Logfile of random's system information tool 1.10 (written by random/random) Run by Marnick at 2015-01-25 14:17:07 Microsoft Windows 8.1 Pro System drive C: has 10 GB (17%) free of 61 GB Total RAM: 7757 MB (71% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:17:14, on 25/01/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17416) Boot mode: Normal Running processes: C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Puush\puush.exe D:\Steam\Steam.exe C:\Program Files (x86)\QuiteRSS\QuiteRSS.exe D:\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\RedshiftGUI\redshiftgui.exe C:\Program Files (x86)\WizMouse\wizmouse.exe C:\Program Files (x86)\POP Peeper\POPPeeper.exe C:\Program Files (x86)\Kalender\Kalender.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Tools\DiskLED\Disk0\DiskLED.exe C:\Tools\DiskLED\Disk1\DiskLED.exe C:\Program Files (x86)\Ethervane\Echo\ethervaneecho.exe C:\Program Files (x86)\Find And Run Robot\FindAndRunRobot.exe C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe C:\Program Files (x86)\Minibin\MiniBin.exe C:\Users\Marnick\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Gridmove\GridMove.exe C:\Program Files (x86)\Processtamer\ProcessTamerTray.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\AnalogX\Maxmem\maxmem.exe C:\Program Files (x86)\Trillian\trillian.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\Marnick.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O4 - HKLM\..\Run: [MiniBin] C:\Program Files (x86)\Minibin\MiniBin.exe O4 - HKLM\..\Run: [Gridmove] C:\Program Files (x86)\Gridmove\GridMove.exe O4 - HKLM\..\Run: [ProcessTamer] C:\Program Files (x86)\Processtamer\ProcessTamerTray.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [puush] C:\Program Files (x86)\Puush\puush.exe O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [QuiteRSS] C:\Program Files (x86)\QuiteRSS\QuiteRSS.exe O4 - HKCU\..\Run: [RedshiftGUI] C:\Program Files (x86)\RedshiftGUI\redshiftgui.exe O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min O4 - HKCU\..\Run: [SuperF4] "C:\Tools\SuperF4\SuperF4.exe" O4 - HKCU\..\Run: [Kalender] C:\Program Files (x86)\Kalender\Kalender.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Meminfo] :"C:\Program Files (x86)\Meminfo\meminfo.exe" O4 - HKCU\..\Run: [Pidgin] :"C:\Program Files (x86)\Pidgin\pidgin.exe" O4 - HKCU\..\Run: [PerfMon] :C:\Program Files (x86)\PerfMon4x\PerfMon.exe O4 - HKCU\..\Run: [CPU] :"C:\Tools\DiskLED\CPU\DiskLED.exe" O4 - HKCU\..\Run: [Disk0] "C:\Tools\DiskLED\Disk0\DiskLED.exe" O4 - HKCU\..\Run: [Disk1] "C:\Tools\DiskLED\Disk1\DiskLED.exe" O4 - HKCU\..\Run: [Ethervane] "C:\Program Files (x86)\Ethervane\Echo\ethervaneecho.exe" O4 - HKCU\..\Run: [FARR] "C:\Program Files (x86)\Find And Run Robot\FindAndRunRobot.exe" O4 - HKCU\..\Run: [Miniweb] :"C:\Tools\NTWind\Hidden Start\hstart.exe" /NOCONSOLE "C:\Tools\Miniweb\miniweb.exe" O4 - HKCU\..\Run: [Networkup] "C:\Tools\DiskLED\NetworkUp\DiskLED.exe" O4 - HKCU\..\Run: [Networkdown] "C:\Tools\DiskLED\NetworkDown\DiskLED.exe" O4 - HKCU\..\Run: [VirtuaWin] :"C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe" O4 - HKCU\..\Run: [Rainmeter] :"C:\Program Files\Rainmeter\Rainmeter.exe" O4 - HKCU\..\Run: [7 Taskbar Tweaker] "C:\Users\Marnick\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd O4 - HKCU\..\Run: [Mediakeys] "E:\Scripts\AHK\Mediakeys.ahk" O4 - HKCU\..\Run: [RBTray] :"C:\Tools\RBTray 4.1\64bit\RBTray.exe" O4 - HKCU\..\Run: [Thunderbird] :"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" O4 - Startup: Dropbox.lnk = Marnick\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Maxmem.lnk = C:\Program Files (x86)\AnalogX\Maxmem\maxmem.exe O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.1.0\ABService.