Logfile of random's system information tool 1.10 (written by random/random) Run by David at 2015-01-13 14:34:57 Microsoft Windows 8.1 System drive C: has 617 GB (89%) free of 694 GB Total RAM: 6036 MB (68% free) HijackThis download failed ======Listing Processes====== wininit.exe winlogon.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS "dwm.exe" "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe" C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\igfxCUIService.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\Hpservice.exe "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\WLANExt.exe 475190506368 \??\C:\WINDOWS\system32\conhost.exe 0x4 C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE" "C:\Program Files\Samsung\AllShare Framework DMS\1.3.15\AllShareFrameworkManagerDMS.exe" C:\WINDOWS\system32\svchost.exe -k apphost "C:\Program Files\Samsung\AllShare Framework DMS\1.3.15\AllShareFrameworkDMS.exe" \??\C:\WINDOWS\system32\conhost.exe 0x4 dashost.exe {1c192a50-4c44-43c2-94e3243e7c150006} "C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe" "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\diMaster.dll" /prefetch:1 "C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" "C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /service "C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe" C:\WINDOWS\system32\SearchIndexer.exe /Embedding C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe" /c /a /s UserSession "C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe" /autorun "C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP taskhostex.exe "C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe" /Task C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\WINDOWS\Explorer.EXE igfxEM.exe igfxHK.exe igfxTray.exe C:\Windows\System32\skydrive.exe -Embedding "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe" "C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe" /HotCorners "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe" "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /auto "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" "C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe" "C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe" /startup "C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup "C:\Program Files (x86)\Citrix\Receiver\Receiver.exe" -autoupdate -startplugins "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup "C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe" -Embedding "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe" "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart "C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe" "C:\Windows\System32\SettingSyncHost.exe" -Embedding C:\WINDOWS\system32\DllHost.exe /Processid:{3AD05575-8857-4850-9277-11B85BDB8E09} "C:\Program Files (x86)\Hewlett-Packard\HP Quick Start\HPQuickstart.exe" "C:\Program Files\Internet Explorer\iexplore.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_1.2.1.12_x64__yfg5n0ztvskxp\google-search.exe" -ServerName:App.AppXg6pfmg0p3b0tmgkcdg7at2v06vr6mdm0.mca "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580 "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files\Internet Explorer\iexplore.exe" -ServerName:DefaultBrowserServer "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:708 CREDAT:267777 /prefetch:1 "C:\Users\David\Favorites\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\ASC8_SkipUac_David.job - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe /SkipUac C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\HPCeeScheduleForDavid.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForDavid (null) C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer C:\WINDOWS\tasks\Uninstaller_SkipUac_David.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-11-27 2471744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}] Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll [2014-07-31 916320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-05 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}] Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11 464720] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}] Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll [2014-07-31 654688] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll [2014-10-17 669984] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] Free Download Manager - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-10-25 365056] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-05 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll [2014-07-31 916320] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {82E1477C-B154-48D3-9891-33D83C26BCD3} {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll [2014-07-31 654688] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-01-06 7660760] "Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2013-07-24 597576] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-07 3053808] "SoftEther VPN Client UI Helper"=C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [2014-09-04 4352568] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-01-06 1396592] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-12-16 