Logfile of random's system information tool 1.10 (written by random/random) Run by Art at 2014-11-15 18:09:55 Microsoft Windows 8.1 System drive C: has 40 GB (35%) free of 114 GB Total RAM: 16311 MB (80% free) HijackThis download failed ======Listing Processes====== wininit.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\System32\spoolsv.exe "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe" dashost.exe {a54dcf59-2e62-416e-ad821c9c7c332596} "C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe" C:\Windows\system32\HPSIsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 32400e24-274b-4e4a-8d43-0ac2858e5437 1 \??\C:\Windows\system32\conhost.exe 0x4 "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" "C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00001028 C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\WinLogon.exe -SpecialSession -hiberboot "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session taskhostex.exe "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe 0x4 C:\Windows\Explorer.EXE "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2976.0.2010251272\1220379541" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,44 --gpu-vendor-id=0x10de --gpu-device-id=0x1187 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4448 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Control_R2_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="2976.6.906710522\2053477289" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Control_R2_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="2976.9.1883615508\1137035595" /prefetch:673131151 "C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe" -startup 0\\.\DISPLAY1 1\\.\DISPLAY2 "SmartHookTestApp.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe" "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe" "C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" "C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca "C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store "C:\Windows\system32\wwahost.exe" -ServerName:Microsoft.WindowsLive.Mail.wwa "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -ServerName:DefaultBrowserServer "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Control_R2_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="2976.12.2115064419\954188916" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Control_R2_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="2976.13.630332564\1104597937" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Control_R2_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="2976.15.927388424\849116610" /prefetch:673131151 "C:\Users\Art\AppData\Roaming\Spotify\spotify.exe" "C:\Users\Art\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="5424.0.71433803\1785636611" /prefetch:673131151 "C:\Users\Art\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="5424.1.2483996\168712323" /prefetch:673131151 "C:\Users\Art\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="5424.2.973537275\1141382" /prefetch:673131151 "C:\Users\Art\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="5424.3.96441608\1096352993" /prefetch:673131151 "C:\Users\Art\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="5424.4.1969772113\621932489" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x1187 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4448 --lang=en-US --log-severity=disable /prefetch:822062411 "C:\Windows\system32\mspaint.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6492.9c5a9c0.806546690 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 6492 "\\.\pipe\gecko-crash-server-pipe.6492" plugin "C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe" --proxy-stub-channel=Flash10800.5800E9C0.17514 --host-broker-channel=Flash10800.5800E9C0.26940 --host-pid=10800 --host-npapi-version=27 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_15_0_0_223.dll" "C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe" --channel=3724.003EF138.1528934458 --proxy-stub-channel=Flash10800.5800E9C0.17514 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_15_0_0_223.dll" --host-npapi-version=27 --type=renderer "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe975_ Global\UsGthrCtrlFltPipeMssGthrPipe975 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 588 592 600 65536 596 C:\Windows\splwow64.exe 12288 C:\Windows\System32\ThumbnailExtractionHost.exe -Embedding C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Art\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe# C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c# C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler# =========Mozilla firefox========= ProfilePath - C:\Users\Art\AppData\Roaming\Mozilla\Firefox\Profiles\3zwxb9zh.default prefs.js - "browser.startup.homepage" - "google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.223 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.223 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll C:\Users\Art\AppData\Roaming\Mozilla\Firefox\Profiles\3zwxb9zh.default\extensions\ abs@avira.com de-DE@dictionaries.addons.mozilla.org fr-dicollecte@dictionaries.addons.mozilla.org marcoagpinto@mail.telepac.pt ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] Linkey - C:\Users\Art\AppData\Local\Linkey\IEEXTE~1\iedll64.dll [2014-08-31 202256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-07 612248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] Linkey - C:\Users\Art\AppData\Local\Linkey\IEEXTE~1\iedll.dll [2014-08-31 175632] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-07 457712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-10-04 2800296] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-04 2463552] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30 499608] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 3933496] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeBridge"= [] "GoogleChromeAutoLaunch_287D66581EE7059F7B1969EBA7B01E9B"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-10-22 854344] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] ""= [] "Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2014-05-08 41336] "Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2014-05-08 840568] "HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-08-04 30264] "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-09-24 703736] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-07 4085896] "Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-10-22 124208] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Dual Smart Solution.lnk - C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Users\Art\AppData\Local\Linkey\IEEXTE~1\iedll64.dll " [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.yuy2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "vidc.yvyu"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "vidc.uyvy"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-11-15 18:08:49 ----D---- C:\rsit 2014-11-15 18:08:49 ----D---- C:\Program Files\trend micro 2014-11-07 08:57:18 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-10-25 17:25:38 ----D---- C:\Program Files (x86)\7-Zip 2014-10-25 14:11:24 ----D---- C:\Program Files (x86)\AGEIA Technologies 2014-10-25 14:10:51 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe 2014-10-25 14:10:11 ----D---- C:\Windows\LastGood 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\nvopencl.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\nvinit.