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: DirMngr - Unknown owner - C:\Program Files (x86)\GNU\GNUPG\dirmngr.exe O23 - Service: Encrypting File System (EFS) (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Everything - Unknown owner - C:\Program Files\Everything\Everything.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @oem50.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: ImDisk Virtual Disk Driver Helper (ImDskSvc) - Unknown owner - C:\Windows\system32\imdsksvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\unsignedthemes.exe O23 - Service: @oem26.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing) O23 - Service: @oem26.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\Windows\system32\valWbioSyncSvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 10932 bytes ======Listing Processes====== wininit.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS "dwm.exe" C:\Windows\system32\ibmpmsvc.exe "C:\Windows\system32\nvvsvc.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\unsignedthemes.exe "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-57bd4396-a13e-434d-84b0-39489b2d5a47 -SystemEventPortName:HostProcess-12c1bfc1-174e-4855-91a1-88e3b8355944 -IoCancelEventPortName:HostProcess-d1c816de-6dbf-4b21-a52a-e20dc607e29f -NonStateChangingEventPortName:HostProcess-2a96e79d-b50c-494d-a649-9fec0bfd703a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b437d148-17ce-47fb-989a-c9a8a4786019 -DeviceGroupId:WudfDefaultDevicePool "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f000d37f-89ec-4b98-a06b-b55fb666481e -SystemEventPortName:HostProcess-59ac741e-5df6-4d46-b1d7-6e90023eba8c -IoCancelEventPortName:HostProcess-9c416a90-34d7-4a99-9fee-143ca3eea2d5 -NonStateChangingEventPortName:HostProcess-b3373d48-5a13-422c-8a60-d8994a6025ff -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:980d9bb4-e54d-49b3-8fb3-0ab119b2ed42 -DeviceGroupId: "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f30d1081-5b17-44af-b69b-a859f1c1b063 -SystemEventPortName:HostProcess-2b425df4-aec7-4006-920b-71d76f3ab93c -IoCancelEventPortName:HostProcess-4c53de61-d130-44d7-84a7-a64b0f3c90c2 -NonStateChangingEventPortName:HostProcess-e2baa5c9-29d0-47c0-98b0-319bba15b03f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:227b19b2-4160-4293-bff2-73a6c3f80c86 -DeviceGroupId: C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\Everything\Everything.exe" -svc dashost.exe {9792fa70-da87-49e0-95333b350696ffca} C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe" C:\Windows\system32\valWBFPolicyService.exe C:\Windows\system32\valWbioSyncSvc.exe C:\Windows\SysWOW64\svchost.exe -k LocalSystemNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cd1d24da-7b46-4a61-ab85-0f5f9a4b2d88 -SystemEventPortName:HostProcess-503c4b2b-8ff5-4546-a0d3-a837361235bb -IoCancelEventPortName:HostProcess-8342847f-c438-49c9-b4aa-511d88347cc3 -NonStateChangingEventPortName:HostProcess-f8a85525-3b4f-47eb-8d26-80a271ab2e8f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0a2d467b-1133-4ba2-9863-09d072fc581f -DeviceGroupId:WpdFsGroup C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted taskhostex.exe "C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe" -start C:\Tools\Sysinternals\procexp64.exe /T "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Synaptics\SynFp\Shared\SensorDBSynch.exe" \??\C:\Windows\system32\conhost.exe 0x4 C:\Windows\Explorer.EXE ClassicStartMenu.exe -startup "C:\Program Files\Everything\Everything.exe" -startup "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Windows\System32\TpShocks.exe" "C:\Program Files (x86)\Puush\puush.exe" "D:\Steam\Steam.exe" -silent "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files (x86)\QuiteRSS\QuiteRSS.exe" "D:\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "D:\Steam\config\htmlcache" -cookiepath "D:\Steam\config\cookies" -steampid 4696 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --disable-direct-write "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" "C:\Program