkey "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4652.0.1074466111\160479556" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3325 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group16 pct:1g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4652.1.429728032\1162456953" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group16 pct:1g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4652.2.1567323362\531219331" /prefetch:673131151 "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group16 pct:1g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4652.4.309695163\1017213767" /prefetch:673131151 "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe" "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding C:\Windows\WinStore\WSHost.exe -Embedding C:\Windows\servicing\TrustedInstaller.exe C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17129_none_fa6387b99b0c7738\TiWorker.exe -Embedding "C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584 "C:\Users\Gabrielle\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\0623f81e-b9ca-40c6-8327-6544f405ff43-6.job - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-novainstaller.exe /jfoYNcG /JPMfn=task /aDyzL='The weDownload Manager' /XKMBz==49074 /EemsZ='000898' /pnWgC='verticals-intext,ads,pops' /ncKMMrqN='0' /cEqLz=D3F55C817334492F944EF77073FA65CDIE /jeiLtEMzq=c9b77ead35f9d3f678cec49b847e589b /tWJGcc=1_34_05_04 /FIgQJNnGY=1.34.5.4 /gOTqai=1399550122 /tfIBZGczd=http://stats.clientstaticserv.com /uBJgkTGz=http://errors.clientstaticserv.com /mdohORTKD=http://js.clientstaticserv.com /vSumDlQdJ=ch /ZZehYps /tmiKDnIfx='nova' /cremMoj='http://update.clientstaticserv.com/novacode/{CAMP_ID}/update.json' /JPMfn='task' /wOeyIuXYt='' C:\Windows\tasks\0623f81e-b9ca-40c6-8327-6544f405ff43-7.job - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-nova.exe /aDyzL='The weDownload Manager' /XKMBz==49074 /EemsZ='000898' /pnWgC='verticals-intext,ads,pops' /ncKMMrqN='0' /cEqLz=D3F55C817334492F944EF77073FA65CDIE /jeiLtEMzq=c9b77ead35f9d3f678cec49b847e589b /tWJGcc=1_34_05_04 /FIgQJNnGY=1.34.5.4 /gOTqai=1399550122 /tfIBZGczd=http://stats.clientstaticserv.com /uBJgkTGz=http://errors.clientstaticserv.com /mdohORTKD=http://js.clientstaticserv.com /vSumDlQdJ=ch /ZZehYps /tmiKDnIfx='nova' /cremMoj='http://update.clientstaticserv.com/novarun/{CAMP_ID}/update.json' /JPMfn='task' /wOeyIuXYt='' C:\Windows\tasks\APSnotifierPP1.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier2 A C:\Windows\tasks\APSnotifierPP2.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier 4 C:\Windows\tasks\APSnotifierPP3.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier 6 C:\Windows\tasks\BlockAndSurf Update.job - C:\Program Files (x86)\di4BlockAndSurf\di2BlockAndSurfb66.exe /update C:\Windows\tasks\BlockAndSurf_wd.job - C:\Program Files (x86)\di4BlockAndSurf\di6BlockAndSurfM.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2773254006-4265912764-3895464385-1001Core1cf91daee850a22.job - C:\Users\Gabrielle\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\HPCeeScheduleForGabrielle.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForGabrielle (null) ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-15 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{932223CA-E363-89BE-9BD1-5CCC44FDE039}] BlockAndSurf - C:\Program Files (x86)\di4BlockAndSurf\175.dll [2014-07-10 193536] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-15 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-11-05 7204568] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-10-25 391152] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-10-25 771056] "Persistence"=C:\Windows\system32\igfxpers.exe [2013-10-25 769520] "SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2013-10-14 2758200] "OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2013-10-14 155704] "OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2013-10-14 155704] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-26 2771184] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 3933496] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-06-24 21720] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\Gabrielle\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-27 116648] "Google+ Auto Backup"=C:\Users\Gabrielle\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-06-06 