Logfile of random's system information tool 1.10 (written by random/random) Run by lukas_000 at 2014-06-12 10:56:19 Microsoft Windows 8.1 System drive C: has 18 GB (30%) free of 59 GB Total RAM: 8148 MB (76% free) HijackThis download failed ======Listing Processes====== wininit.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "dwm.exe" "C:\Windows\system32\nvvsvc.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe" "C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe" "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe" -r "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service "C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe" "C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe" "C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe" dashost.exe {c5798262-801e-45ba-a75ae7c9d2f1bbcb} C:\Windows\SysWOW64\PnkBstrA.exe "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" "C:\Program Files (x86)\webget\updatewebget.exe" "C:\Program Files (x86)\webget\bin\utilwebget.exe" "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-debbb353-bc2f-4104-a0b6-4fc4868d2784 -SystemEventPortName:HostProcess-5c7bbe15-11fc-4830-a61e-fef789f80944 -IoCancelEventPortName:HostProcess-8107928a-69ef-41ab-92fc-c4c561ac0c14 -NonStateChangingEventPortName:HostProcess-34533263-6bad-42a9-8f6a-c2a7ca26bb49 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1069c4eb-b3c2-46ed-b8ff-a8a73ec053fb -DeviceGroupId:WpdFsGroup C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe" -hidden /prefetch:1 C:\Windows\Explorer.EXE C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} C:\Windows\system32\SearchIndexer.exe /Embedding "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\webget\bin\webget.PurBrowse64.exe" /l false /s false /c "webget" /t "C:\Program Files (x86)\webget\bin\TEMP" /i "http://apiwebwebgetcom-a.akamaihd.net/gsrs?is=isgiwhNL&bp=PB&g=00000000-0000-0000-0000-000000000000" /d {55685567-4840-4a91-962b-49a412e9485a}w64 /p 6b2a4dee-c8bc-48b6-af9f-65359e9a37f6:chrome /p a444e369-8ed9-462f-bd91-36196f13dd66:iexplore \??\C:\Windows\system32\conhost.exe 0x4 /c 6b2a4dee-c8bc-48b6-af9f-65359e9a37f6 /i a444e369-8ed9-462f-bd91-36196f13dd66 /s /z "n=webget&is=isgiwhNL&dpt=21" taskhostex.exe C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Users\joost\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5828.0.1257580410\956786035" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x118e --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3165 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_40/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5828.1.1522383840\1183500870" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_40/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5828.2.1849074211\164566324" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5828.4.1009143574\184572696" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 C:\Windows\WinStore\WSHost.exe -Embedding "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server C:\Windows\System32\RuntimeBroker.exe -Embedding "K:\RSITx64.exe" C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\AppCloudUpdater.job - C:\Users\LUKAS_~1\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\MySearchDial.job - C:\Users\joost\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE /Check ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-05-21 218784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}] Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-29 800448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}] Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-29 1499968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}] Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-29 550080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-05-21 2333400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-29 996544] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}] Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-29 655040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}] Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-29 1238336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}] Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-29 455360] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc264a72-fa75-4948-b881-ea8eff8e5dd2}] webget - C:\Program Files (x86)\webget\webgetbho.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-29 798912] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-09-21 391152] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-09-21 771056] "Persistence"=C:\Windows\system32\igfxpers.exe [2013-09-21 769520] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-27 13647576] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"=C:\Users\joost\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-05-16 1176632] "Spotify"=C:\Users\joost\AppData\Roaming\Spotify\Spotify.exe [2014-05-16 6170168] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "CLMLServer_For_P2G8"=C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576] "CLVirtualDrive"=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-09-23 490760] "RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-11 95192] "LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-05-13 3814736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2013-09-17 