21720] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NextLive"=C:\WINDOWS\SysWOW64\rundll32.exe [2014-11-19 51200] "uTorrent"=C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe [2014-12-19 1385808] "AdobeBridge"= [] "Advanced SystemCare 8"=C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2014-11-17 2425632] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-02-25 1045304] "HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904] "ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2013-10-01 395656] "Redirector"=C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [2013-10-01 153992] "IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe SoftEther VPN Client Manager Startup.lnk - C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] igfxdev.dll [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - ======List of files/folders created in the last 1 month====== 2015-01-13 14:34:57 ----D---- C:\rsit 2015-01-13 14:34:57 ----D---- C:\Program Files\trend micro 2015-01-12 21:06:45 ----ASH---- C:\pagefile.sys 2015-01-11 23:58:35 ----D---- C:\ProgramData\TopLang 2015-01-11 23:58:33 ----A---- C:\WINDOWS\system32\InetLock.dat 2015-01-11 23:58:32 ----D---- C:\Program Files\Internet Lock 2015-01-06 11:46:21 ----A---- C:\WINDOWS\system32\SRRPTR64.dll 2015-01-06 11:46:21 ----A---- C:\WINDOWS\system32\SRCOM64.dll 2015-01-06 11:46:21 ----A---- C:\WINDOWS\system32\SRCOM.dll 2015-01-06 11:46:21 ----A---- C:\WINDOWS\system32\SRAPO64.dll 2015-01-06 11:46:18 ----A---- C:\WINDOWS\system32\RtPgEx64.dll 2015-01-06 11:46:16 ----A---- C:\WINDOWS\system32\drivers\RTKVHD64.sys 2015-01-06 11:46:14 ----A---- C:\WINDOWS\system32\RtkApi64.dll 2015-01-06 11:46:13 ----A---- C:\WINDOWS\system32\RtDataProc64.dll 2015-01-06 11:46:13 ----A---- C:\WINDOWS\system32\RTCOM64.dll 2015-01-06 11:46:13 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT 2015-01-06 11:46:12 ----A---- C:\WINDOWS\system32\RltkAPO64.dll 2015-01-06 11:46:12 ----A---- C:\WINDOWS\system32\RCoRes64.dat 2015-01-06 11:46:12 ----A---- C:\WINDOWS\system32\RCoInstII64.dll 2015-01-06 11:45:58 ----A---- C:\WINDOWS\system32\CX64APO.dll 2015-01-06 11:45:56 ----A---- C:\WINDOWS\system32\AERTAC64.dll 2015-01-06 11:45:46 ----D---- C:\WINDOWS\LastGood.Tmp 2015-01-06 11:45:10 ----A---- C:\WINDOWS\system32\RtNicProp64.dll 2015-01-06 11:45:10 ----A---- C:\WINDOWS\system32\drivers\Rt630x64.sys 2014-12-30 15:02:25 ----A---- C:\WINDOWS\SYSWOW64\drivers\HWiNFO64A.SYS ======List of files/folders modified in the last 1 month====== 2015-01-13 14:34:57 ----RD---- C:\Program Files 2015-01-13 14:34:51 ----D---- C:\WINDOWS\Prefetch 2015-01-13 14:33:34 ----D---- C:\Program Files\SoftEther VPN Client 2015-01-13 14:13:09 ----D---- C:\WINDOWS\Temp 2015-01-13 14:00:09 ----D---- C:\WINDOWS\system32\sru 2015-01-13 13:59:54 ----D---- C:\WINDOWS\debug 2015-01-13 13:59:42 ----D---- C:\WINDOWS\Microsoft.NET 2015-01-13 13:51:44 ----D---- C:\WINDOWS\Tasks 2015-01-13 13:51:39 ----D---- C:\WINDOWS\system32\Tasks 2015-01-13 13:51:35 ----D---- C:\WINDOWS\system32\NDF 2015-01-13 13:33:14 ----RD---- C:\Program Files (x86) 2015-01-13 13:32:14 ----D---- C:\Program Files (x86)\IObit 2015-01-13 13:12:26 ----D---- C:\WINDOWS\system32\catroot2 2015-01-13 13:05:30 ----A---- C:\WINDOWS\SYSWOW64\log.txt 2015-01-13 13:01:04 ----D---- C:\Windows 2015-01-13 12:11:48 ----SHD---- C:\System Volume Information 2015-01-12 22:04:25 ----D---- C:\Users\David\AppData\Roaming\IObit 2015-01-12 21:47:41 ----D---- C:\WINDOWS\Logs 2015-01-12 21:17:33 ----D---- C:\WINDOWS\SysWOW64 2015-01-12 21:07:06 ----D---- C:\WINDOWS\Minidump 2015-01-12 21:02:39 ----SHD---- C:\WINDOWS\Installer 2015-01-12 21:02:38 ----SHD---- C:\Config.Msi 2015-01-12 20:55:46 ----D---- C:\WINDOWS\AppReadiness 2015-01-12 20:54:58 ----HD---- C:\Program Files\WindowsApps 2015-01-12 20:50:44 ----D---- C:\Program Files (x86)\Google 2015-01-12 20:39:38 ----SD---- C:\ProgramData\Microsoft 2015-01-12 20:04:36 ----D---- C:\WINDOWS\system32\config 2015-01-12 00:39:17 ----D---- C:\WINDOWS\SoftwareDistribution 2015-01-11 23:58:35 ----HD---- C:\ProgramData 2015-01-11 23:58:33 ----RD---- C:\WINDOWS\System32 2015-01-11 17:35:49 ----D---- C:\ProgramData\Adobe 2015-01-11 13:30:40 ----A---- C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2015-01-09 23:56:39 ----D---- C:\WINDOWS\Inf 2015-01-08 22:15:41 ----D---- C:\Program Files (x86)\Adobe 2015-01-08 22:13:45 ----D---- C:\Program Files\Common Files\Adobe 2015-01-08 22:12:25 ----D---- C:\Program Files\Adobe 2015-01-08 22:09:18 ----D---- C:\Users\David\AppData\Roaming\Adobe 2015-01-08 15:53:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2015-01-06 23:00:49 ----D---- C:\Users\David\AppData\Roaming\uTorrent 2015-01-06 18:32:16 ----D---- C:\ProgramData\ProductData 2015-01-06 11:48:03 ----D---- C:\WINDOWS\system32\catroot 2015-01-06 11:46:48 ----D---- C:\WINDOWS\SYSWOW64\RTCOM 2015-01-06 11:46:47 ----D---- C:\WINDOWS\system32\drivers 2015-01-06 11:46:38 ----D---- C:\WINDOWS\system32\DriverStore 2014-12-31 12:14:31 ----N---- C:\WINDOWS\system32\MpSigStub.exe 2014-12-30 15:02:25 ----D---- C:\WINDOWS\SYSWOW64\drivers 2014-12-19 17:34:16 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2014-12-19 17:31:49 ----RSD---- C:\WINDOWS\Fonts 2014-12-19 17:27:28 ----D---- C:\WINDOWS\WinSxS 2014-12-18 20:45:14 ----D---- C:\Users\David\AppData\Roaming\newnext.me 2014-12-18 19:17:17 ----D---- C:\WINDOWS\CbsTemp 2014-12-16 18:47:52 ----D---- C:\Users\David\AppData\Roaming\ProductData ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;@oem8.