3701064] "buenosearch"=C:\Users\Gabrielle\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe [2014-07-10 543664] "BlockAndSurf"=C:\Program Files (x86)\di4BlockAndSurf\BlockAndSurf.exe [2014-07-10 130560] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-07-24 77088] "YouCam Service"=C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2013-09-02 267224] "HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-12-25 1045304] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-05-09 737872] "AnyProtect Scanner"=C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [] "fst_be_50"=C:\Program Files (x86)\fst_be_50\fst_be_50.exe [2014-07-08 3976672] "Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-07-07 189520] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "upfst_be_50.exe"=C:\Users\Gabrielle\AppData\Local\fst_be_50\upfst_be_50.exe [2014-07-08 3356128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2013-10-08 623616] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoRun"=0 "NoFolderOptions"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-07-10 14:45:15 ----D---- C:\Program Files\trend micro 2014-07-10 14:45:14 ----D---- C:\rsit 2014-07-10 13:26:21 ----D---- C:\Windows\pss 2014-07-10 13:11:05 ----A---- C:\Windows\system32\drivers\webinstr.sys 2014-07-10 13:11:04 ----D---- C:\Program Files (x86)\di4BlockAndSurf 2014-07-10 13:10:56 ----D---- C:\Program Files (x86)\fst_be_50 2014-07-10 12:46:42 ----D---- C:\Program Files (x86)\SupTab 2014-07-10 12:46:34 ----D---- C:\ProgramData\WindowsMangerProtect 2014-07-10 12:46:33 ----D---- C:\Program Files (x86)\NetCrawl 2014-07-10 12:46:04 ----D---- C:\Users\Gabrielle\AppData\Roaming\sweet-page 2014-07-10 12:45:59 ----D---- C:\Program Files (x86)\AnyProtectEx 2014-07-10 12:41:24 ----SD---- C:\Windows\system32\CompatTel 2014-07-10 12:31:32 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-07-10 12:31:30 ----D---- C:\ProgramData\DSearchLink 2014-07-10 12:30:57 ----D---- C:\Program Files (x86)\Scrivener 2014-07-04 11:33:53 ----SHD---- C:\Config.Msi 2014-07-03 17:43:10 ----D---- C:\Users\Gabrielle\AppData\Roaming\CyberLink 2014-06-21 17:37:26 ----D---- C:\Users\Gabrielle\AppData\Roaming\Notepad++ 2014-06-21 17:37:26 ----D---- C:\Program Files (x86)\Notepad++ 2014-06-14 15:14:52 ----A---- C:\Windows\system32\rdpcorets.dll 2014-06-14 15:14:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-06-14 15:14:51 ----A---- C:\Windows\system32\msxml3.dll 2014-06-14 15:14:49 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2014-06-14 15:14:49 ----A---- C:\Windows\system32\gdi32.dll 2014-06-14 15:14:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-06-14 15:14:48 ----A---- C:\Windows\system32\iertutil.dll 2014-06-14 15:14:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-06-14 15:14:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-06-14 15:14:47 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-06-14 15:14:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-06-14 15:14:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-06-14 15:14:46 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-06-14 15:14:45 ----A---- C:\Windows\system32\urlmon.dll 2014-06-14 15:14:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-06-14 15:14:44 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-06-14 15:14:44 ----A---- C:\Windows\system32\msfeeds.dll 2014-06-14 15:14:44 ----A---- C:\Windows\system32\dxtmsft.dll 2014-06-14 15:14:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-06-14 15:14:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-06-14 15:14:41 ----A---- C:\Windows\system32\mshtmled.dll 2014-06-14 15:14:41 ----A---- C:\Windows\system32\jscript9diag.dll 2014-06-14 15:14:41 ----A---- C:\Windows\system32\ieframe.dll 2014-06-14 15:14:41 ----A---- C:\Windows\system32\dxtrans.dll 2014-06-14 15:14:40 ----A---- C:\Windows\system32\jscript9.dll 2014-06-14 15:14:40 ----A---- C:\Windows\system32\ieapfltr.dll 2014-06-14 15:14:39 ----A---- C:\Windows\system32\mshtml.dll 2014-06-14 15:14:39 ----A---- C:\Windows\system32\jsproxy.dll 2014-06-14 15:14:38 ----A---- C:\Windows\system32\wininet.dll 2014-06-14 15:14:37 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-06-14 15:14:36 ----A---- C:\Windows\system32\ie4uinit.exe 2014-06-14 15:14:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-06-14 15:14:33 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-06-14 15:14:33 