Logfile of random's system information tool 1.10 (written by random/random) Run by Gebruiker at 2015-12-19 15:53:12 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 116 GB (49%) free of 236 GB Total RAM: 4010 MB (35% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:53:19, on 19/12/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.18098) Boot mode: Normal Running processes: C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Program Files (x86)\AVG Web TuneUp\vprot.exe C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\AVG Web TuneUp\CefHost.exe C:\Program Files (x86)\AVG Web TuneUp\CefHost.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe C:\Program Files\trend micro\Gebruiker.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Browser Extensions - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Gebruiker\AppData\Roaming\Slick Savings\Coupons.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.2.1.951\AVG Web TuneUp.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Gebruiker\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart O4 - HKLM\..\Policies\Explorer\Run: [BootRacer] "C:\Program Files (x86)\BootRacer\Bootrace.exe" /2 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-443520092-2441362985-2714935032-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-443520092-2441362985-2714935032-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_287_ActiveX.exe -update activex (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_287_ActiveX.exe -update activex (User 'Default user') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: BootRacerServ - Greatis Software, LLC - C:\Program Files (x86)\BootRacer\BootRacerServ.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater40.2.1 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.1\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -- End of file - 14776 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe" "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS "C:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\servicing\TrustedInstaller.exe "C:\Program Files (x86)\BootRacer\BootRacerServ.exe" C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 3076288 \??\C:\Windows\system32\conhost.exe "16919400328113628571909145295-202575474364544466850995447815081826012111280050 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service C:\Windows\System32\svchost.exe -k utcsvc C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.1\ToolbarUpdater.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.1\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" \??\C:\Windows\system32\conhost.exe "-640066346-2091290793-632899528-8860737291986372901-8334610592155943011129041808 WLIDSvcM.exe 2600 "C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe" C:\Windows\system32\svchost.exe -k HPService "C:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe" C:\Windows\system32\nvvsvc.exe -session -first "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE taskeng.exe {593F8654-4CD7-4821-ACBD-319D0904084B} "C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe" /Task "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" "C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe" "C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe" hide "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe" "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" "C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe" ctfmon.exe "C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE" "C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} C:\Windows\system32\igfxext.exe -Embedding C:\Windows\system32\igfxsrvc.exe -Embedding "C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe" "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6704 CREDAT:275457 /prefetch:2 "C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe" /medium "CefHost.exe" C:\Windows\system32\DllHost.exe /Processid:{49F171DD-B51A-40D3-9A6C-52D674CC729D} "C:\Program Files (x86)\AVG Web TuneUp\CefHost.exe" --type=renderer --no-sandbox --user-agent="Mozilla/4.0 (compatible; MSIE 9.11.9600.18097; Windows NT 6.1)" --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=en-US --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="6324.1.698266793\2135208094" /prefetch:673131151 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" C:\Windows\system32\hkcmd.exe C:\Windows\system32\igfxpers.exe "C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe" "C:\Program Files\Microsoft Security Client\MpCmdRun.exe" SignatureUpdate -ScheduleJob -RestrictPrivileges -Reinvoke "C:\Program Files\Microsoft Security Client\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate \??