Logfile of random's system information tool 1.10 (written by random/random) Run by user at 2014-11-19 19:01:47 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 79 GB (65%) free of 123 GB Total RAM: 4008 MB (59% free) ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\windows\system32\services.exe winlogon.exe C:\windows\system32\lsass.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 1860 "taskhost.exe" "C:\windows\system32\Dwm.exe" C:\windows\Explorer.EXE "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" C:\windows\system32\SearchIndexer.exe /Embedding C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4d35baf0-4327-4f0f-bdf5-b252ca52a808 -SystemEventPortName:HostProcess-2ee166b4-f6ef-4ce2-8b0d-a7f378518b59 -IoCancelEventPortName:HostProcess-152b8729-1e3d-40df-8279-14cab4bba019 -NonStateChangingEventPortName:HostProcess-36b8d2d4-d550-4f86-b8c1-c686e010c206 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7ba7ea12-07ec-44fe-98b1-e390cf4e4131 -DeviceGroupId:WpdFsGroup C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1928 CREDAT:791904 /prefetch:2 "C:\windows\System32\MsSpellCheckingFacility.exe" -Embedding "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1928 CREDAT:3872089 /prefetch:2 C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\wbem\wmiprvse.exe "C:\Program Files\trend micro\user.exe" /silentautolog taskmgr.exe /3 C:\windows\System32\svchost.exe -k WerSvcGroup "C:\Users\user\Desktop\RSITx64.exe" C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =========Mozilla firefox========= ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgm9jccl.default prefs.js - "browser.search.useDBForOrder" - false prefs.js - "browser.startup.homepage" - "http://www.google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.223 Plugin "Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.223 Plugin "Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-08-15 7288424] "IgfxTray"=C:\windows\system32\igfxtray.exe [2012-03-20 170264] "HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-03-20 398616] "Persistence"=C:\windows\system32\igfxpers.exe [2012-03-20 439064] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 2417032] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2014-01-21 4411952] "vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\windows\system32\igfxdev.dll [2012-03-20 434688] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-11-19 18:58:18 ----D---- C:\rsit 2014-11-19 18:58:18 ----D---- C:\Program Files\trend micro 2014-11-19 17:58:38 ----D---- C:\Program Files (x86)\Trend Micro 2014-11-18 23:02:09 ----A---- C:\windows\SYSWOW64\pku2u.dll 2014-11-18 23:02:09 ----A---- C:\windows\SYSWOW64\kerberos.dll 2014-11-18 23:02:09 ----A---- C:\windows\system32\pku2u.dll 2014-11-18 23:02:09 ----A---- C:\windows\system32\kerberos.dll 2014-11-17 19:02:01 ----D---- C:\Users\user\AppData\Roaming\Panda Security 2014-11-17 18:13:23 ----D---- C:\Program Files (x86)\Panda Security 2014-11-17 18:06:43 ----D---- C:\ProgramData\Panda Security 2014-11-17 17:24:12 ----A---- C:\windows\system32\drivers\aswStm.sys 2014-11-17 17:24:11 ----A---- C:\windows\system32\drivers\aswVmm.sys 2014-11-17 17:24:10 ----A---- C:\windows\system32\drivers\aswSP.sys 2014-11-17 17:24:10 ----A---- C:\windows\system32\drivers\aswRvrt.sys 2014-11-17 17:24:09 ----A---- C:\windows\system32\drivers\aswMonFlt.sys 2014-11-17 17:24:08 ----A---- C:\windows\system32\drivers\aswHwid.sys 2014-11-17 17:24:06 ----A---- C:\windows\system32\drivers\aswRdr2.sys 2014-11-17 17:24:02 ----A---- C:\windows\system32\drivers\aswSnx.sys 2014-11-17 17:24:02 ----A---- C:\windows\system32\drivers\aswKbd.sys 2014-11-17 17:24:00 ----A---- C:\windows\system32\aswBoot.exe 2014-11-17 17:23:52 ----A---- C:\windows\avastSS.scr 2014-11-17 17:22:41 ----D---- C:\Program Files\AVAST Software 2014-11-14 