Files (x86)\RedshiftGUI\redshiftgui.exe" "C:\Program Files (x86)\WizMouse\wizmouse.exe" /admin "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min "C:\Tools\SuperF4\SuperF4.exe" "C:\Program Files (x86)\Kalender\Kalender.exe" "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Tools\DiskLED\Disk0\DiskLED.exe" "C:\Tools\DiskLED\Disk1\DiskLED.exe" "C:\Program Files (x86)\Ethervane\Echo\ethervaneecho.exe" "C:\Program Files (x86)\Find And Run Robot\FindAndRunRobot.exe" "C:\Users\Marnick\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe" "E:\Scripts\AHK\Mediakeys.ahk" "C:\Program Files (x86)\Minibin\MiniBin.exe" "C:\Users\Marnick\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\Gridmove\GridMove.exe" "C:\Program Files (x86)\Processtamer\ProcessTamerTray.exe" "C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui "C:\Program Files (x86)\AnalogX\Maxmem\maxmem.exe" "C:\Program Files (x86)\Trillian\trillian.exe" "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\Tor\tor.exe" --nt-service "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files\Q-Dir\Q-Dir.exe" "C:\Program Files\TortoiseSVN\bin\TSVNCache.exe" "E:\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =========Mozilla firefox========= ProfilePath - C:\Users\Marnick\AppData\Roaming\Mozilla\Firefox\Profiles\9ypke8r8.default prefs.js - "browser.search.suggest.enabled" - false prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "about:home" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 16.0.0.296 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 16.0.0.296 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll C:\Users\Marnick\AppData\Roaming\Mozilla\Firefox\Profiles\9ypke8r8.default\extensions\ https-everywhere@eff.org netvideohunter@netvideohunter.com {77d2ed30-4cd2-11e0-b8af-0800200c9a66} {8A6C82A1-F6C9-481a-AAE7-C96444C9A754} {a7c6cf7f-112c-4500-a7ea-39801a327e5f} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23 551848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23 212904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{432dd630-7e03-4c97-9d62-b99f52df4fc2}] Microsoft Web Test Recorder 12.0 Helper - C:\Program Files (x86)\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05 71520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23 460712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23 172968] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Everything"=C:\Program Files\Everything\Everything.exe [2014-08-06 1441792] "BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2012-12-03 11733888] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-06 2464072] "TpShocks"=C:\Windows\system32\TpShocks.exe [2014-02-17 384344] "wdsmgr"=:C:\Program Files\ITknowledge24\Windows Defender Status Manager\wdsmgr.exe [] "Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "puush"=C:\Program Files (x86)\Puush\puush.exe [2014-06-28 567880] "Steam"=D:\Steam\steam.exe [2015-01-23 1942720] "QuiteRSS"=C:\Program Files (x86)\QuiteRSS\QuiteRSS.exe [2015-01-18 3822592] "RedshiftGUI"=C:\Program Files (x86)\RedshiftGUI\redshiftgui.exe [2010-08-05 706560] "POP Peeper"=C:\Program Files (x86)\POP Peeper\POPPeeper.exe [2011-11-16 1613824] "SuperF4"=C:\Tools\SuperF4\SuperF4.exe [2010-10-23 47616] "Kalender"=C:\Program Files (x86)\Kalender\Kalender.exe [2014-02-22 991232] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22065760] "Meminfo"=:C:\Program Files (x86)\Meminfo\meminfo.exe [] "Pidgin"=:C:\Program Files (x86)\Pidgin\pidgin.exe [] "PerfMon"=:C:\Program Files (x86)\PerfMon4x\PerfMon.exe [] "CPU"=:C:\Tools\DiskLED\CPU\DiskLED.exe [] "Disk0"=C:\Tools\DiskLED\Disk0\DiskLED.exe [2009-12-05 1677312] "Disk1"=C:\Tools\DiskLED\Disk1\DiskLED.exe [2009-12-05 1677312] "Ethervane"=C:\Program Files (x86)\Ethervane\Echo\ethervaneecho.exe [2012-05-09 8906752] "FARR"=C:\Program Files (x86)\Find