Logfile of random's system information tool 1.10 (written by random/random) Run by Max at 2015-04-15 14:47:42 Microsoft Windows 8.1 Pro N System drive C: has 4 GB (2%) free of 191 GB Total RAM: 5588 MB (73% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:47:50, on 15-4-2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17416) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\NAV.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Max.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1420366749&from=irs&uid=HitachiXHTS545050A7E380_TA9511GZKNK1SPKNK1SPX R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1402683402&from=wpm0612&uid=HitachiXHTS545050A7E380_TA9511GZKNK1SPKNK1SPX&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_jIqpdJimLnWy595BC31IvNYBQB0dvOawHrGng4ORx-tC7ArZH7Pncwjmq6MryrptFWjyFUmCPGa_8TnH3sl1SepFZNtQuZZJ0IUUTFlvG0uhmM4st0HEhhKrLUBO0QoTb2cCMae1Js3w&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_jIqpdJimLnWy595BC31IvNYBQB0dvOawHrGng4ORx-tC7ArZH7Pncwjmq6MryrptFWjyFUmCPGa_8TnH3sl1SepFZNtQuZZJ0IUUTFlvG0uhmM4st0HEhhKrLUBO0QoTb2cCMae1Js3w&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gosearch.me/?u=6002a344e58627d808e19bd2a9f5531f&c=up1&src=hp&inst=1428417706 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1420366749&from=irs&uid=HitachiXHTS545050A7E380_TA9511GZKNK1SPKNK1SPX R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1420366749&from=irs&uid=HitachiXHTS545050A7E380_TA9511GZKNK1SPKNK1SPX&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1420366749&from=irs&uid=HitachiXHTS545050A7E380_TA9511GZKNK1SPKNK1SPX&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_jIqpdJimLnWy595BC31IvNYBQB0dvOawHrGng4ORx-tC7ArZH7Pncwjmq6MryrptFWjyFUmCPGa_8TnH3sl1SepFZNtQuZZJ0IUUTFlvG0uhmM4st0HEhhKrLUBO0QoTb2cCMae1Js3w&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_jIqpdJimLnWy595BC31IvNYBQB0dvOawHrGng4ORx-tC7ArZH7Pncwjmq6MryrptFWjyFUmCPGa_8TnH3sl1SepFZNtQuZZJ0IUUTFlvG0uhmM4st0HEhhKrLUBO0QoTb2cCMae1Js3w&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: DDiscoouunTaLuocatiOrr - {10ab231a-91a4-4a84-85d9-a0bde07565c7} - C:\ProgramData\DDiscoouunTaLuocatiOrr\EFh8MkKMepSED5.dll (file missing) O2 - BHO: CrossriderApp0059599 - {11111111-1111-1111-1111-110511951199} - C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll (file missing) O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: webssaVer - {929eedbe-8f9f-4c51-b9dd-48adc72de1d4} - C:\Program Files\webssaVer\7q6DaPh51PQsG9.dll O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: SecureWebBHO - {D3C24E2B-C820-4492-9B69-11BF7163F998} - C:\Program Files (x86)\Jelbrus Secure Web\jsie.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: FineDeaeLLSofto - {e20caaf1-02ad-41e2-aaf7-606054af9e39} - C:\ProgramData\FineDeaeLLSofto\MJyALfz992yUCL.dll (file missing) O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [BlockAndSurf] C:\Program Files (x86)\di8BlockAndSurf\BlockAndSurf.exe O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKCU\..\Run: [Copy] "C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [uTorrent] "C:\Users\Max\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [ChicaPasswordManager] "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [SpeedTray] C:\Users\Max\AppData\Roaming\SpeedTray\speedtray.exe O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user') O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ALL_LINK O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ONE_LINK O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\NAV.exe O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Privoxy (PrivoxyService) (PrivoxyService) - The Privoxy team - www.privoxy.org - C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14731 bytes ======Listing Processes====== wininit.