Logfile of random's system information tool 1.10 (written by random/random) Run by Dolly at 2015-02-08 17:08:53 Microsoft Windows 8.1 System drive C: has 837 GB (94%) free of 889 GB Total RAM: 3977 MB (57% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:08:59, on 8-2-2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17416) Boot mode: Normal Running processes: C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files\WindowsApps\TVGiDS.tv.TVGiDS.tv_1.0.0.3_neutral__6eqr4dc9dj61y\TVGiDS.exe C:\Program Files\trend micro\Dolly.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - Startup: Dropbox.lnk = Dolly\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7193 bytes ======Listing Processes====== wininit.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe" C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\igfxCUIService.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service dashost.exe {345f4651-87a2-4317-82abb5e7b3e7864d} "C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe" "C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe" C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\SearchIndexer.exe /Embedding C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\WINDOWS\System32\WinLogon.exe -SpecialSession -hiberboot "C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP "C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe" /Task taskhostex.exe C:\WINDOWS\Explorer.EXE "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe" Service igfxEM.exe igfxHK.exe igfxTray.exe "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server C:\Windows\System32\skydrive.exe -Embedding "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe" "C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe" /HotCorners C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store C:\WINDOWS\WinStore\WSHost.exe -Embedding "C:\Program Files\WindowsApps\TVGiDS.tv.TVGiDS.tv_1.0.0.3_neutral__6eqr4dc9dj61y\TVGiDS.exe" -ServerName:App.AppXg7dz3tawp7zhwrg8mpre3q9j9w82m876.mca "C:\Users\Dolly\Desktop\RSITx64.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\WINDOWS\tasks\ASC8_SkipUac_Dolly.job - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe /SkipUac C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\Uninstaller_SkipUac_Dolly.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-02-07 2471744] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}] Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11 464720] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17 669984] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-30 13672152] "RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-06-30 1387376] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "mbot_nl_96"= [] "IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-01-27 5768480] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Users\Dolly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Dolly\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] igfxdev.dll [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-02-06 09:28:54 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe 2015-02-01 09:02:33 ----D---- C:\Program Files\McAfee Security Scan 2015-01-31 21:36:45 ----D---- C:\ProgramData\McAfee Security Scan 2015-01-31 21:36:45 ----D---- C:\ProgramData\McAfee 2015-01-31 21:36:00 ----D---- C:\ProgramData\Adobe 2015-01-31 20:11:12 ----A---- C:\WINDOWS\system32\aspnet_counters.dll 2015-01-31 20:11:09 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll 2015-01-31 20:08:32 ----A---- C:\WINDOWS\system32\shell32.dll 2015-01-31 20:08:31 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-01-31 20:08:30 ----A---- C:\WINDOWS\system32\SyncEngine.dll 2015-01-31 20:08:29 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll 2015-01-31 20:08:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll 2015-01-31 20:08:28 ----A---- C:\WINDOWS\system32\ntoskrnl.exe 2015-01-31 20:08:27 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll 2015-01-31 20:08:27 ----A---- C:\WINDOWS\system32\wuaueng.dll 2015-01-31 20:08:27 ----A---- C:\WINDOWS\system32\msctf.dll 2015-01-31 20:08:27 ----A---- C:\WINDOWS\system32\mfplat.dll 2015-01-31 20:08:27 ----A---- C:\WINDOWS\system32\drivers\netio.sys 2015-01-31 20:08:26 ----AC---- C:\WINDOWS\system32\drivers\vhdmp.sys 2015-01-31 20:08:26 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys 2015-01-31 20:08:26 ----AC---- C:\WINDOWS\system32\drivers\i8042prt.sys 2015-01-31 20:08:26 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys 2015-01-31 20:08:26 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\SYSWOW64\QSVRMGMT.DLL 2015-01-31 20:08:26 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\WSDApi.