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2014-06-14 15:14:32 ----A---- C:\Windows\system32\drivers\ks.sys 2014-06-14 15:14:30 ----A---- C:\Windows\system32\WSShared.dll 2014-06-14 15:14:30 ----A---- C:\Windows\system32\WSReset.exe 2014-06-14 15:14:30 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-14 15:14:29 ----A---- C:\Windows\SYSWOW64\WSShared.dll 2014-06-14 15:14:29 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-14 15:14:11 ----A---- C:\Windows\SYSWOW64\twinui.dll 2014-06-14 15:14:10 ----A---- C:\Windows\SYSWOW64\shell32.dll 2014-06-14 15:14:10 ----A---- C:\Windows\system32\twinui.dll 2014-06-14 15:14:09 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll 2014-06-14 15:14:09 ----A---- C:\Windows\system32\shell32.dll 2014-06-14 15:14:08 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll 2014-06-14 15:14:07 ----A---- C:\Windows\system32\Windows.UI.Search.dll 2014-06-14 15:14:06 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll 2014-06-14 15:14:06 ----A---- C:\Windows\system32\mstscax.dll 2014-06-14 15:14:05 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll 2014-06-14 15:14:04 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll 2014-06-14 15:14:03 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-06-14 15:14:02 ----A---- C:\Windows\system32\SettingsHandlers.dll 2014-06-14 15:14:02 ----A---- C:\Windows\system32\gpsvc.dll 2014-06-14 15:14:02 ----A---- C:\Windows\system32\d3d9.dll 2014-06-14 15:14:01 ----A---- C:\Windows\SYSWOW64\d3d9.dll 2014-06-14 15:14:01 ----A---- C:\Windows\system32\SyncEngine.dll 2014-06-14 15:14:01 ----A---- C:\Windows\system32\SearchFolder.dll 2014-06-14 15:14:01 ----A---- C:\Windows\system32\ntoskrnl.exe 2014-06-14 15:14:01 ----A---- C:\Windows\system32\MFMediaEngine.dll 2014-06-14 15:14:01 ----A---- C:\Windows\system32\mfcore.dll 2014-06-14 15:14:00 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll 2014-06-14 15:14:00 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll 2014-06-14 15:14:00 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll 2014-06-14 15:14:00 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll 2014-06-14 15:14:00 ----A---- C:\Windows\SYSWOW64\mfcore.dll 2014-06-14 15:14:00 ----A---- C:\Windows\system32\Windows.Media.dll 2014-06-14 15:14:00 ----A---- C:\Windows\system32\win32k.sys 2014-06-14 15:14:00 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll 2014-06-14 15:14:00 ----A---- C:\Windows\system32\lsasrv.dll 2014-06-14 15:14:00 ----A---- C:\Windows\system32\localspl.dll 2014-06-14 15:13:59 ----AC---- C:\Windows\system32\drivers\bthport.sys 2014-06-14 15:13:59 ----A---- C:\Windows\SYSWOW64\mfsvr.dll 2014-06-14 15:13:59 ----A---- C:\Windows\system32\workfolderssvc.dll 2014-06-14 15:13:59 ----A---- C:\Windows\system32\wmpmde.dll 2014-06-14 15:13:59 ----A---- C:\Windows\system32\winmde.dll 2014-06-14 15:13:59 ----A---- C:\Windows\system32\mfsvr.dll 2014-06-14 15:13:58 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2014-06-14 15:13:58 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll 2014-06-14 15:13:58 ----A---- C:\Windows\system32\services.exe 2014-06-14 15:13:58 ----A---- C:\Windows\system32\GeofenceMonitorService.dll 2014-06-14 15:13:58 ----A---- C:\Windows\system32\drivers\afd.sys 2014-06-14 15:13:58 ----A---- C:\Windows\system32\AUDIOKSE.dll 2014-06-14 15:13:57 ----AC---- C:\Windows\system32\drivers\volsnap.sys 2014-06-14 15:13:57 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll 2014-06-14 15:13:57 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll 2014-06-14 15:13:57 ----A---- C:\Windows\system32\srvsvc.dll 2014-06-14 15:13:57 ----A---- C:\Windows\system32\MDEServer.exe 2014-06-14 15:13:57 ----A---- C:\Windows\system32\drivers\srv2.sys 2014-06-14 15:13:57 ----A---- C:\Windows\system32\drivers\nwifi.sys 2014-06-14 15:13:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2014-06-14 15:13:56 ----A---- C:\Windows\SYSWOW64\winmde.dll 2014-06-14 15:13:56 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll 2014-06-14 15:13:56 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2014-06-14 15:13:56 ----A---- C:\Windows\system32\win32spl.dll 2014-06-14 15:13:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2014-06-14 15:13:55 ----AC---- C:\Windows\system32\drivers\spaceport.sys 2014-06-14 15:13:55 ----AC---- C:\Windows\system32\drivers\msiscsi.sys 2014-06-14 15:13:55 ----AC---- C:\Windows\system32\drivers\hdaudbus.sys 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\rpchttp.