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\NAV.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\diMaster.dll" /prefetch:1 dashost.exe {d4770c5a-c0db-4b8c-9fc7f6cc0c94b9f3} "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\diMaster.dll" /prefetch:1 "C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe" --service C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\System32\WinLogon.exe -SpecialSession -hiberboot atieclxx "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe" "C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\NAV.exe" /c /a /s UserSession "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe" /c /a /s UserSession taskeng.exe {3E86BCC9-AB54-4B04-AF8F-DEA40E38B0D9} taskhostex.exe C:\Windows\Explorer.EXE ClassicStartMenu.exe -startup "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server C:\Windows\System32\skydrive.exe -Embedding "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding "C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe" taskeng.exe {88C2936E-DFE6-4C67-85AB-C164AD24C0B6} "C:\Program Files\Microsoft Office\Office15\MsoSync.exe" "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE" -Embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory=Default "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4496.0.87196564\952219665" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x1002 --gpu-device-id=0x9903 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.251.9001.1001 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4496 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4496.2.1760181446\1648268444" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4496 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4496.5.90594797\2124801776" /prefetch:673131151 taskhost.exe $(Arg0) C:\Windows\system32\wbem\wmiprvse.exe "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580 "C:\Users\Max\Desktop\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\SaveSense.job - C:\Users\Max\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE /Check ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10ab231a-91a4-4a84-85d9-a0bde07565c7}] DDiscoouunTaLuocatiOrr - C:\ProgramData\DDiscoouunTaLuocatiOrr\EFh8MkKMepSED5.x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951199}] video MediaPlay-Air - C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll [2014-07-24 790040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10 218776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f2a23e3-fd25-4e44-bd78-e24c871801b8}] lEsS2pay - C:\Program Files\lEsS2pay\iJ5V4wvqnboGM1.x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7658cac4-85c4-452b-84d4-ff3be38ba64b}] PriCCeDOwNloaader - C:\ProgramData\PriCCeDOwNloaader\Iw6VWnzPqJR41S.x64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7a2ea63a-d6e6-4e0f-81d1-1da7e787a72d}] dowanloadItkeeep - C:\ProgramData\dowanloadItkeeep\jQNZFWLhsum68V.x64.dll [2015-01-19 701952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{929eedbe-8f9f-4c51-b9dd-48adc72de1d4}] webssaVer - C:\Program Files\webssaVer\7q6DaPh51PQsG9.x64.dll [2015-02-02 708096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}] Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05 931640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-01-21 2334928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e20caaf1-02ad-41e2-aaf7-606054af9e39}] FineDeaeLLSofto - C:\ProgramData\FineDeaeLLSofto\MJyALfz992yUCL.x64.dll [2015-01-08 701952] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10ab231a-91a4-4a84-85d9-a0bde07565c7}] DDiscoouunTaLuocatiOrr - C:\ProgramData\DDiscoouunTaLuocatiOrr\EFh8MkKMepSED5.