And Run Robot\FindAndRunRobot.exe [2013-11-29 4689592] "Miniweb"=:C:\Tools\NTWind\Hidden Start\hstart.exe /NOCONSOLE C:\Tools\Miniweb\miniweb.exe [] "Networkup"=C:\Tools\DiskLED\NetworkUp\DiskLED.exe [2009-12-05 1677312] "Networkdown"=C:\Tools\DiskLED\NetworkDown\DiskLED.exe [2009-12-05 1677312] "VirtuaWin"=:C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe [] "Rainmeter"=:C:\Program Files\Rainmeter\Rainmeter.exe [] "7 Taskbar Tweaker"=C:\Users\Marnick\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [2014-11-22 345088] "Mediakeys"=E:\Scripts\AHK\Mediakeys.ahk [2015-01-19 89] "RBTray"=:C:\Tools\RBTray 4.1\64bit\RBTray.exe [] "Thunderbird"=:C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "MiniBin"=C:\Program Files (x86)\Minibin\MiniBin.exe [2014-03-21 71168] "Gridmove"=C:\Program Files (x86)\Gridmove\GridMove.exe [2010-01-12 460157] "ProcessTamer"=C:\Program Files (x86)\Processtamer\ProcessTamerTray.exe [2009-03-27 163840] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-25 5227112] C:\Users\Marnick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Marnick\AppData\Roaming\Dropbox\bin\Dropbox.exe Maxmem.lnk - C:\Program Files (x86)\AnalogX\Maxmem\maxmem.exe Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\system32\nvinitx.dll" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 "NoDispAppearancePage"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "PromptOnSecureDesktop"=0 "EnableSecureUIAPaths"=0 "ConsentPromptBehaviorAdmin"=0 "EnableUIADesktopToggle"=1 "DisableCAD"=1 "EnableFirstLogonAnimation"=1 "NoDispCPL"=0 "SynchronousUserGroupPolicy"=1 "DisplayLastLogonInfo"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoPreviewPane"=1 "StartMenuLogOff"=0 "NoClose"=0 "NoTrayContextMenu"=0 "NoFolderOptions"=0 "NoViewContextMenu"=0 "TaskbarNoNotification"=0 "NoWinkeys"=0 "HideClock"=0 "HideSCANetwork"=0 "HideSCAVolume"=0 "TaskbarNoThumbnail"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoRecentDocsNetHood"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\calc.exe] "Debugger="C:\Tools\Precise Calc\preccalc64.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave4"=wdmaud.drv "mixer4"=wdmaud.drv "wave5"=wdmaud.drv "midi4"=wdmaud.drv "mixer5"=wdmaud.drv "VIDC.FPS1"=frapsv64.dll "wave6"=wdmaud.drv "mixer6"=wdmaud.drv "wave"=wdmaud.drv "mixer"=wdmaud.drv "wave7"=wdmaud.drv "midi"=wdmaud.drv "mixer7"=wdmaud.drv "aux"=wdmaud.drv "wave8"=wdmaud.drv "mixer8"=wdmaud.drv "wave9"=wdmaud.drv "mixer9"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-01-25 14:17:07 ----D---- C:\rsit 2015-01-25 14:17:07 ----D---- C:\Program Files\trend micro 2015-01-25 04:18:08 ----D---- C:\Program Files\UltraDefrag 2015-01-25 04:17:46 ----D---- C:\Program Files\MyDefrag v4.3.1 2015-01-25 02:08:21 ----D---- C:\Users\Marnick\AppData\Roaming\Machete Lite 2015-01-25 02:08:17 ----D---- C:\Program Files (x86)\MacheteSoft 2015-01-25 00:26:08 ----D---- C:\Users\Marnick\AppData\Roaming\AVAST Software 2015-01-25 00:25:56 ----A---- C:\Windows\system32\drivers\aswsnx.sys 2015-01-25 00:25:56 ----A---- C:\Windows\system32\drivers\aswmonflt.sys 2015-01-25 00:25:50 ----A---- C:\Windows\system32\drivers\aswVmm.sys 2015-01-25 00:25:50 ----A---- C:\Windows\system32\drivers\aswStm.sys 2015-01-25 00:25:50 ----A---- C:\Windows\system32\drivers\aswSP.sys 2015-01-25 00:25:50 ----A---- C:\Windows\system32\drivers\aswRvrt.sys 2015-01-25 00:25:50 ----A---- C:\Windows\system32\drivers\aswRdr2.sys 2015-01-25 00:25:50 ----A---- C:\Windows\system32\drivers\aswHwid.sys 2015-01-25 00:25:50 ----A---- C:\Windows\system32\aswBoot.exe 2015-01-25 00:25:49 ----A---- C:\Windows\avastSS.scr 2015-01-25 00:25:09 ----D---- C:\Program Files\AVAST Software 2015-01-25 00:24:39 ----D---- C:\ProgramData\AVAST Software 2015-01-25 00:08:42 ----D---- C:\Users\Marnick\AppData\Roaming\Eusing 2015-01-25 00:08:40 ----D---- C:\Program Files (x86)\Eusing