623104] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "ConfirmFileDelete"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.yuy2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "vidc.yvyu"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "vidc.uyvy"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-06-12 10:56:19 ----D---- C:\rsit 2014-06-12 10:56:19 ----D---- C:\Program Files\trend micro 2014-06-12 10:40:37 ----SD---- C:\Windows\SYSWOW64\Microsoft 2014-06-12 09:58:44 ----RD---- C:\Windows\BrowserChoice 2014-06-12 09:08:18 ----A---- C:\Windows\SYSWOW64\poqexec.exe 2014-06-12 09:08:18 ----A---- C:\Windows\system32\poqexec.exe 2014-06-12 09:03:15 ----A---- C:\Windows\system32\winresume.exe 2014-06-12 09:03:15 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys 2014-06-12 09:03:15 ----A---- C:\Windows\system32\drivers\WdFilter.sys 2014-06-12 09:03:15 ----A---- C:\Windows\system32\drivers\WdBoot.sys 2014-06-12 09:03:14 ----A---- C:\Windows\system32\winload.exe 2014-06-12 09:03:10 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-06-12 09:03:09 ----A---- C:\Windows\SYSWOW64\imagehlp.dll 2014-06-12 09:03:09 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-06-12 09:03:09 ----A---- C:\Windows\system32\imagehlp.dll 2014-06-12 09:03:09 ----A---- C:\Windows\system32\d3d10warp.dll 2014-06-12 09:03:09 ----A---- C:\Windows\system32\d2d1.dll 2014-06-12 09:03:06 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-06-12 09:03:06 ----A---- C:\Windows\system32\msxml3.dll 2014-06-12 09:03:03 ----A---- C:\Windows\SYSWOW64\msdrm.dll 2014-06-12 09:03:03 ----A---- C:\Windows\system32\msdrm.dll 2014-06-12 09:02:58 ----A---- C:\Windows\SYSWOW64\KernelBase.dll 2014-06-12 09:02:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll 2014-06-12 09:02:58 ----A---- C:\Windows\system32\KernelBase.dll 2014-06-12 09:02:58 ----A---- C:\Windows\system32\kernel32.dll 2014-06-12 09:02:45 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll 2014-06-12 09:02:45 ----A---- C:\Windows\system32\WMPhoto.dll 2014-06-11 20:07:44 ----A---- C:\Windows\system32\drivers\ntfs.sys 2014-06-11 20:07:44 ----A---- C:\Windows\system32\drivers\clfs.sys 2014-06-11 19:57:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-06-11 19:57:11 ----A---- C:\Windows\system32\vbscript.dll 2014-06-11 19:31:05 ----A---- C:\Windows\SYSWOW64\qedit.dll 2014-06-11 19:31:05 ----A---- C:\Windows\system32\qedit.dll 2014-06-11 18:46:58 ----A---- C:\Windows\SYSWOW64\pcaui.exe 2014-06-11 18:46:58 ----A---- C:\Windows\system32\pcaui.exe 2014-06-11 18:46:24 ----A---- C:\Windows\SYSWOW64\scrrun.dll 2014-06-11 18:46:24 ----A---- C:\Windows\system32\scrrun.dll 2014-06-11 18:40:52 ----A---- C:\Windows\system32\mdmregistration.dll 2014-06-11 18:40:52 ----A---- C:\Windows\system32\MDMAgent.exe 2014-06-11 18:40:51 ----A---- C:\Windows\SYSWOW64\mdmregistration.dll 2014-06-11 18:40:35 ----A---- C:\Windows\system32\uDWM.dll 2014-06-11 18:05:25 ----D---- C:\Windows\system32\MRT 2014-05-28 17:28:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-05-28 17:28:41 ----A---- C:\Windows\system32\mshtml.dll 2014-05-28 17:28:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-05-28 17:28:40 ----A---- C:\Windows\system32\mshtmled.dll 2014-05-27 18:31:54 ----A---- C:\Windows\system32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys 2014-05-20 17:52:07 ----D---- C:\Program Files\Microsoft Silverlight 2014-05-20 17:52:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-05-15 20:02:53 ----A---- C:\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64.sys 2014-05-14 21:24:07 ----A---- C:\Windows\SYSWOW64\shell32.dll 2014-05-14 21:24:07 ----A---- C:\Windows\system32\shell32.dll 2014-05-14 21:17:40 ----D---- C:\Program Files (x86)\LogMeIn Hamachi 2014-05-13 18:54:12 ----D---- C:\Program Files (x86)\Microsoft SkyDrive 2014-05-13 18:54:07 ----D---- C:\ProgramData\Microsoft SkyDrive 2014-05-13 18:51:53 ----D---- C:\Program Files\Microsoft Office 15 2014-05-13 14:29:04 ----AH---- C:\Windows\system32\drivers\Hamdrv.sys ======List of files/folders modified in the last 1 month====== 2014-06-12 10:56:40 ----RD---- C:\Windows\System32 2014-06-12 10:56:40 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-06-12 10:56:19 ----RD---- C:\Program Files 2014-06-12 10:56:10 ----D---- C:\Windows\Prefetch 2014-06-12 10:54:55 ----D---- C:\Windows\Microsoft.NET 2014-06-12 10:54:43 ----RSD---- C:\Windows\assembly 2014-06-12 10:54:22 ----D---- C:\Windows\Temp 2014-06-12 10:48:47 ----D---- C:\Windows\Inf 2014-06-12 10:43:42 ----D---- C:\Users\lukas_000\AppData\Roaming\Spotify 2014-06-12 10:43:21 ----A---- C:\Windows\win.ini 2014-06-12 10:43:15 ----D---- C:\ProgramData\Kaspersky Lab 2014-06-12 10:43:07 ----SHD---- C:\System Volume Information 2014-06-12 10:43:03 ----D---- C:\Windows 2014-06-12 10:43:03 ----D---- C:\ProgramData\AVAST Software 2014-06-12 10:40:51 ----D---- C:\Windows\system32\DriverStore 2014-06-12 10:40:50 ----D---- C:\Windows\system32\config 2014-06-12 10:40:49 ----D---- C:\Windows\system32\drivers 2014-06-12 10:40:37 ----D---- C:\Windows\SysWOW64 2014-06-12 10:39:54 ----D---- C:\Windows\system32\Tasks 2014-06-12 10:39:52 ----SHD---- C:\Windows\Installer 2014-06-12 10:39:50 ----SD---- C:\ProgramData\Microsoft 2014-06-12 10:39:50 ----D---- C:\Program Files (x86)\Microsoft 2014-06-12 10:38:00 ----D---- C:\Windows\WinSxS 2014-06-12 10:37:23 ----D---- C:\Windows\system32\Boot 2014-06-12 10:37:22 ----D---- C:\Windows\apppatch 2014-06-12 