18:05:18 ----A---- C:\windows\ntbtlog.txt 2014-11-14 00:40:04 ----A---- C:\windows\system32\generaltel.dll 2014-11-14 00:40:04 ----A---- C:\windows\system32\aepdu.dll 2014-11-14 00:40:03 ----A---- C:\windows\system32\aeinv.dll 2014-11-14 00:40:02 ----A---- C:\windows\SYSWOW64\sspicli.dll 2014-11-14 00:40:02 ----A---- C:\windows\SYSWOW64\secur32.dll 2014-11-14 00:40:02 ----A---- C:\windows\SYSWOW64\msaudite.dll 2014-11-14 00:40:02 ----A---- C:\windows\SYSWOW64\adtschema.dll 2014-11-14 00:40:02 ----A---- C:\windows\system32\termsrv.dll 2014-11-14 00:40:02 ----A---- C:\windows\system32\msaudite.dll 2014-11-14 00:40:02 ----A---- C:\windows\system32\lsasrv.dll 2014-11-14 00:40:02 ----A---- C:\windows\system32\drivers\ksecpkg.sys 2014-11-14 00:40:02 ----A---- C:\windows\system32\adtschema.dll 2014-11-14 00:39:58 ----A---- C:\windows\SYSWOW64\urlmon.dll 2014-11-14 00:39:58 ----A---- C:\windows\SYSWOW64\mshtmled.dll 2014-11-14 00:39:58 ----A---- C:\windows\SYSWOW64\mshtml.dll 2014-11-14 00:39:58 ----A---- C:\windows\SYSWOW64\msfeeds.dll 2014-11-14 00:39:58 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-11-14 00:39:58 ----A---- C:\windows\SYSWOW64\iernonce.dll 2014-11-14 00:39:58 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll 2014-11-14 00:39:58 ----A---- C:\windows\SYSWOW64\iedkcs32.dll 2014-11-14 00:39:58 ----A---- C:\windows\SYSWOW64\dxtrans.dll 2014-11-14 00:39:58 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll 2014-11-14 00:39:58 ----A---- C:\windows\system32\iernonce.dll 2014-11-14 00:39:58 ----A---- C:\windows\system32\ieetwproxystub.dll 2014-11-14 00:39:58 ----A---- C:\windows\system32\ieetwcollector.exe 2014-11-14 00:39:58 ----A---- C:\windows\system32\ie4uinit.exe 2014-11-14 00:39:57 ----A---- C:\windows\SYSWOW64\iesetup.dll 2014-11-14 00:39:57 ----A---- C:\windows\SYSWOW64\iertutil.dll 2014-11-14 00:39:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll 2014-11-14 00:39:57 ----A---- C:\windows\system32\urlmon.dll 2014-11-14 00:39:57 ----A---- C:\windows\system32\iedkcs32.dll 2014-11-14 00:39:56 ----A---- C:\windows\SYSWOW64\jsproxy.dll 2014-11-14 00:39:56 ----A---- C:\windows\SYSWOW64\jscript9diag.dll 2014-11-14 00:39:56 ----A---- C:\windows\SYSWOW64\ieUnatt.exe 2014-11-14 00:39:56 ----A---- C:\windows\SYSWOW64\ieui.dll 2014-11-14 00:39:56 ----A---- C:\windows\SYSWOW64\ieframe.dll 2014-11-14 00:39:56 ----A---- C:\windows\SYSWOW64\dxtmsft.dll 2014-11-14 00:39:56 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe 2014-11-14 00:39:56 ----A---- C:\windows\system32\msfeeds.dll 2014-11-14 00:39:56 ----A---- C:\windows\system32\iesetup.dll 2014-11-14 00:39:56 ----A---- C:\windows\system32\ieetwcollectorres.dll 2014-11-14 00:39:56 ----A---- C:\windows\system32\dxtrans.dll 2014-11-14 00:39:55 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll 2014-11-14 00:39:55 ----A---- C:\windows\SYSWOW64\jscript9.dll 2014-11-14 00:39:55 ----A---- C:\windows\system32\iertutil.dll 2014-11-14 00:39:55 ----A---- C:\windows\system32\ieapfltr.dll 2014-11-14 00:39:54 ----A---- C:\windows\SYSWOW64\wininet.dll 2014-11-14 00:39:54 ----A---- C:\windows\SYSWOW64\vbscript.dll 2014-11-14 00:39:54 ----A---- C:\windows\SYSWOW64\msrating.dll 2014-11-14 00:39:54 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll 2014-11-14 00:39:54 ----A---- C:\windows\system32\jsproxy.dll 2014-11-14 00:39:54 ----A---- C:\windows\system32\ieUnatt.exe 2014-11-14 00:39:54 ----A---- C:\windows\system32\ieui.dll 2014-11-14 00:39:54 ----A---- C:\windows\system32\ieframe.dll 2014-11-14 00:39:54 ----A---- C:\windows\system32\dxtmsft.dll 2014-11-14 00:39:53 ----A---- C:\windows\system32\vbscript.dll 2014-11-14 00:39:53 ----A---- C:\windows\system32\mshtmlmedia.dll 2014-11-14 00:39:53 ----A---- C:\windows\system32\mshtmled.dll 2014-11-14 00:39:53 ----A---- C:\windows\system32\jscript9diag.dll 