\C:\Windows\system32\conhost.exe "2086667259-486811973-1441636060957971188-7534302661700338594-1406089529-156170936 "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /manual C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv "C:\Users\Gebruiker\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\1215tbUpdateInfo.job - C:\ProgramData\Avg_Update_1215tb\1215tb_{0BE80F86-F959-4C88-AB25-433C2F0893DC}.exe /SETINFO /CMPID=1215tb /INFORETRY=3 /RUNBY=UP C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-443520092-2441362985-2714935032-1001Core.job - C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-443520092-2441362985-2714935032-1001UA.job - C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-05-22 2471744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}] AVG Do Not Track [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}] Browser Extensions - C:\Users\Gebruiker\AppData\Roaming\Slick Savings\Coupons64.dll [2015-01-06 390608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-01 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}] Browser Extensions - C:\Users\Gebruiker\AppData\Roaming\Slick Savings\Coupons.dll [2015-01-06 354256] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.2.1.951\AVG Web TuneUp.dll [2015-12-05 2411920] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-01 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB}] W2PBrowser Class - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-09-17 1236992] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2015-04-01 672032] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-13 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-01 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-01 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-09-02 13672152] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-04 2679592] "MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BootRacer"=C:\Program Files (x86)\BootRacer\Bootrace.exe [2014-04-23 3843344] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-09-19 39408] "Google Update"=C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200] "Advanced SystemCare 8"=C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2015-04-08 2429728] "Google Photos Backup"=C:\Users\Gebruiker\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [2015-10-13 3787080] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Extensions] C:\Users\Gebruiker\AppData\Roaming\Slick Savings\CouponsHelper.exe [2015-01-06 544720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31 144200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Slick Savings] C:\Users\Gebruiker\AppData\Roaming\Slick Savings\CouponsHelper.exe [2015-01-06 544720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2015-12-05 2819984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk] C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2011-01-13 1138464] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2009-11-18 275072] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-10-30 3780008] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056] ""= [] "vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2015-12-05 2819984] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BootRacer"=C:\Program Files (x86)\BootRacer\Bootrace.exe [2014-04-23 3843344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll C:\Windows\system32\nvinitx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2010-12-17 384000] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=0 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-12-19 15:26:38 ----D---- C:\Program Files\trend micro 2015-12-19 15:26:27 ----D---- C:\rsit 2015-12-16 20:48:42 ----D---- C:\IObit 2015-12-05 12:35:23 ----D---- C:\Program Files\Common Files\AVG Secure Search 2015-11-21 22:10:03 ----A---- C:\Windows\system32\drivers\ndis.sys 2015-11-21 22:09:13 ----A---- C:\Windows\system32\wuaueng.dll 2015-11-21 22:09:12 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2015-11-21 22:09:12 ----A---- C:\Windows\SYSWOW64\wudriver.dll 2015-11-21 22:09:12 ----A---- C:\Windows\SYSWOW64\wuapi.dll 2015-11-21 22:09:12 ----A---- C:\Windows\system32\wuwebv.dll 2015-11-21 22:09:12 ----A---- C:\Windows\system32\wucltux.dll 2015-11-21 22:09:12 ----A---- C:\Windows\system32\wuapi.dll 2015-11-21 22:09:12 ----A---- C:\Windows\system32\WinSetupUI.dll 2015-11-21 22:09:11 ----A---- C:\Windows\SYSWOW64\wups.dll 2015-11-21 22:09:11 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2015-11-21 22:09:11 ----A---- C:\Windows\system32\wups2.dll 2015-11-21 22:09:11 ----A---- C:\Windows\system32\wups.dll 2015-11-21 22:09:11 ----A---- C:\Windows\system32\wudriver.dll 2015-11-21 22:09:11 ----A---- C:\Windows\system32\wuauclt.exe 2015-11-21 22:09:11 ----A---- C:\Windows\system32\wuapp.exe 2015-11-21 22:09:11 ----A---- C:\Windows\system32\wu.upgrade.ps.dll 2015-11-21 22:07:56 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2015-11-21 22:07:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2015-11-21 22:07:55 ----A---- C:\Windows\system32\ieetwproxystub.dll 2015-11-21 22:07:55 ----A---- C:\Windows\system32\ieetwcollector.exe 2015-11-21 22:07:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2015-11-21 22:07:53 ----A---- C:\Windows\SYSWOW64\occache.dll 2015-11-21 22:07:53 ----A---- C:\Windows\system32\ie4uinit.exe 2015-11-21 22:07:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-11-21 22:07:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-11-21 22:07:52 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2015-11-21 22:07:52 ----A---- C:\Windows\system32\iernonce.dll 2015-11-21 22:07:51 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2015-11-21 22:07:51 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2015-11-21 22:07:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-11-21 22:07:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-11-21 22:07:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-11-21 22:07:47 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2015-11-21 22:07:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-11-21 22:07:45 ----A---- C:\Windows\system32\occache.dll 2015-11-21 22:07:44 ----A---- C:\Windows\system32\urlmon.dll 2015-11-21 22:07:44 ----A---- C:\Windows\system32\iedkcs32.dll 2015-11-21 22:07:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-11-21 22:07:40 ----A---- C:\Windows\SYSWOW64\jscript.dll 2015-11-21 22:07:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2015-11-21 22:07:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2015-11-21 22:07:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2015-11-21 22:07:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2015-11-21 22:07:38 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2015-11-21 22:07:37 ----A---- C:\Windows\SYSWOW64\ieui.dll 2015-11-21 22:07:37 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2015-11-21 22:07:37 ----A---- C:\Windows\system32\msfeeds.dll 2015-11-21 22:07:37 ----A---- C:\Windows\system32\dxtrans.dll 2015-11-21 22:07:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-11-21 22:07:35 ----A---- C:\Windows\system32\iesetup.dll 2015-11-21 22:07:34 ----A---- C:\Windows\system32\ieapfltr.dll 2015-11-21 22:07:32 ----A---- C:\Windows\system32\iertutil.dll 2015-11-21 22:07:30 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2015-11-21 22:07:29 ----A---- C:\Windows\SYSWOW64\webcheck.dll 2015-11-21 22:07:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2015-11-21 22:07:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-11-21 22:07:28 ----A---- C:\Windows\system32\vbscript.dll 2015-11-21 22:07:27 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-11-21 22:07:27 ----A---- C:\Windows\system32\jsproxy.dll 2015-11-21 22:07:24 ----A---- C:\Windows\SYSWOW64\msrating.dll 2015-11-21 22:07:23 ----A---- C:\Windows\system32\ieui.dll 2015-11-21 22:07:23 ----A---- C:\Windows\system32\dxtmsft.dll 2015-11-21 22:07:22 ----A---- C:\Windows\system32\ieframe.dll 2015-11-21 22:07:21 ----A---- C:\Windows\system32\mshtmled.dll 2015-11-21 22:07:20 ----A---- C:\Windows\system32\mshtmlmedia.dll 2015-11-21 22:07:19 ----A---- C:\Windows\system32\ieUnatt.exe 2015-11-21 22:07:18 ----A---- C:\Windows\system32\webcheck.dll 2015-11-21 22:07:18 ----A---- C:\Windows\system32\jscript.dll 2015-11-21 22:07:17 ----A---- C:\Windows\system32\jscript9diag.dll 2015-11-21 22:07:17 ----A---- C:\Windows\system32\jscript9.dll 2015-11-21 22:07:16 ----A---- C:\Windows\system32\wininet.dll 2015-11-21 22:07:15 ----A---- C:\Windows\system32\msrating.dll 2015-11-21 22:07:15 ----A---- C:\Windows\system32\MshtmlDac.dll 2015-11-21 22:07:13 ----A---- C:\Windows\system32\mshtml.dll 2015-11-21 22:05:41 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-11-21 22:05:39 ----A---- C:\Windows\system32\schannel.dll 2015-11-21 22:05:38 ----A---- C:\Windows\system32\ncrypt.dll 2015-11-21 22:05:38 ----A---- C:\Windows\system32\kerberos.dll 2015-11-21 22:05:38 ----A---- C:\Windows\system32\drivers\cng.sys 2015-11-21 22:05:37 ----A---- C:\Windows\SYSWOW64\schannel.dll 2015-11-21 22:05:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-11-21 