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040] R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-22 644968] R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184] R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\WINDOWS\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [2013-09-27 162392] R1 ctxusbm;Citrix USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\ctxusbm.sys [2013-09-24 97768] R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-30 26528] R1 SeLow;@oem2.inf,%SeLow_DisplayName%;SoftEther Lightweight Network Protocol; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [2014-09-03 38112] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-06-10 71680] R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600] R3 Accelerometer;@oem8.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840] R3 cpuz137;cpuz137; \??\C:\Users\David\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [] R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048] R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-11-05 3729920] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-01-06 4263128] R3 IntcDAud;@oem60.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-11-05 454416] R3 iwdbus;@oem38.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-01 27032] R3 MEIx64;@oem62.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-11-05 125952] R3 Neo_VPN;@oem19.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN; C:\WINDOWS\system32\DRIVERS\Neo_VPN.sys [2014-09-03 28768] R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848] R3 RTL8168;@oem52.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2015-01-06 874712] R3 RTWlanE;@oem59.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2014-11-05 3301592] R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-11-19 31472] R3 SynTP;@oem16.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-08-07 495856] R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-19 212736] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-06-10 38912] S1 vflt;@oem53.inf,%Description%;Shrew Soft Lightweight Filter; C:\WINDOWS\system32\DRIVERS\vfilter.sys [2013-07-01 24064] S3 dot4;@oem21.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968] S3 Dot4Print;@oem39.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040] S3 dot4usb;@oem21.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056] S3 HTCAND64;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736] S3 htcnprot;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2012-12-07 36928] S3 intaud_WaveExtensible;@oem37.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-01 38296] S3 RTSPER;Realtek PCIe CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-02-02 448072] S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-02-06 28400] S3 vnet;@oem58.inf,%Description%;Shrew Soft Virtual Adapter; C:\WINDOWS\system32\DRIVERS\virtualnet.sys [2013-07-01 17408] S3 vpnva;@oem40.inf,%VPNVA64_Desc%;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088] R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2014-11-04 815392] R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2013-12-08 98208] R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.15\AllShareFrameworkManagerDMS.exe [2013-07-23 404360] R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-11-19 38792] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528] R2 hpsrv;@oem8.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040] R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-02-01 1039160] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-22 15720] R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-11-05 282096] R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160] R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-14 131032] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-14 165336] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-14 279000] R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [2014-07-31 130104] R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-01-06 292568] R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2013-07-24 605768] R2 SEVPNCLIENT;SoftEther VPN Client; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [2014-09-04 4352568] R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2014-06-06 72992] R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-01-14 366040] R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-11-05 1001376] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27 116648] S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-11-04 2630432] S2 SecureUpdateSvc;SecureUpdate; C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [2013-10-30 2473296] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-16 267440] S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-19 38792] S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-11-05 279024] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27 116648] S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752] S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520] -----------------EOF-----------------