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\NvIFR.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\NvFBC.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\nvcuda.dll 2014-10-25 14:09:41 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvopencl.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvoglshim64.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvmcumd.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvinitx.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\NvIFROpenGL.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\NvIFR64.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvhdap64.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\NvFBC64.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvEncodeAPI64.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvdispgenco6434448.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvdispco6434448.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvd3dumx.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvcuvid.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvcuda.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\nvcompiler.dll 2014-10-25 14:09:41 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys 2014-10-25 14:09:41 ----A---- C:\Windows\system32\drivers\nvhda64v.sys ======List of files/folders modified in the last 1 month====== 2014-11-15 18:09:45 ----D---- C:\Windows\Prefetch 2014-11-15 18:08:49 ----RD---- C:\Program Files 2014-11-15 18:08:40 ----D---- C:\Windows\Temp 2014-11-15 18:00:00 ----D---- C:\Windows\system32\sru 2014-11-15 17:50:32 ----SHD---- C:\System Volume Information 2014-11-15 17:46:12 ----D---- C:\Windows\Microsoft.NET 2014-11-15 17:38:12 ----D---- C:\Windows\SysWOW64 2014-11-15 17:32:31 ----D---- C:\Users\Art\AppData\Roaming\Spotify 2014-11-15 17:02:57 ----D---- C:\ProgramData\Package Cache 2014-11-15 17:02:56 ----SHD---- C:\Windows\Installer 2014-11-15 17:02:52 ----D---- C:\Program Files (x86)\Avira 2014-11-15 17:01:08 ----D---- C:\Windows\AppReadiness 2014-11-10 13:08:26 ----D---- C:\Windows\system32\Tasks 2014-11-08 23:40:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-08 23:40:15 ----RD---- C:\Program Files (x86) 2014-11-05 19:56:39 ----RD---- C:\Windows\System32 2014-11-05 19:56:39 ----D---- C:\Windows\Inf 2014-11-05 19:56:39 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-11-04 22:21:07 ----D---- C:\Windows\system32\DriverStore 2014-11-04 22:21:02 ----D---- C:\Windows\system32\drivers 2014-11-04 17:58:03 ----RSD---- C:\Windows\Fonts 2014-10-29 12:35:30 ----D---- C:\Windows\system32\config 2014-10-25 16:37:20 ----D---- C:\Users\Art\AppData\Roaming\vlc 2014-10-25 16:32:52 ----D---- C:\Windows\Tasks 2014-10-25 14:11:05 ----D---- C:\ProgramData\NVIDIA 2014-10-25 14:10:58 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2014-10-25 14:10:11 ----D---- C:\Windows 2014-10-22 17:40:04 ----D---- C:\Windows\rescache 2014-10-22 17:37:58 ----RSD---- C:\Windows\assembly 2014-10-22 15:58:17 ----D---- C:\Windows\WinSxS 2014-10-22 14:32:54 ----D---- C:\Windows\system32\MRT 2014-10-22 14:31:32 ----A---- C:\Windows\system32\MRT.exe 2014-10-18 20:01:16 ----D---- C:\Users\Art\AppData\Roaming\uTorrent 2014-10-18 20:01:15 ----D---- C:\ProgramData\smdmf 2014-10-16 17:54:03 ----A---- C:\Windows\SYSWOW64\OpenCL.dll 2014-10-16 17:54:03 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll 2014-10-16 17:54:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll 2014-10-16 17:54:03 ----A---- C:\Windows\SYSWOW64\nvapi.dll 2014-10-16 17:54:03 ----A---- C:\Windows\system32\OpenCL.dll 2014-10-16 17:54:03 ----A---- C:\Windows\system32\nvwgf2umx.dll 2014-10-16 17:54:03 ----A---- C:\Windows\system32\nvumdshimx.dll 2014-10-16 17:54:03 ----A---- C:\Windows\system32\nvoglv64.dll 2014-10-16 17:54:03 ----A---- C:\Windows\system32\nvhdagenco6420103.dll 2014-10-16 17:54:03 ----A---- C:\Windows\system32\nvapi64.dll 2014-10-16 15:11:40 ----A---- C:\Windows\system32\nvsvc64.dll 2014-10-16 15:11:40 ----A---- C:\Windows\system32\nvcpl.dll 2014-10-16 15:11:36 ----A---- C:\Windows\system32\nvvsvc.exe 2014-10-16 15:11:36 ----A---- C:\Windows\system32\nvsvcr.dll 2014-10-16 15:11:36 ----A---- C:\Windows\system32\nvshext.dll 2014-10-16 15:11:36 ----A---- C:\Windows\system32\nvmctray.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-07 65776] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-07 224896] R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-07 93568] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-10-07 1041168] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-07 427360] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-09-24 131608] R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-09-24 28600] R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg [2014-08-31 41872] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-07 29208] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-07 79184] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-07 92008] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-09-24 119272] R2 NPF_devolo;NetGroup Packet Filter Driver (devolo); C:\Windows\sysWOW64\drivers\npf_devolo.sys [2013-03-04 34048] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2013-04-18 11576] R3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Stuurprogramma I voor Intel(R) PRO/1000 PCI Express-netwerkverbinding; C:\Windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288] R3 mvusbews;@oem17.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480] R3 NVHDA;@oem29.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-10-16 197408] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-10-16 13190288] R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-04 20288] R3 nvvad_WaveExtensible;@oem21.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048] S3 AsrSetupDrv;AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [] S3 dg_ssudbus;@oem31.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 LGDDCDevice;LGDDCDevice; \??\C:\Windows\system32\LGI2CDriver.sys [] S3 LGII2CDevice;LGII2CDevice; \??\C:\Windows\system32\LGPII2CDriver.sys [] S3 ssudmdm;@oem32.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544] S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2013-08-22 78848] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432] R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-09-24 431920] R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-09-24 431920] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-07 50344] R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-10-22 164656] R2 DevoloNetworkService;devolo Network Service; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2014-05-14 3647992] R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-04 1149760] R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704] R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-11-24 127800] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1796928] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-04 19440960] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-10-16 933064] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-10-16 410952] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-05 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-15 267440] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-05 116648] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S4 servervo;VO Service component; C:\Users\Art\AppData\Roaming\VOPackage\VOsrv.exe [] -----------------EOF-----------------