2014-11-14 00:39:53 ----A---- C:\windows\system32\jscript9.dll 2014-11-14 00:39:52 ----A---- C:\windows\system32\wininet.dll 2014-11-14 00:39:52 ----A---- C:\windows\system32\msrating.dll 2014-11-14 00:39:52 ----A---- C:\windows\system32\MshtmlDac.dll 2014-11-14 00:39:52 ----A---- C:\windows\system32\mshtml.dll 2014-11-14 00:39:04 ----A---- C:\windows\SYSWOW64\msxml3r.dll 2014-11-14 00:39:04 ----A---- C:\windows\SYSWOW64\msxml3.dll 2014-11-14 00:39:04 ----A---- C:\windows\system32\msxml3r.dll 2014-11-14 00:39:04 ----A---- C:\windows\system32\msxml3.dll 2014-11-14 00:39:02 ----A---- C:\windows\SYSWOW64\IMJP10K.DLL 2014-11-14 00:39:02 ----A---- C:\windows\system32\IMJP10K.DLL 2014-11-14 00:39:00 ----A---- C:\windows\SYSWOW64\AudioSes.dll 2014-11-14 00:39:00 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll 2014-11-14 00:39:00 ----A---- C:\windows\SYSWOW64\AudioEng.dll 2014-11-14 00:39:00 ----A---- C:\windows\system32\EncDump.dll 2014-11-14 00:39:00 ----A---- C:\windows\system32\audiosrv.dll 2014-11-14 00:39:00 ----A---- C:\windows\system32\AudioSes.dll 2014-11-14 00:39:00 ----A---- C:\windows\system32\AUDIOKSE.dll 2014-11-14 00:39:00 ----A---- C:\windows\system32\AudioEng.dll 2014-11-14 00:38:56 ----A---- C:\windows\SYSWOW64\wdigest.dll 2014-11-14 00:38:56 ----A---- C:\windows\SYSWOW64\TSpkg.dll 2014-11-14 00:38:56 ----A---- C:\windows\SYSWOW64\schannel.dll 2014-11-14 00:38:56 ----A---- C:\windows\SYSWOW64\ncrypt.dll 2014-11-14 00:38:56 ----A---- C:\windows\SYSWOW64\msv1_0.dll 2014-11-14 00:38:56 ----A---- C:\windows\SYSWOW64\credssp.dll 2014-11-14 00:38:56 ----A---- C:\windows\system32\wdigest.dll 2014-11-14 00:38:56 ----A---- C:\windows\system32\TSpkg.dll 2014-11-14 00:38:56 ----A---- C:\windows\system32\schannel.dll 2014-11-14 00:38:56 ----A---- C:\windows\system32\ncrypt.dll 2014-11-14 00:38:56 ----A---- C:\windows\system32\msv1_0.dll 2014-11-14 00:38:56 ----A---- C:\windows\system32\credssp.dll 2014-11-14 00:38:46 ----A---- C:\windows\SYSWOW64\packager.dll 2014-11-14 00:38:46 ----A---- C:\windows\system32\win32k.sys 2014-11-14 00:38:46 ----A---- C:\windows\system32\packager.dll 2014-11-14 00:37:29 ----A---- C:\windows\system32\msi.dll 2014-11-14 00:37:28 ----A---- C:\windows\SYSWOW64\msi.dll 2014-11-14 00:37:25 ----A---- C:\windows\SYSWOW64\oleaut32.dll 2014-11-14 00:37:25 ----A---- C:\windows\system32\oleaut32.dll 2014-11-14 00:17:09 ----D---- C:\Users\user\AppData\Roaming\AVAST Software 2014-11-13 23:59:36 ----D---- C:\ProgramData\AVAST Software 2014-11-13 22:59:07 ----D---- C:\ProgramData\AVG2015 2014-11-13 18:00:16 ----D---- C:\AdwCleaner 2014-11-11 11:56:08 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-10-26 16:55:47 ----SHD---- C:\found.001 ======List of files/folders modified in the last 1 month====== 2014-11-19 19:01:28 ----D---- C:\windows\Prefetch 2014-11-19 18:58:18 ----RD---- C:\Program Files 2014-11-19 18:28:10 ----SD---- C:\Users\user\AppData\Roaming\Microsoft 2014-11-19 18:23:08 ----D---- C:\windows\Temp 2014-11-19 18:06:57 ----D---- C:\windows\system32\config 2014-11-19 18:00:47 ----D---- C:\windows\System32 2014-11-19 18:00:47 ----D---- C:\windows\inf 2014-11-19 18:00:47 ----A---- C:\windows\system32\PerfStringBackup.INI 2014-11-19 17:58:39 ----SHD---- C:\windows\Installer 2014-11-19 17:58:38 ----RD---- C:\Program Files (x86) 2014-11-19 17:58:27 ----SHD---- C:\System Volume Information 2014-11-19 15:39:03 ----D---- C:\windows\rescache 2014-11-19 15:09:09 ----D---- C:\windows\Microsoft.NET 2014-11-19 15:08:51 ----RSD---- C:\windows\assembly 2014-11-19 14:38:40 ----D---- C:\windows\winsxs 2014-11-19 14:36:59 ----SD---- C:\windows\system32\CompatTel 2014-11-19 14:36:58 ----D---- C:\windows\SYSWOW64\nl-NL 2014-11-19 14:36:58 ----D---- C:\windows\SysWOW64 2014-11-19 14:36:58 ----D---- C:\windows\system32\nl-NL 2014-11-19 14:36:58 ----D---- C:\Program