Free Registry Cleaner 2015-01-24 04:55:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-01-23 02:15:03 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll 2015-01-23 02:14:58 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll 2015-01-19 21:46:37 ----D---- C:\Program Files (x86)\AutoHotkey 2015-01-16 06:40:51 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe 2015-01-16 06:40:51 ----A---- C:\Windows\SYSWOW64\wer.dll 2015-01-16 06:40:51 ----A---- C:\Windows\SYSWOW64\Faultrep.dll 2015-01-16 06:40:51 ----A---- C:\Windows\system32\WerFaultSecure.exe 2015-01-16 06:40:51 ----A---- C:\Windows\system32\wer.dll 2015-01-16 06:40:51 ----A---- C:\Windows\system32\TSWbPrxy.exe 2015-01-16 06:40:51 ----A---- C:\Windows\system32\profsvc.dll 2015-01-16 06:40:51 ----A---- C:\Windows\system32\nlasvc.dll 2015-01-16 06:40:51 ----A---- C:\Windows\system32\ncsi.dll 2015-01-16 06:40:51 ----A---- C:\Windows\system32\Faultrep.dll 2015-01-16 06:40:51 ----A---- C:\Windows\system32\EncDump.dll 2015-01-16 06:40:51 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2015-01-16 06:40:51 ----A---- C:\Windows\system32\drivers\ahcache.sys 2015-01-16 06:40:51 ----A---- C:\Windows\system32\ci.dll 2015-01-16 06:40:51 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll 2015-01-16 01:28:05 ----D---- C:\Program Files (x86)\Light 2015-01-12 15:16:34 ----D---- C:\Users\Marnick\AppData\Roaming\7+ Taskbar Tweaker 2015-01-12 06:44:18 ----D---- C:\Users\Marnick\AppData\Roaming\ClassicShell 2015-01-12 06:44:17 ----D---- C:\ProgramData\ClassicShell 2015-01-12 06:44:03 ----D---- C:\Program Files\Classic Shell 2015-01-12 06:22:32 ----A---- C:\Windows\system32\uxtheme.dll 2015-01-12 06:22:32 ----A---- C:\Windows\system32\uxinit.dll 2015-01-12 06:22:32 ----A---- C:\Windows\system32\themeui.dll 2015-01-12 04:31:01 ----D---- C:\Program Files (x86)\WinDirStat 2015-01-07 20:33:46 ----D---- C:\Users\Marnick\AppData\Roaming\QuickScan 2015-01-06 23:52:55 ----D---- C:\Users\Marnick\AppData\Roaming\Microsoft FxCop 2015-01-05 20:14:25 ----D---- C:\Users\Marnick\AppData\Roaming\VirtuaWin 2015-01-05 20:14:20 ----D---- C:\Program Files (x86)\VirtuaWin 2015-01-04 04:33:45 ----D---- C:\Users\Marnick\AppData\Roaming\VeraCrypt 2015-01-04 04:33:37 ----D---- C:\Program Files\VeraCrypt 2015-01-04 04:32:55 ----A---- C:\Windows\system32\drivers\veracrypt.sys 2015-01-04 04:16:38 ----D---- C:\Program Files (x86)\Google 2015-01-04 04:05:30 ----D---- C:\Program Files\Pale Moon 2015-01-02 01:21:09 ----D---- C:\Users\Marnick\AppData\Roaming\inkscape 2015-01-02 01:20:56 ----D---- C:\Program Files\Inkscape 2015-01-01 18:35:22 ----D---- C:\Users\Marnick\AppData\Roaming\Kodi 2015-01-01 18:35:06 ----D---- C:\Program Files (x86)\Kodi 2015-01-01 00:50:43 ----D---- C:\Program Files (x86)\PerfMon4x 2015-01-01 00:50:43 ----A---- C:\Windows\SYSWOW64\unicows.dll 2014-12-27 01:28:41 ----D---- C:\Program Files (x86)\GTK2-Runtime 2014-12-27 00:48:53 ----D---- C:\Users\Marnick\AppData\Roaming\.purple 2014-12-27 00:48:43 ----D---- C:\Program Files (x86)\Pidgin ======List of files/folders modified in the last 1 month====== 2015-01-25 14:17:07 ----RD---- C:\Program Files 2015-01-25 14:15:02 ----D---- C:\Windows\Prefetch 2015-01-25 14:15:02 ----D---- C:\Users\Marnick\AppData\Roaming\POP Peeper 2015-01-25 14:08:51 ----D---- C:\Users\Marnick\AppData\Roaming\Skype 2015-01-25 14:00:00 ----D---- C:\Windows\system32\sru 2015-01-25 13:53:00 ----D---- C:\Windows\System32 2015-01-25 13:53:00 ----D---- C:\Windows\Inf 2015-01-25 13:53:00 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-01-25 13:47:27 ----D---- C:\Users\Marnick\AppData\Roaming\Dropbox 2015-01-25 13:47:02 ----D---- C:\Windows\system32\drivers 2015-01-25 13:46:39 ----D---- C:\ProgramData\Validity 2015-01-25 04:49:32 ----D---- C:\Users\Marnick\AppData\Roaming\Everything 2015-01-25 04:32:10 ----D---- C:\Users\Marnick\AppData\Roaming\XnViewMP 