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\rdpencom.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\propsys.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\MSVideoDSP.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\mfplat.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\MFCaptureEngine.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\mf.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\gpapi.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\dwmapi.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\clusapi.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2014-06-14 15:13:55 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\wscsvc.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\wintrust.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\VSSVC.exe 2014-06-14 15:13:55 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe 2014-06-14 15:13:55 ----A---- C:\Windows\system32\swprv.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\rpchttp.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\resutils.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\rdpencom.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\propsys.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\ploptin.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\MSVideoDSP.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\mfps.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\mfpmp.exe 2014-06-14 15:13:55 ----A---- C:\Windows\system32\mfplat.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\MFCaptureEngine.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\mf.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\gpapi.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\energyprov.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\dwmapi.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\drivers\storport.sys 2014-06-14 15:13:55 ----A---- C:\Windows\system32\drivers\srvnet.sys 2014-06-14 15:13:55 ----A---- C:\Windows\system32\drivers\fvevol.sys 2014-06-14 15:13:55 ----A---- C:\Windows\system32\drivers\fltMgr.sys 2014-06-14 15:13:55 ----A---- C:\Windows\system32\drivers\Classpnp.sys 2014-06-14 15:13:55 ----A---- C:\Windows\system32\defragsvc.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\clusapi.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\audiosrv.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\AudioSes.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\AudioEng.dll 2014-06-14 15:13:55 ----A---- C:\Windows\system32\audiodg.exe 2014-06-14 15:13:54 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll 2014-06-14 15:13:54 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll 2014-06-14 15:13:54 ----A---- C:\Windows\SYSWOW64\wlanapi.dll 2014-06-14 15:13:54 ----A---- C:\Windows\SYSWOW64\tlscsp.dll 2014-06-14 15:13:54 ----A---- C:\Windows\SYSWOW64\srclient.dll 2014-06-14 15:13:54 ----A---- C:\Windows\SYSWOW64\resutils.dll 2014-06-14 15:13:54 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll 2014-06-14 15:13:54 ----A---- C:\Windows\SYSWOW64\mispace.dll 2014-06-14 15:13:54 ----A---- C:\Windows\SYSWOW64\d3d8thk.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\WorkFoldersShell.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\WorkfoldersControl.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\wlansvc.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\wlansec.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\wlanmsm.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\wlanhlp.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\wlanapi.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\tsgqec.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\tlscsp.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\SystemSettingsAdminFlowUI.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\srcore.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\srclient.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\SkyDrive.exe 2014-06-14 15:13:54 ----A---- C:\Windows\system32\rstrui.exe 2014-06-14 15:13:54 ----A---- C:\Windows\system32\rdvidcrl.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\mispace.