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\WinSCard.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\vpnike.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\untfs.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\spoolsv.exe 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\SkyDrive.exe 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\QSVRMGMT.DLL 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\IKEEXT.DLL 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\drivers\dam.sys 2015-01-31 20:08:26 ----A---- C:\WINDOWS\system32\dnsrslvr.dll 2015-01-31 20:08:25 ----AC---- C:\WINDOWS\system32\drivers\mouclass.sys 2015-01-31 20:08:25 ----AC---- C:\WINDOWS\system32\drivers\kbdclass.sys 2015-01-31 20:08:25 ----AC---- C:\WINDOWS\system32\drivers\intelpep.sys 2015-01-31 20:08:25 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll 2015-01-31 20:08:25 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll 2015-01-31 20:08:25 ----A---- C:\WINDOWS\system32\wuauclt.exe 2015-01-31 20:08:25 ----A---- C:\WINDOWS\system32\WSDMon.dll 2015-01-31 20:08:25 ----A---- C:\WINDOWS\system32\ntdll.dll 2015-01-31 20:08:25 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys 2015-01-31 20:08:25 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys 2015-01-31 20:08:25 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys 2015-01-31 20:08:25 ----A---- C:\WINDOWS\system32\drivers\pdc.sys 2015-01-31 20:08:25 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS 2015-01-31 20:08:25 ----A---- C:\WINDOWS\system32\BFE.DLL 2015-01-31 20:08:25 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll 2015-01-31 20:08:24 ----AC---- C:\WINDOWS\system32\drivers\sermouse.sys 2015-01-31 20:08:24 ----AC---- C:\WINDOWS\system32\drivers\mouhid.sys 2015-01-31 20:08:24 ----AC---- C:\WINDOWS\system32\drivers\kbdhid.sys 2015-01-31 20:08:24 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll 2015-01-31 20:08:24 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll 2015-01-31 20:08:24 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll 2015-01-31 20:08:24 ----A---- C:\WINDOWS\SYSWOW64\QSHVHOST.DLL 2015-01-31 20:08:24 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll 2015-01-31 20:08:24 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll 2015-01-31 20:08:24 ----A---- C:\WINDOWS\system32\wucltux.dll 2015-01-31 20:08:24 ----A---- C:\WINDOWS\system32\wuapi.dll 2015-01-31 20:08:24 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll 2015-01-31 20:08:24 ----A---- C:\WINDOWS\system32\rasapi32.dll 2015-01-31 20:08:24 ----A---- C:\WINDOWS\system32\QSHVHOST.DLL 2015-01-31 20:08:24 ----A---- C:\WINDOWS\system32\nshwfp.dll 2015-01-31 20:08:24 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys 2015-01-31 20:08:24 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys 2015-01-31 20:08:24 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys 2015-01-31 20:08:24 ----A---- C:\WINDOWS\system32\DevicePairing.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\SYSWOW64\vsstrace.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\SYSWOW64\vssapi.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\SYSWOW64\rasser.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\SYSWOW64\rasdiag.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\SYSWOW64\rascfg.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL 2015-01-31 20:08:23 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\wuwebv.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\wudriver.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\wow64.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\VSSVC.exe 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\vsstrace.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\vssapi.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\rasser.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\rasmxs.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\rasdiag.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\rascfg.