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951199}] video MediaPlay-Air - C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10 153248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05 392344] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{929eedbe-8f9f-4c51-b9dd-48adc72de1d4}] webssaVer - C:\Program Files\webssaVer\7q6DaPh51PQsG9.dll [2015-02-02 564736] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}] Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05 664376] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-01-21 1729744] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3C24E2B-C820-4492-9B69-11BF7163F998}] SecureWebBHO Class - C:\Program Files (x86)\Jelbrus Secure Web\jsie.dll [2015-02-17 119808] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e20caaf1-02ad-41e2-aaf7-606054af9e39}] FineDeaeLLSofto - C:\ProgramData\FineDeaeLLSofto\MJyALfz992yUCL.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05 931640] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05 664376] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2014-09-16 11877656] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728] "Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 3933496] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-04-07 169768] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"=C:\Users\Max\AppData\Roaming\Copy\CopyAgent.exe [2015-01-23 15435920] "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background [] "uTorrent"=C:\Users\Max\AppData\Roaming\uTorrent\uTorrent.exe [2014-10-10 1385808] "ChicaPasswordManager"=C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe /autorunned [] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25 31682144] "SpeedTray"=C:\Users\Max\AppData\Roaming\SpeedTray\speedtray.exe [2014-12-30 725518] "iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2014-11-21 43816] "ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-11-21 43816] "iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2014-11-21 43816] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-11 256896] "BlockAndSurf"=C:\Program Files (x86)\di8BlockAndSurf\BlockAndSurf.exe [] "fst_nl_72"= [] "LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-13 204136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~3\WinSpeed\WINSPE~1.DLL" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 "DisableRegedit"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 "DisableRegedit"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0 "NoActiveDesktopChanges"=0 "NoSetActiveDesktop"=0 "NoDesktop"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktopChanges"=0 "NoSetActiveDesktop"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "VIDC.YUY2"=msyuv.dll "vidc.i420"=lvcod64.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "VIDC.FPS1"=frapsv64.dll "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "mixer3"=wdmaud.drv "MSVideo"=vfwwdm32.dll "wave4"=wdmaud.drv "midi2"=wdmaud.drv "mixer4"=wdmaud.drv "aux2"=wdmaud.drv "msacm.l3acm"=C:\Windows\System32\l3codeca.acm ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-04-15 14:47:43 ----D---- C:\Program Files\trend micro 2015-04-15 14:47:42 ----D---- C:\rsit 2015-04-13 20:05:08 ----D---- C:\Program Files (x86)\ASUS 2015-04-13 14:34:30 ----D---- C:\Program Files\iPod 2015-04-13 14:34:30 ----D---- C:\Program Files (x86)\iTunes 2015-04-13 14:34:29 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-04-13 14:34:29 ----D---- C:\Program Files\iTunes 2015-04-10 18:21:00 ----A---- C:\Windows\system32\wmp.dll 2015-04-10 18:20:59 ----A---- C:\Windows\system32\msmpeg2vdec.dll 2015-04-10 18:20:58 