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\BootMenuUX.dll 2014-06-14 15:13:54 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll 2014-06-14 15:13:26 ----A---- C:\Windows\SYSWOW64\DWrite.dll 2014-06-14 15:13:26 ----A---- C:\Windows\SYSWOW64\drvinst.exe 2014-06-14 15:13:26 ----A---- C:\Windows\system32\FntCache.dll 2014-06-14 15:13:26 ----A---- C:\Windows\system32\DWrite.dll 2014-06-14 15:13:26 ----A---- C:\Windows\system32\drvinst.exe 2014-06-14 15:13:26 ----A---- C:\Windows\system32\drvcfg.exe 2014-06-14 15:13:25 ----A---- C:\Windows\SYSWOW64\Wpc.dll 2014-06-14 15:13:25 ----A---- C:\Windows\system32\WpcWebSync.dll 2014-06-14 15:13:25 ----A---- C:\Windows\system32\WpcMon.exe 2014-06-14 15:13:25 ----A---- C:\Windows\system32\wpccpl.dll 2014-06-14 15:13:25 ----A---- C:\Windows\system32\Wpc.dll 2014-06-14 15:13:24 ----A---- C:\Windows\system32\drivers\wpcfltr.sys 2014-06-14 15:12:22 ----A---- C:\Windows\SYSWOW64\tsgqec.dll 2014-06-14 15:11:45 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-06-14 15:11:45 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-06-14 15:11:42 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-06-14 15:11:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-06-14 15:11:42 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-06-14 15:11:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-06-14 15:11:41 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-06-14 15:11:41 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-06-14 15:11:41 ----A---- C:\Windows\system32\ieUnatt.exe 2014-06-14 15:11:41 ----A---- C:\Windows\system32\iesetup.dll 2014-06-14 15:11:41 ----A---- C:\Windows\system32\iernonce.dll 2014-06-14 15:11:40 ----A---- C:\Windows\system32\msrating.dll ======List of files/folders modified in the last 1 month====== 2014-07-10 14:45:15 ----RD---- C:\Program Files 2014-07-10 14:44:06 ----D---- C:\Windows\Prefetch 2014-07-10 14:42:00 ----D---- C:\Windows\Temp 2014-07-10 14:34:41 ----RD---- C:\Program Files (x86) 2014-07-10 14:28:30 ----D---- C:\ProgramData\Package Cache 2014-07-10 14:28:29 ----SHD---- C:\Windows\Installer 2014-07-10 14:28:25 ----D---- C:\Windows\SysWOW64 2014-07-10 14:28:25 ----D---- C:\Program Files (x86)\Avira 2014-07-10 14:08:58 ----RD---- C:\Windows\System32 2014-07-10 14:08:58 ----D---- C:\Windows\Inf 2014-07-10 14:08:58 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-07-10 13:26:21 ----D---- C:\Windows 2014-07-10 13:20:03 ----D---- C:\Windows\CbsTemp 2014-07-10 13:14:04 ----D---- C:\Windows\system32\config 2014-07-10 13:13:12 ----D---- C:\Windows\Tasks 2014-07-10 13:11:06 ----D---- C:\Windows\system32\drivers 2014-07-10 13:11:04 ----HD---- C:\Windows\system32\GroupPolicy 2014-07-10 13:11:04 ----HD---- C:\ProgramData 2014-07-10 13:11:04 ----D---- C:\Windows\SYSWOW64\GroupPolicy 2014-07-10 13:10:49 ----D---- C:\Windows\system32\catroot2 2014-07-10 13:04:53 ----D---- C:\Windows\WinSxS 2014-07-10 13:04:51 ----D---- C:\Windows\system32\wbem 2014-07-10 13:04:07 ----D---- C:\Windows\WinStore 2014-07-10 13:04:07 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-07-10 13:04:07 ----D---- C:\Windows\system32\nl-NL 2014-07-10 13:04:07 ----D---- C:\Program Files\Windows Journal 2014-07-10 13:04:07 ----D---- C:\Program Files\Internet Explorer 2014-07-10 13:04:07 ----D---- C:\Program Files (x86)\Internet Explorer 2014-07-10 13:04:04 ----RD---- C:\Windows\ToastData 2014-07-10 13:04:04 ----D---- C:\Windows\system32\Tasks 2014-07-10 13:04:04 ----D---- C:\Windows\system32\CodeIntegrity 2014-07-10 13:01:53 ----HD---- C:\Program Files\WindowsApps 2014-07-10 12:58:33 ----D---- C:\Windows\registration 2014-07-10 12:58:15 ----D---- C:\Windows\system32\Sysprep 2014-07-10 12:55:48 ----SHD---- C:\System Volume Information 2014-07-10 12:54:45 ----D---- C:\Windows\Logs 2014-07-10 12:40:47 ----D---- C:\Windows\system32\MRT 2014-07-10 12:00:00 ----D---- C:\Windows\system32\sru 2014-07-09 21:22:05 ----D---- C:\Windows\Microsoft.NET 2014-07-09 17:32:57 ----D---- C:\Windows\AppReadiness 2014-07-07 21:51:12 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-07-03 17:43:15 ----D---- C:\ProgramData\CyberLink 2014-07-03 14:10:25 ----SHD---- C:\$Recycle.Bin 2014-06-27 09:37:51 ----D---- C:\Program Files (x86)\Google 2014-06-27 09:35:02 ----D---- C:\Windows\system32\drivers\UMDF 2014-06-18 21:54:23 ----D---- C:\Windows\rescache 2014-06-18 12:57:57 ----D---- C:\Windows\system32\DriverStore 2014-06-15 21:18:57 ----D---- C:\Windows\SYSWOW64\migration 2014-06-15 21:18:55 ----D---- C:\Windows\system32\migration 2014-06-15 21:18:47 ----RD---- C:\Windows\ImmersiveControlPanel 2014-06-15 21:18:47 ----D---- C:\Windows\system32\oobe 2014-06-15 21:18:47 ----D---- C:\Windows\system32\drivers\nl-NL 2014-06-14 19:57:57 ----A---- C:\Windows\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;@oem21.inf,%service_desc%;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2013-07-23 30520] R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-16 644968] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-05-09 130584] R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-05-09 28600] R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712] R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [2014-05-18 36240] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2013-08-22 71680] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-05-09 112080] R3 Accelerometer;@oem21.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2013-07-23 43320] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2013-08-22 118272] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920] R3 clwvd;@oem23.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2013-03-05 41408] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-08 4187648] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-06 3707864] R3 iwdbus;@oem15.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-10-03 27032] R3 MEIx64;@oem7.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288] R3 netr28x;@oem26.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-11-26 2483376] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424] R3 rtbth;@oem24.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\Windows\System32\drivers\rtbth.sys [2013-12-02 1204424] R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-08-16 830680] R3 RTSPER;@oem9.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2013-08-22 429272] R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-07-26 34544] R3 SynTP;@oem6.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-07-26 524016] R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2013-08-22 36864] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2014-04-11 1200128] S3 intaud_WaveExtensible;@oem14.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-10-03 39320] S3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-10-08 449528] S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-07-26 30448] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-05-09 430160] R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2013-08-22 37768] R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-07-07 141392] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 Cachedrv server; HP SimplePass Cachedrv Service; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [2013-10-14 109568] R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-10-18 77576] R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-10-18 298760] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-12-16 92160] R2 hpsrv;@oem21.inf,%hpservice_desc%;HP Service; C:\Windows\system32\Hpservice.exe [2013-07-23 43320] R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-12-25 1039160] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-22 15720] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696] R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616] R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2013-10-14 87552] R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-10-17 289496] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-09-10 1129760] S2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-05-09 430160] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27 116648] S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784] S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-10-25 279024] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-23 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27 116648] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120] S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232] S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2013-08-22 37768] S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2013-08-22 37768] S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-05-09 1039952] S4 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-04-08 2470688] -----------------EOF-----------------