2015-01-25 04:30:28 ----D---- C:\Users\Marnick\AppData\Roaming\foobar2000 2015-01-25 02:12:46 ----D---- C:\Users\Marnick\AppData\Roaming\avidemux 2015-01-25 02:10:57 ----D---- C:\Tools 2015-01-25 02:08:17 ----SHD---- C:\Windows\Installer 2015-01-25 02:08:17 ----RD---- C:\Program Files (x86) 2015-01-25 01:34:13 ----D---- C:\Program Files\Defraggler 2015-01-25 00:26:07 ----D---- C:\ProgramData\Unchecky 2015-01-25 00:25:59 ----D---- C:\Windows\system32\DriverStore 2015-01-25 00:25:53 ----D---- C:\Windows\system32\Tasks 2015-01-25 00:25:50 ----D---- C:\Windows 2015-01-25 00:24:39 ----HD---- C:\ProgramData 2015-01-25 00:08:34 ----D---- C:\Windows\SysWOW64 2015-01-24 23:57:44 ----D---- C:\Windows\system32\config 2015-01-24 22:22:11 ----D---- C:\Windows\system32\catroot2 2015-01-24 22:19:30 ----D---- C:\Windows\system32\NDF 2015-01-24 22:17:05 ----D---- C:\Windows\WinSxS 2015-01-24 22:17:04 ----D---- C:\Windows\SoftwareDistribution 2015-01-24 22:16:59 ----D---- C:\Program Files (x86)\Bleachbit 2015-01-24 21:56:43 ----D---- C:\Users\Marnick\AppData\Roaming\Geek Uninstaller 2015-01-24 21:54:46 ----D---- C:\Users\Marnick\AppData\Roaming\UK's Kalender 2015-01-24 21:51:05 ----D---- C:\Users\Marnick\AppData\Roaming\Thunderbird 2015-01-24 21:44:35 ----D---- C:\Users\Marnick\AppData\Roaming\gnupg 2015-01-24 21:44:33 ----D---- C:\Users\Marnick\AppData\Roaming\SpaceEngineers 2015-01-24 21:44:33 ----D---- C:\Users\Marnick\AppData\Roaming\Mp3tag 2015-01-24 21:44:27 ----D---- C:\Windows\Temp 2015-01-24 21:44:27 ----D---- C:\Windows\debug 2015-01-24 21:36:08 ----SD---- C:\ProgramData\Microsoft 2015-01-24 20:27:42 ----D---- C:\Users\Marnick\AppData\Roaming\TS3Client 2015-01-24 20:13:57 ----D---- C:\Windows\IME 2015-01-24 20:13:04 ----D---- C:\Windows\Tasks 2015-01-24 13:58:19 ----D---- C:\Windows\system32\catroot 2015-01-24 12:23:11 ----SHD---- C:\System Volume Information 2015-01-24 12:19:15 ----D---- C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.1.0 2015-01-24 06:09:24 ----D---- C:\Windows\Microsoft.NET 2015-01-24 04:55:22 ----D---- C:\Windows\CbsTemp 2015-01-23 02:15:07 ----D---- C:\ProgramData\Oracle 2015-01-23 02:15:03 ----D---- C:\Program Files (x86)\Java 2015-01-23 02:14:59 ----D---- C:\Program Files\Java 2015-01-23 02:14:55 ----D---- C:\Program Files (x86)\Common Files 2015-01-19 21:46:37 ----D---- C:\Windows\ShellNew 2015-01-18 22:12:39 ----D---- C:\Users\Marnick\AppData\Roaming\Factorio 2015-01-18 14:53:49 ----D---- C:\Program Files (x86)\QuiteRSS 2015-01-18 02:50:25 ----D---- C:\Windows\system32\CodeIntegrity 2015-01-16 06:44:33 ----D---- C:\Windows\system32\MRT 2015-01-16 06:41:15 ----A---- C:\Windows\system32\MRT.exe 2015-01-16 01:28:14 ----D---- C:\Users\Marnick\AppData\Roaming\Light 2015-01-15 18:17:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-15 04:06:16 ----D---- C:\Program Files (x86)\Mozilla Thunderbird 2015-01-15 02:21:21 ----D---- C:\Users\Marnick\AppData\Roaming\MultiBit 2015-01-15 01:41:11 ----D---- C:\Program Files (x86)\Foobar2000 2015-01-14 04:14:42 ----D---- C:\Program Files (x86)\Mozilla Firefox 2015-01-12 15:01:09 ----D---- C:\Program Files\Unlocker 2015-01-12 14:38:59 ----D---- C:\ProgramData\Package Cache 2015-01-12 06:11:42 ----D---- C:\Users\Marnick\AppData\Roaming\BleachBit 2015-01-08 04:48:12 ----D---- C:\Windows\AppReadiness 2015-01-08 04:48:11 ----HD---- C:\Program Files\WindowsApps 2015-01-08 00:44:56 ----D---- C:\Users\Marnick\AppData\Roaming\Audacity 2015-01-06 20:34:02 ----D---- C:\Windows\system32\drivers\etc 2015-01-06 04:30:06 ----D---- C:\Windows\TAPI 2015-01-06 03:05:55 ----D---- C:\Windows\Logs 2015-01-04 04:05:36 ----D---- C:\Users\Marnick\AppData\Roaming\Moonchild Productions 2014-12-27 01:13:50 ----D---- C:\Program Files (x86)\VideoLAN ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2013-05-07 30648] R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-25 