22:05:36 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-11-21 22:05:35 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2015-11-21 22:05:35 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2015-11-21 22:05:35 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll 2015-11-21 22:05:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2015-11-21 22:05:35 ----A---- C:\Windows\system32\bcryptprimitives.dll 2015-11-21 22:05:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2015-11-21 22:05:34 ----A---- C:\Windows\system32\lsasrv.dll 2015-11-21 22:05:34 ----A---- C:\Windows\system32\kernel32.dll 2015-11-21 22:05:33 ----A---- C:\Windows\system32\ntdll.dll 2015-11-21 22:05:32 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2015-11-21 22:05:31 ----A---- C:\Windows\system32\wow64.dll 2015-11-21 22:05:31 ----A---- C:\Windows\system32\KernelBase.dll 2015-11-21 22:05:30 ----A---- C:\Windows\system32\winsrv.dll 2015-11-21 22:05:30 ----A---- C:\Windows\system32\srcore.dll 2015-11-21 22:05:30 ----A---- C:\Windows\system32\rpcrt4.dll 2015-11-21 22:05:30 ----A---- C:\Windows\system32\conhost.exe 2015-11-21 22:05:29 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2015-11-21 22:05:29 ----A---- C:\Windows\system32\wdigest.dll 2015-11-21 22:05:29 ----A---- C:\Windows\system32\rstrui.exe 2015-11-21 22:05:29 ----A---- C:\Windows\system32\msv1_0.dll 2015-11-21 22:05:27 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2015-11-21 22:05:27 ----A---- C:\Windows\system32\TSpkg.dll 2015-11-21 22:05:27 ----A---- C:\Windows\system32\sspicli.dll 2015-11-21 22:05:27 ----A---- C:\Windows\system32\smss.exe 2015-11-21 22:05:26 ----A---- C:\Windows\SYSWOW64\setup16.exe 2015-11-21 22:05:26 ----A---- C:\Windows\system32\lsass.exe 2015-11-21 22:05:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2015-11-21 22:05:25 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2015-11-21 22:05:25 ----A---- C:\Windows\system32\auditpol.exe 2015-11-21 22:05:24 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-11-21 22:05:24 ----A---- C:\Windows\SYSWOW64\cryptbase.dll 2015-11-21 22:05:24 ----A---- C:\Windows\system32\sspisrv.dll 2015-11-21 22:05:24 ----A---- C:\Windows\system32\srclient.dll 2015-11-21 22:05:24 ----A---- C:\Windows\system32\ntvdm64.dll 2015-11-21 22:05:24 ----A---- C:\Windows\system32\csrsrv.dll 2015-11-21 22:05:24 ----A---- C:\Windows\system32\cryptbase.dll 2015-11-21 22:05:23 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2015-11-21 22:05:23 ----A---- C:\Windows\SYSWOW64\credssp.dll 2015-11-21 22:05:23 ----A---- C:\Windows\system32\secur32.dll 2015-11-21 22:05:23 ----A---- C:\Windows\system32\credssp.dll 2015-11-21 22:05:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2015-11-21 22:05:22 ----A---- C:\Windows\SYSWOW64\secur32.dll 2015-11-21 22:05:22 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2015-11-21 22:05:22 ----A---- C:\Windows\system32\wow64win.dll 2015-11-21 22:05:22 ----A---- C:\Windows\system32\wow64cpu.dll 2015-11-21 22:05:22 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2015-11-21 22:05:21 ----A---- C:\Windows\SYSWOW64\wow32.dll 2015-11-21 22:05:21 ----A---- C:\Windows\SYSWOW64\KernelBase.dll 2015-11-21 22:05:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll 2015-11-21 22:05:21 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2015-11-21 22:05:21 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2015-11-21 22:05:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-21 22:05:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-11-21 22:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-11-21 22:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-21 22:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-21 22:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll 2015-11-21 22:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-11-21 22:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-11-21 22:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-11-21 22:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-21 22:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-11-21 22:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-11-21 22:05:17 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-21 22:05:17 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-11-21 22:05:17 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-11-21 22:05:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-21 22:05:17 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-21 22:05:17 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-21 22:05:17 