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL 2015-01-31 20:08:23 ----A---- C:\WINDOWS\system32\dnsapi.dll 2015-01-31 20:08:23 ----A---- C:\WINDOWS\splwow64.exe 2015-01-31 20:08:22 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe 2015-01-31 20:08:22 ----A---- C:\WINDOWS\SYSWOW64\wow32.dll 2015-01-31 20:08:22 ----A---- C:\WINDOWS\SYSWOW64\user.exe 2015-01-31 20:08:22 ----A---- C:\WINDOWS\SYSWOW64\setup16.exe 2015-01-31 20:08:22 ----A---- C:\WINDOWS\SYSWOW64\rasmxs.dll 2015-01-31 20:08:22 ----A---- C:\WINDOWS\SYSWOW64\ntvdm64.dll 2015-01-31 20:08:22 ----A---- C:\WINDOWS\SYSWOW64\instnm.exe 2015-01-31 20:08:22 ----A---- C:\WINDOWS\SYSWOW64\eventcls.dll 2015-01-31 20:08:22 ----A---- C:\WINDOWS\system32\wuapp.exe 2015-01-31 20:08:22 ----A---- C:\WINDOWS\system32\wow64cpu.dll 2015-01-31 20:08:22 ----A---- C:\WINDOWS\system32\ntvdm64.dll 2015-01-31 20:08:22 ----A---- C:\WINDOWS\system32\eventcls.dll 2015-01-31 20:08:07 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll 2015-01-31 20:08:07 ----A---- C:\WINDOWS\system32\winbici.dll 2015-01-31 20:08:07 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll 2015-01-31 20:08:07 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe 2015-01-31 20:07:22 ----A---- C:\WINDOWS\system32\wups.dll 2015-01-31 20:07:22 ----A---- C:\WINDOWS\system32\wuaext.dll 2015-01-31 20:07:21 ----A---- C:\WINDOWS\system32\wups2.dll 2015-01-31 20:07:19 ----A---- C:\WINDOWS\SYSWOW64\wups.dll 2015-01-14 17:07:55 ----A---- C:\WINDOWS\system32\TSWbPrxy.exe 2015-01-14 17:07:55 ----A---- C:\WINDOWS\system32\profsvc.dll 2015-01-14 17:07:55 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys 2015-01-14 17:07:55 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys 2015-01-14 17:07:54 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe 2015-01-14 17:07:54 ----A---- C:\WINDOWS\SYSWOW64\wer.dll 2015-01-14 17:07:54 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll 2015-01-14 17:07:54 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe 2015-01-14 17:07:54 ----A---- C:\WINDOWS\system32\wer.dll 2015-01-14 17:07:54 ----A---- C:\WINDOWS\system32\nlasvc.dll 2015-01-14 17:07:54 ----A---- C:\WINDOWS\system32\ncsi.dll 2015-01-14 17:07:54 ----A---- C:\WINDOWS\system32\Faultrep.dll 2015-01-14 17:07:54 ----A---- C:\WINDOWS\system32\EncDump.dll 2015-01-14 17:07:54 ----A---- C:\WINDOWS\system32\ci.dll 2015-01-14 17:07:54 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-01-09 17:05:03 ----A---- C:\WINDOWS\system32\RtNicProp64.dll 2015-01-09 17:05:03 ----A---- C:\WINDOWS\system32\drivers\Rt630x64.sys 2015-01-09 17:04:51 ----A---- C:\WINDOWS\system32\drivers\RtsUStor.sys 2015-01-09 17:03:58 ----A---- C:\WINDOWS\system32\drivers\btmhsf.sys 2015-01-09 17:03:47 ----A---- C:\WINDOWS\system32\drivers\TeeDriverx64.sys 2015-01-09 17:00:22 ----A---- C:\WINDOWS\SYSWOW64\drivers\HWiNFO64A.SYS ======List of files/folders modified in the last 1 month====== 2015-02-08 17:08:57 ----D---- C:\Program Files\trend micro 2015-02-08 17:00:00 ----D---- C:\WINDOWS\system32\sru 2015-02-08 16:52:00 ----D---- C:\WINDOWS\Temp 2015-02-08 16:50:39 ----D---- C:\WINDOWS\Microsoft.NET 2015-02-08 16:50:12 ----D---- C:\WINDOWS\Prefetch 2015-02-08 15:30:06 ----D---- C:\WINDOWS\debug 2015-02-08 14:52:18 ----D---- C:\Users\Dolly\AppData\Roaming\Skype 2015-02-08 14:49:53 ----D---- C:\WINDOWS\system32\catroot2 2015-02-08 14:49:52 ----D---- C:\Windows 2015-02-08 09:23:48 ----D---- C:\WINDOWS\system32\config 2015-02-07 17:53:29 ----D---- C:\Users\Dolly\AppData\Roaming\Dropbox 2015-02-07 09:44:35 ----D---- C:\WINDOWS\Tasks 2015-02-07 09:44:35 ----D---- C:\WINDOWS\system32\Tasks 2015-02-07 09:04:31 ----D---- C:\WINDOWS\AppReadiness 2015-02-07 09:04:30 ----HD---- C:\Program Files\WindowsApps 2015-02-06 22:58:03 ----SHD---- C:\WINDOWS\Installer 2015-02-06 22:58:03 ----SHD---- C:\Config.Msi 2015-02-06 22:53:43 ----RD---- C:\Program Files (x86) 2015-02-06 16:59:39 ----D---- C:\WINDOWS\SoftwareDistribution 2015-02-06 09:28:56 ----D---- C:\WINDOWS\CbsTemp 2015-02-06 09:28:54 ----D---- C:\WINDOWS\WinSxS 2015-02-06 09:28:54 ----D---- C:\WINDOWS\SysWOW64 2015-02-06 09:26:47 ----SHD---- C:\System Volume Information 2015-02-04 18:44:51 ----D---- C:\WINDOWS\Inf 2015-02-04 08:35:33 ----D---- C:\ProgramData\ProductData 2015-02-04 08:35:22 ----D---- C:\WINDOWS\system32\DriverStore 