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll 2015-04-10 18:20:57 ----A---- C:\Windows\SYSWOW64\wmp.dll 2015-04-10 18:20:55 ----A---- C:\Windows\SYSWOW64\mfsrcsnk.dll 2015-04-10 18:20:54 ----A---- C:\Windows\system32\mfsrcsnk.dll 2015-04-10 18:20:54 ----A---- C:\Windows\system32\mfnetsrc.dll 2015-04-10 18:20:54 ----A---- C:\Windows\system32\mfnetcore.dll 2015-04-10 18:20:54 ----A---- C:\Windows\system32\mfasfsrcsnk.dll 2015-04-10 18:20:53 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll 2015-04-10 18:20:53 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll 2015-04-10 18:20:53 ----A---- C:\Windows\SYSWOW64\mfasfsrcsnk.dll 2015-04-10 18:20:52 ----A---- C:\Windows\system32\WebcamUi.dll 2015-04-10 18:20:51 ----A---- C:\Windows\SYSWOW64\WebcamUi.dll 2015-04-10 18:20:50 ----A---- C:\Windows\SYSWOW64\mfds.dll 2015-04-10 18:20:50 ----A---- C:\Windows\system32\mfds.dll 2015-04-10 18:20:49 ----A---- C:\Windows\system32\WMPDMC.exe 2015-04-10 18:20:48 ----A---- C:\Windows\SYSWOW64\msvproc.dll 2015-04-10 18:20:48 ----A---- C:\Windows\system32\msvproc.dll 2015-04-10 18:20:47 ----A---- C:\Windows\SYSWOW64\WMPDMC.exe 2015-04-10 18:20:46 ----A---- C:\Windows\system32\wmpdxm.dll 2015-04-10 18:20:46 ----A---- C:\Windows\system32\Windows.Media.Renewal.dll 2015-04-10 18:20:45 ----A---- C:\Windows\system32\dxmasf.dll 2015-04-10 15:17:32 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2015-04-10 15:17:32 ----A---- C:\Windows\SYSWOW64\mfcore.dll 2015-04-10 15:17:32 ----A---- C:\Windows\system32\WMVDECOD.DLL 2015-04-10 15:17:32 ----A---- C:\Windows\system32\mfcore.dll 2015-04-10 15:17:31 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll 2015-04-10 15:17:31 ----A---- C:\Windows\SYSWOW64\mfplat.dll 2015-04-10 15:17:31 ----A---- C:\Windows\system32\Windows.Media.dll 2015-04-10 15:17:31 ----A---- C:\Windows\system32\mfplat.dll 2015-04-10 15:17:30 ----A---- C:\Windows\SYSWOW64\mftranscode.dll 2015-04-10 15:17:30 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll 2015-04-10 15:17:30 ----A---- C:\Windows\system32\wpdbusenum.dll 2015-04-10 15:17:30 ----A---- C:\Windows\system32\mftranscode.dll 2015-04-10 15:17:30 ----A---- C:\Windows\system32\mfreadwrite.dll 2015-04-10 15:17:30 ----A---- C:\Windows\system32\mfps.dll 2015-04-10 14:39:52 ----A---- C:\Windows\system32\mf.dll 2015-04-10 14:39:51 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll 2015-04-10 14:39:51 ----A---- C:\Windows\SYSWOW64\mf.dll 2015-04-10 14:39:51 ----A---- C:\Windows\system32\winmde.dll 2015-04-10 14:39:51 ----A---- C:\Windows\system32\mfsvr.dll 2015-04-10 14:39:51 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll 2015-04-10 14:39:50 ----A---- C:\Windows\SYSWOW64\mfsvr.dll 2015-04-10 14:39:50 ----A---- C:\Windows\system32\wmpmde.dll 2015-04-10 14:39:50 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll 2015-04-10 14:39:49 ----A---- C:\Windows\SYSWOW64\winmde.dll 2015-04-10 14:39:49 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll 2015-04-10 14:39:49 ----A---- C:\Windows\SYSWOW64\MFCaptureEngine.dll 2015-04-10 14:39:49 ----A---- C:\Windows\system32\MFCaptureEngine.dll 2015-04-10 14:39:48 ----A---- C:\Windows\SYSWOW64\MSVideoDSP.dll 2015-04-10 14:39:48 ----A---- C:\Windows\system32\MSVideoDSP.dll 2015-04-10 14:39:48 ----A---- C:\Windows\system32\mfpmp.exe 2015-04-10 14:39:48 ----A---- C:\Windows\system32\MDEServer.exe 2015-04-10 14:36:58 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll 2015-04-10 14:36:58 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll 2015-04-10 14:36:58 ----A---- C:\Windows\system32\mfmp4srcsnk.dll 2015-04-10 14:36:58 ----A---- C:\Windows\system32\MFMediaEngine.dll 2015-04-08 15:47:30 ----D---- C:\Program Files\Windows Portable