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-21 22:05:17 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-11-21 22:05:17 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-11-21 22:05:17 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-21 22:05:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-21 22:05:16 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-21 22:05:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-11-21 22:05:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-21 22:05:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-11-21 22:05:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-11-21 22:05:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-11-21 22:05:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-21 22:05:16 ----A---- C:\Windows\SYSWOW64\apisetschema.dll 2015-11-21 22:05:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll 2015-11-21 22:05:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-11-21 22:05:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll 2015-11-21 22:05:15 ----A---- C:\Windows\SYSWOW64\instnm.exe 2015-11-21 22:05:15 ----A---- C:\Windows\system32\apisetschema.dll 2015-11-21 22:05:14 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-11-21 22:05:14 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-11-21 22:05:14 ----A---- C:\Windows\SYSWOW64\user.exe 2015-11-21 22:05:14 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2015-11-21 22:05:14 ----A---- C:\Windows\system32\adtschema.dll 2015-11-21 22:05:13 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2015-11-21 22:05:13 ----A---- C:\Windows\system32\msaudite.dll 2015-11-21 22:05:12 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2015-11-21 22:05:12 ----A---- C:\Windows\system32\msobjs.dll 2015-11-21 22:03:13 ----A---- C:\Windows\system32\drivers\tdx.sys 2015-11-21 22:03:13 ----A---- C:\Windows\system32\drivers\afd.sys 2015-11-21 22:03:08 ----A---- C:\Windows\SYSWOW64\apphelp.dll 2015-11-21 22:03:08 ----A---- C:\Windows\system32\apphelp.dll 2015-11-21 22:03:07 ----A---- C:\Windows\system32\sdbinst.exe 2015-11-21 22:03:07 ----A---- C:\Windows\system32\aelupsvc.dll 2015-11-21 22:03:06 ----A---- C:\Windows\SYSWOW64\shimeng.dll 2015-11-21 22:03:06 ----A---- C:\Windows\SYSWOW64\sdbinst.exe 2015-11-21 22:03:06 ----A---- C:\Windows\system32\shimeng.dll 2015-11-21 22:03:03 ----A---- C:\Windows\system32\win32k.sys 2015-11-21 22:02:38 ----A---- C:\Windows\SYSWOW64\InkEd.dll 2015-11-21 22:02:38 ----A---- C:\Windows\system32\InkEd.dll 2015-11-21 22:02:32 ----A---- C:\Windows\system32\jnwmon.dll ======List of files/folders modified in the last 1 month====== 2015-12-19 15:52:07 ----D---- C:\Windows\Temp 2015-12-19 15:50:53 ----D---- C:\Windows\winsxs 2015-12-19 15:50:49 ----D---- C:\Windows\system32\catroot 2015-12-19 15:50:47 ----D---- C:\Windows\system32\catroot2 2015-12-19 15:50:13 ----RSD---- C:\Windows\Fonts 2015-12-19 15:48:49 ----SHD---- C:\System Volume Information 2015-12-19 15:48:11 ----D---- C:\Windows\inf 2015-12-19 15:48:02 ----D---- C:\Windows 2015-12-19 15:35:00 ----SHD---- C:\Windows\Installer 2015-12-19 15:35:00 ----HD---- C:\Config.Msi 2015-12-19 15:34:55 ----D---- C:\Windows\Microsoft.NET 2015-12-19 15:28:22 ----D---- C:\Windows\SysWOW64 2015-12-19 15:28:22 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2015-12-19 15:28:09 ----D---- C:\Windows\System32 2015-12-19 15:28:09 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-12-19 15:27:22 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-12-19 15:26:38 ----RD---- C:\Program Files 2015-12-19 15:05:53 ----D---- C:\ProgramData\MFAData 2015-12-19 15:04:40 ----D---- C:\ProgramData\IObit 2015-12-19 15:03:19 ----A---- C:\prefs.js 2015-12-19 15:02:57 ----A---- C:\Windows\SYSWOW64\log.txt 2015-12-19 15:00:48 ----D---- C:\Windows\system32\config 2015-12-19 14:59:44 ----D---- C:\Program Files (x86)\BootRacer 2015-12-19 14:59:06 ----D---- C:\Windows\Tasks 2015-12-19 14:59:06 ----D---- C:\Windows\system32\wfp 2015-12-19 14:59:06 ----D---- C:\Program Files\Internet Explorer 2015-12-19 14:59:05 ----D---- C:\Program Files (x86)\AVG Web TuneUp 2015-12-19 14:58:58 ----D---- C:\Windows\system32\wbem 2015-12-19 14:57:59 ----D---- C:\Windows\system32\DriverStore 2015-12-19 14:57:58 ----D---- C:\Windows\SYSWOW64\wbem 2015-12-19 14:57:58 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-12-19 14:57:58 ----D---- C:\Windows\SYSWOW64\en-US 2015-12-19 14:57:58 ----D---- C:\Windows\system32\nl-NL 2015-12-19 14:57:58 ----D---- C:\Windows\system32\en-US 2015-12-19 14:57:58 ----D---- C:\Windows\system32\drivers 2015-12-19 14:57:58 ----D---- C:\Windows\PolicyDefinitions 2015-12-19 14:57:58 ----D---- C:\Windows\ehome 2015-12-19 14:57:58 ----D---- C:\Program Files (x86)\Internet Explorer 2015-12-19 14:57:43 ----D---- C:\Windows\system32\Tasks 2015-12-19 14:57:42 ----SD---- C:\Windows\system32\GWX 2015-12-19 14:57:42 ----D---- C:\Windows\system32\Macromed 2015-12-19 14:57:42 ----D---- C:\Windows\system32\CodeIntegrity 2015-12-19 14:57:42 ----D---- C:\Windows\servicing 2015-12-19 14:57:40 ----D---- C:\ProgramData\WinClon 2015-12-19 14:57:39 ----D---- C:\ProgramData\AVG Secure Search 2015-12-19 14:57:39 ----D---- C:\Program Files\Microsoft Silverlight 2015-12-19 14:57:37 ----D---- C:\Program Files\Common Files\Microsoft Shared 2015-12-19 14:57:37 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2015-12-19 14:56:13 ----D---- C:\Windows\registration 2015-12-19 14:54:55 ----RSD---- C:\Windows\assembly 2015-12-19 14:54:46 ----RD---- C:\Users 2015-12-19 14:53:45 ----D---- C:\Leny 2015-12-13 23:36:59 ----D---- C:\ProgramData\BootRacer 2015-12-12 19:55:04 ----D---- C:\Windows\Prefetch 2015-12-12 19:23:12 ----D---- C:\Windows\SoftwareDistribution 2015-12-12 19:21:01 ----D---- C:\Windows\debug 2015-12-05 12:36:33 ----HD---- C:\ProgramData 2015-12-05 12:35:23 ----D---- C:\Program Files\Common Files 2015-12-04 20:53:18 ----D---- C:\Program Files (x86) 2015-12-04 16:58:34 ----D---- C:\ProgramData\ProductData 2015-11-28 20:09:25 ----D---- C:\Windows\rescache 2015-11-22 11:33:38 ----D---- C:\Windows\AppPatch 2015-11-22 11:33:37 ----D---- C:\Windows\system32\migration 2015-11-22 10:06:47 ----D---- C:\ProgramData\Microsoft Help 2015-11-22 09:46:07 ----D---- C:\Program Files\Windows Journal ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2015-08-19 297904] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-05-07 378336] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-01-27 25960] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-08-04 300464] R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys [2009-05-28 13824] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568] R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192] R3 BCM43XX;Stuurprogramma voor Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] R3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-01-14 349736] R3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2011-01-14 106536] R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2011-01-14 138280] R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-01-14 39464] R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-01-14 21416] R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-11-10 31088] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-12-17 12256512] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-09-02 3962840] R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-09-02 452088] R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-09-02 100312] R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-10-25 941784] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-02-04 1413680] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-02-15 19456] S3 rtport;rtport; \??\C:\Windows\SysWOW64\drivers\rtport.sys [2011-04-13 15144] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-02-15 57856] S3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704] R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-04-03 814880] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-10-30 335656] R2 BootRacerServ;BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [2014-04-30 65296] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-01-13 956192] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088] R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656] R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-01-26 993896] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-27 2009704] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904] R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280] R2 vToolbarUpdater40.2.1;vToolbarUpdater40.2.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.1\ToolbarUpdater.exe [2015-12-05 1926544] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200] S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-08-08 2909472] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-19 269504] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-23 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-31 114688] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-08-09 166704] S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-28 1255736] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------