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-25 267632] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-11-13 31560] R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2014-01-29 152888] R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2014-01-29 29496] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-25 93568] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-25 1050432] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-25 436624] R1 SMIDriver;SMIDriver; C:\Windows\system32\drivers\smi.sys [2014-07-21 19760] R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-11-24 916024] R1 veracrypt;veracrypt; C:\Windows\System32\drivers\veracrypt.sys [2015-01-04 192344] R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2013-05-07 151480] R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2013-02-06 17848] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-25 29208] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-25 87912] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-25 116728] R2 AWEAlloc;AWE Memory Allocation Driver; C:\Windows\system32\DRIVERS\awealloc.sys [2014-06-03 20536] R2 ImDisk;ImDisk Virtual Disk Driver; C:\Windows\system32\DRIVERS\imdisk.sys [2014-06-19 42560] R2 uxstyle;uxstyle; \??\C:\Windows\system32\Drivers\uxstyle.sys [2013-09-23 31440] R3 BazisVirtualCDBus;@oem1.inf,%dev.SVCDESC%;WinCDEmu Virtual Bus Driver; C:\Windows\System32\drivers\BazisVirtualCDBus.sys [2011-08-08 198480] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920] R3 btmaux;@oem39.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-10-30 131968] R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2013-10-15 1390904] R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-11-14 60112] R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2013-10-15 69088] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152] R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-08-01 27032] R3 MEIx64;@oem33.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-08-04 100312] R3 NETwNe64;@oem56.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\Windows\system32\DRIVERS\NETwew00.sys [2014-07-02 3351520] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-11-13 13213512] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-03-18 167424] R3 RSP2STOR;@oem30.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-08-04 291544] R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-08-22 873688] R3 SensorsSimulatorDriver;@oem17.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [2014-10-29 226304] R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-04-07 31472] R3 SynTP;@oem11.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-07 554224] R3 VBAudioVACAMME;@oem34.inf,%DeviceName% (WDM);VB-Audio Cable A (WDM); C:\Windows\system32\DRIVERS\vbaudio_cablea64_win7.sys [2013-07-22 41192] R3 VBAudioVACBMME;@oem36.inf,%DeviceName% (WDM);VB-Audio Cable B (WDM); C:\Windows\system32\DRIVERS\vbaudio_cableb64_win7.sys [2013-07-22 41192] R3 VBAudioVMVAIOMME;@oem24.inf,%DeviceName% (WDM);VB-Audio VoiceMeeter VAIO (WDM); C:\Windows\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [2014-08-09 41192] R3 vm331avs;@oem29.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\Windows\System32\Drivers\vm331avs.sys [2014-08-04 1065344] S3 AMPPAL;@oem44.inf,%AMPPAL.SVCDESC%;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\System32\drivers\AMPPAL.sys [2013-02-13 164832] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080] S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-08-01 38296] S3 KMWDFILTER;@oem3.inf,%HIDServiceDesc%;Eastern Times KM DRIVER; C:\Windows\System32\drivers\KMWDFILTER.sys [2009-12-04 20992] S3 LnvHIDHW;@oem21.inf,%LnvHIDHW%;Lenovo HID Mini-driver for Hardware Radio Switch; C:\Windows\System32\drivers\LnvHIDHW.sys [2014-04-07 29496] S3 PORTMON;PORTMON; \??