Files\Internet Explorer 2014-11-19 14:36:57 ----D---- C:\windows\SYSWOW64\en-US 2014-11-19 14:36:57 ----D---- C:\windows\system32\en-US 2014-11-19 14:36:57 ----D---- C:\Program Files (x86)\Internet Explorer 2014-11-19 13:21:36 ----D---- C:\windows\system32\drivers 2014-11-18 22:53:37 ----D---- C:\windows\system32\wbem 2014-11-18 22:53:37 ----D---- C:\Windows 2014-11-18 22:52:59 ----D---- C:\windows\registration 2014-11-18 22:48:09 ----D---- C:\windows\Tasks 2014-11-18 22:48:09 ----D---- C:\windows\system32\wfp 2014-11-18 22:45:57 ----D---- C:\windows\system32\DriverStore 2014-11-18 22:45:57 ----D---- C:\windows\system32\catroot2 2014-11-18 22:45:52 ----HD---- C:\ProgramData 2014-11-18 22:45:52 ----D---- C:\ProgramData\MFAData 2014-11-18 22:45:52 ----D---- C:\ProgramData\McAfee Security Scan 2014-11-18 22:45:52 ----D---- C:\Program Files\McAfee Security Scan 2014-11-18 22:44:12 ----D---- C:\Program Files (x86)\AVG 2014-11-17 23:03:39 ----D---- C:\windows\debug 2014-11-17 17:24:40 ----D---- C:\windows\system32\catroot 2014-11-17 17:24:17 ----D---- C:\windows\system32\Tasks 2014-11-14 01:43:09 ----D---- C:\windows\system32\MRT 2014-11-14 01:41:48 ----A---- C:\windows\system32\MRT.exe 2014-11-14 01:26:09 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe 2014-11-14 00:30:31 ----D---- C:\windows\PolicyDefinitions 2014-11-14 00:30:30 ----D---- C:\windows\system32\Macromed 2014-11-14 00:30:30 ----D---- C:\windows\system32\CodeIntegrity 2014-11-14 00:30:30 ----D---- C:\Users\user\AppData\Roaming\AVG2013 2014-11-14 00:30:30 ----D---- C:\ProgramData\AVG2013 2014-11-14 00:30:30 ----D---- C:\ProgramData\AVG Web TuneUp 2014-11-14 00:30:30 ----D---- C:\ProgramData\AVG Secure Search 2014-11-14 00:30:30 ----D---- C:\Program Files\Common Files\Microsoft Shared 2014-11-14 00:30:30 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-14 00:30:29 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-14 00:30:29 ----D---- C:\Program Files (x86)\Common Files 2014-11-12 20:39:37 ----D---- C:\windows\SoftwareDistribution ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480] R0 Avgloga;AVG Logging Driver; C:\windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx64.sys [2013-10-23 45880] R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 246072] R1 Avgtdia;AVG TDI Driver; C:\windows\system32\DRIVERS\avgtdia.sys [2014-04-15 240952] R1 avgtp;avgtp; \??\C:\windows\system32\drivers\avgtpx64.sys [2014-08-30 50976] R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-03-20 14745600] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360] R3 MBfilt;MBfilt; C:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344] R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] S1 Avgldx64;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648] S3 dc3d;MS Hardware Device Detection Driver; C:\windows\system32\drivers\dc3d.sys [2011-08-01 52584] S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488] S3 NuidFltr;NUID filter driver; C:\windows\system32\drivers\NuidFltr.sys [2011-08-01 23960] S3 Point64;Microsoft IntelliPoint Filter Driver; C:\windows\system32\drivers\point64.sys [2011-08-01 45416] S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [2014-08-30 1843736] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312] S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 LiveSafer;@C:\Program Files\LiveSafer\LiveSaferRes.dll,-149; C:\Program Files\LiveSafer\LiveSafer.exe [2012-06-18 125352] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-14 267440] S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-20 276248] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-11-06 114688] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-11 114288] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-06-18 1255736] S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------