10:37:21 ----D---- C:\Program Files\Windows Defender 2014-06-12 10:37:20 ----D---- C:\Program Files (x86)\Windows Defender 2014-06-12 10:04:19 ----D---- C:\Windows\AppReadiness 2014-06-12 10:00:00 ----D---- C:\Windows\system32\sru 2014-06-12 09:59:00 ----D---- C:\Windows\CbsTemp 2014-06-12 09:58:57 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-06-12 09:58:57 ----D---- C:\Windows\system32\nl-NL 2014-06-12 09:58:32 ----D---- C:\Windows\system32\SecureBootUpdates 2014-06-12 09:58:22 ----D---- C:\Windows\system32\wbem 2014-06-12 09:38:37 ----D---- C:\Windows\system32\NDF 2014-06-12 09:09:49 ----HD---- C:\Program Files\WindowsApps 2014-06-11 20:15:51 ----D---- C:\ProgramData\Origin 2014-06-11 18:34:00 ----D---- C:\Program Files (x86)\Origin 2014-06-11 18:24:27 ----RD---- C:\Program Files (x86) 2014-06-11 18:24:27 ----D---- C:\Users\lukas_000\AppData\Roaming\Systweak 2014-06-11 18:24:26 ----HD---- C:\ProgramData 2014-06-11 18:24:12 ----D---- C:\Program Files (x86)\SearchProtect 2014-06-11 18:07:32 ----RD---- C:\Windows\ToastData 2014-06-06 19:03:52 ----D---- C:\ProgramData\Package Cache 2014-05-31 14:49:35 ----D---- C:\Windows\system32\wdi 2014-05-31 14:22:28 ----SD---- C:\Users\lukas_000\AppData\Roaming\Microsoft 2014-05-22 17:07:58 ----D---- C:\ProgramData\regid.1991-06.com.microsoft 2014-05-18 21:27:44 ----D---- C:\Program Files (x86)\webget 2014-05-13 18:53:49 ----D---- C:\Program Files (x86)\Common Files 2014-05-13 18:53:48 ----D---- C:\Program Files (x86)\Microsoft.NET 2014-05-13 18:53:09 ----RSD---- C:\Windows\Fonts ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-07 644968] R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-04-29 458336] R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712] R1 dtsoftbus01;@oem19.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2014-05-05 283064] R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2014-04-29 625760] R1 KLIM6;@oem13.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-10-29 30304] R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456] R1 klwfp;klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [2014-04-29 65120] R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-04-29 178272] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2013-08-22 71680] R2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver; \??\C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [2011-06-10 15160] R3 EvolveVirtualAdapter;@oem14.inf,%EvolveVirtualAdapter.Service.DispName%;Evolve Virtual Miniport Driver; C:\Windows\system32\DRIVERS\evolve.sys [2014-04-28 21656] R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\Windows\system32\DRIVERS\Hamdrv.sys [2014-05-13 46136] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-27 3613528] R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-04-29 29280] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-29 29280] R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288] R3 NVHDA;@oem10.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-10-23 12572960] R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-06-21 816344] R3 RtlWlanu;@netrtwlanu.inf,%RtlWlanu.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-07-31 1975000] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2013-08-22 36864] S0 klelam;klelam; C:\Windows\system32\DRIVERS\klelam.sys [2014-04-29 29792] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-09-17 4177920] S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [] S3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-09-17 449528] S3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [] S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-04-03 25816] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACT2_Service;Ashampoo Core Tuner 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [2011-08-22 1421216] R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2012-07-30 1518504] R2 AVP;Kaspersky Anti-Virus Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [2013-10-29 214512] R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-05-16 2266296] R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2013-03-11 74712] R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2013-03-11 316376] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-05-13 2228048] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720] R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 377616] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-23 1364256] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-05-03 75136] R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576] R2 Update webget;Update webget; C:\Program Files (x86)\webget\updatewebget.exe [2014-06-12 317720] R2 Util webget;Util webget; C:\Program Files (x86)\webget\bin\utilwebget.exe [2014-06-12 317720] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-28 116648] S2 MBAMScheduler;MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-04-03 1809720] S2 MBAMService;MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [2014-04-03 857912] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712] S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-09-21 279024] S3 EvoSvc;Evolve Service; C:\Program Files\Echobit\Evolve\EvoSvc.exe [2014-05-08 1579936] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-28 116648] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424] -----------------EOF-----------------