2015-02-01 16:01:57 ----D---- C:\WINDOWS\rescache 2015-02-01 09:02:33 ----RD---- C:\Program Files 2015-01-31 21:46:26 ----D---- C:\Users\Dolly\AppData\Roaming\Adobe 2015-01-31 21:36:45 ----HD---- C:\ProgramData 2015-01-31 21:36:14 ----D---- C:\Program Files (x86)\Common Files 2015-01-31 21:36:14 ----D---- C:\Program Files (x86)\Adobe 2015-01-31 20:45:12 ----RD---- C:\WINDOWS\assembly 2015-01-31 20:16:53 ----RD---- C:\WINDOWS\ToastData 2015-01-31 20:16:51 ----D---- C:\WINDOWS\SYSWOW64\setup 2015-01-31 20:16:49 ----RD---- C:\WINDOWS\System32 2015-01-31 20:16:49 ----D---- C:\WINDOWS\system32\setup 2015-01-31 20:16:49 ----D---- C:\WINDOWS\system32\nl-NL 2015-01-31 20:16:49 ----D---- C:\WINDOWS\system32\drivers 2015-01-31 20:16:47 ----D---- C:\WINDOWS\apppatch 2015-01-31 20:16:41 ----D---- C:\WINDOWS\MediaViewer 2015-01-31 20:16:41 ----D---- C:\WINDOWS\Camera 2015-01-31 20:16:40 ----D---- C:\WINDOWS\FileManager 2015-01-31 09:06:28 ----D---- C:\WINDOWS\system32\wdi 2015-01-28 08:47:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2015-01-26 08:33:19 ----D---- C:\WINDOWS\system32\LogFiles 2015-01-15 17:24:57 ----D---- C:\WINDOWS\system32\drivers\UMDF 2015-01-14 23:10:38 ----D---- C:\WINDOWS\system32\CodeIntegrity 2015-01-14 17:26:09 ----D---- C:\WINDOWS\system32\MRT 2015-01-14 17:23:30 ----A---- C:\WINDOWS\system32\MRT.exe 2015-01-10 07:55:23 ----D---- C:\WINDOWS\Logs 2015-01-09 17:07:16 ----D---- C:\Users\Dolly\AppData\Roaming\IObit 2015-01-09 17:05:25 ----D---- C:\WINDOWS\system32\catroot 2015-01-09 17:00:22 ----D---- C:\WINDOWS\SYSWOW64\drivers ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952] R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184] R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-09-24 157016] R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-09 26528] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2015-01-04 71680] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-01-04 53248] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-24 118272] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-01-04 81920] R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [2015-01-09 1424184] R3 iBtFltCoex;iBtFltCoex; C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys [2014-12-20 69088] R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-12-20 3828152] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-06-30 3962840] R3 iwdbus;@oem13.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-08-01 27032] R3 MEIx64;@oem34.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2015-01-09 125952] R3 NETwNe64;@oem21.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 8 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [2014-09-25 3351520] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2014-09-24 167424] R3 RSUSBSTOR;@oem36.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2015-01-09 272600] R3 RTL8168;@oem37.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2015-01-09 874712] R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-11-13 31472] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-01-04 212736] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2015-01-04 38912] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-01-04 1198080] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-08-01 38296] S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2014-11-10 34848] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2014-11-10 23016] S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-11-10 23048] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088] R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2014-11-04 815392] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-12-20 318568] R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-01-27 344864] R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-01-16 2724128] R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2015-01-05 1056544] R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-18 107912] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-01-04 38792] S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-12-20 280680] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-18 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-11-18 194032] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] -----------------EOF-----------------