\C:\Tools\Sysinternals\PORTMSYS.SYS [2014-12-21 28656] S3 RTL8187B;@oem66.inf,%RTL8187B.DeviceDesc.DispName%;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver; C:\Windows\system32\DRIVERS\wg111v3.sys [2009-11-18 446976] S3 RtlWlanu;@netrtwlanu.inf,%RtlWlanu.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-07-31 1975000] S3 usbser;@oem9.inf,%ServiceName%;USB RS-232 Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2014-11-04 33280] S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736] S3 VBAudioHFVAIOMME;@oem35.inf,%DeviceName% (WDM);VB-Audio Hi-Fi Cable (WDM); C:\Windows\system32\DRIVERS\vbaudio_hfvaio64_win7.sys [2014-08-05 33512] S3 VBAudioVACMME;@oem25.inf,%DeviceName% (WDM);VB-Audio Virtual Cable (WDM); C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [2013-07-11 41192] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 141600] S3 VClone;VClone; C:\Windows\System32\drivers\VClone.sys [2013-07-24 34816] S4 nvvad_WaveExtensible;@oem49.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [] S4 RsFx0201;RsFx0201 Driver; C:\Windows\system32\DRIVERS\RsFx0201.sys [2012-10-19 336880] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-25 50344] R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-12-13 1120784] R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-12-03 1148864] R2 Everything;Everything; C:\Program Files\Everything\Everything.exe [2014-08-06 1441792] R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] R2 IBMPMSVC;@oem50.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-11-14 84208] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032] R2 tor;Tor Win32 Service; C:\Program Files (x86)\Tor\tor.exe [2013-02-27 3233806] R2 Unchecky;Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [2015-01-21 126568] R2 UnsignedThemes;Unsigned Themes; C:\Windows\unsignedthemes.exe [2013-09-23 13824] R2 valWBFPolicyService;@oem26.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2014-07-24 49040] R2 valWbioSyncSvc;@oem26.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization; C:\Windows\system32\valWbioSyncSvc.exe [2014-07-24 32256] R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-23 834752] S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2014-03-02 977088] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24 267440] S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-15 50864] S3 Backupper Service;AOMEI Backupper Scheduler Service; C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.1.0\ABService.exe [2014-11-26 29912] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792] S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488] S3 DirMngr;DirMngr; C:\Program Files (x86)\GNU\GNUPG\dirmngr.exe [2013-10-07 218112] S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [2014-02-19 142336] S3 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-01 319376] S3 ImDskSvc;ImDisk Virtual Disk Driver Helper; C:\Windows\system32\imdsksvc.exe [2014-06-19 18016] S3 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2014-04-17 22768] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-05 148592] S3 MSSQL$SQLSERVER2012;SQL Server (SQLSERVER2012); C:\Program Files\Microsoft SQL Server\MSSQL11.SQLSERVER2012\MSSQL\Binn\sqlservr.exe [2012-12-29 192000] S3 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-06 1795912] S3 SQLAgent$SQLSERVER2012;SQL Server Agent (SQLSERVER2012); C:\Program Files\Microsoft SQL Server\MSSQL11.SQLSERVER2012\MSSQL\Binn\SQLAGENT.EXE [2012-12-29 612864] S3 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2012-02-11 269912] S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2014-05-15 130240] S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-08-22 119808] S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2014-01-29 49976] S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008] -----------------EOF-----------------