Devices 2015-04-08 15:47:30 ----D---- C:\Program Files\Windows Multimedia Platform 2015-04-08 15:47:27 ----D---- C:\Program Files\Windows Media Player 2015-04-08 15:47:27 ----D---- C:\Program Files (x86)\Windows Portable Devices 2015-04-08 15:47:27 ----D---- C:\Program Files (x86)\Windows Multimedia Platform 2015-04-08 15:47:24 ----D---- C:\Program Files (x86)\Windows Media Player 2015-04-08 15:47:22 ----D---- C:\Windows\SYSWOW64\LogFiles 2015-04-08 15:43:29 ----A---- C:\Windows\SYSWOW64\WmpDui.dll 2015-04-08 15:43:29 ----A---- C:\Windows\system32\WmpDui.dll 2015-04-08 15:43:29 ----A---- C:\Windows\system32\mswmdm.dll 2015-04-08 15:43:28 ----A---- C:\Windows\SYSWOW64\WMASF.DLL 2015-04-08 15:43:28 ----A---- C:\Windows\SYSWOW64\mswmdm.dll 2015-04-08 15:43:28 ----A---- C:\Windows\system32\WMASF.DLL 2015-04-08 15:43:23 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2015-04-08 15:43:23 ----A---- C:\Windows\system32\wmcodecdspps.dll 2015-04-08 15:43:23 ----A---- C:\Windows\system32\rrinstaller.exe 2015-04-08 15:43:22 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll 2015-04-08 15:43:21 ----A---- C:\Windows\SYSWOW64\WPDShextAutoplay.exe 2015-04-08 15:43:21 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe 2015-04-08 15:43:21 ----A---- C:\Windows\SYSWOW64\mfdvdec.dll 2015-04-08 15:43:21 ----A---- C:\Windows\system32\PortableDeviceStatus.dll 2015-04-08 15:43:21 ----A---- C:\Windows\system32\mfdvdec.dll 2015-04-08 15:43:20 ----A---- C:\Windows\SYSWOW64\wmcodecdspps.dll 2015-04-08 15:43:20 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll 2015-04-08 15:43:19 ----A---- C:\Windows\SYSWOW64\mfpmp.exe 2015-04-08 15:43:15 ----A---- C:\Windows\system32\spwmp.dll 2015-04-08 15:43:14 ----A---- C:\Windows\SYSWOW64\wmerror.dll 2015-04-08 15:43:14 ----A---- C:\Windows\SYSWOW64\mferror.dll 2015-04-08 15:43:14 ----A---- C:\Windows\SYSWOW64\asferror.dll 2015-04-08 15:43:14 ----A---- C:\Windows\system32\wmerror.dll 2015-04-08 15:43:14 ----A---- C:\Windows\system32\mferror.dll 2015-04-08 15:43:14 ----A---- C:\Windows\system32\asferror.dll 2015-04-08 15:43:13 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll 2015-04-08 15:43:13 ----A---- C:\Windows\SYSWOW64\PortableDeviceConnectApi.dll 2015-04-08 15:43:13 ----A---- C:\Windows\SYSWOW64\mfh264enc.dll 2015-04-08 15:43:13 ----A---- C:\Windows\system32\mfh264enc.dll 2015-04-08 15:43:11 ----A---- C:\Windows\SYSWOW64\wmdmlog.dll 2015-04-08 15:43:11 ----A---- C:\Windows\system32\wmdmlog.dll 2015-04-08 15:43:11 ----A---- C:\Windows\system32\msnetobj.dll 2015-04-08 15:43:09 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll 2015-04-08 15:43:09 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL 2015-04-08 15:43:09 ----A---- C:\Windows\system32\mfvdsp.dll 2015-04-08 15:43:09 ----A---- C:\Windows\system32\COLORCNV.DLL 2015-04-08 15:43:08 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL 2015-04-08 15:43:08 ----A---- C:\Windows\system32\MSAC3ENC.DLL 2015-04-08 15:43:07 ----A---- C:\Windows\SYSWOW64\MFPlay.dll 2015-04-08 15:43:07 ----A---- C:\Windows\system32\MFPlay.dll 2015-04-08 15:43:05 ----A---- C:\Windows\SYSWOW64\wmpshell.dll 2015-04-08 15:43:05 ----A---- C:\Windows\SYSWOW64\spwmp.dll 2015-04-08 15:43:05 ----A---- C:\Windows\system32\wmpshell.dll 2015-04-08 15:43:05 ----A---- C:\Windows\system32\CameraSettingsUIHost.exe 2015-04-08 15:43:04 ----A---- C:\Windows\SYSWOW64\wmpps.dll 2015-04-08 15:43:04 ----A---- C:\Windows\SYSWOW64\wmdmps.dll 2015-04-08 15:43:04 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.ps.dll 2015-04-08 15:43:04 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL 2015-04-08 15:43:04 ----A---- C:\Windows\SYSWOW64\msnetobj.dll 2015-04-08 15:43:04 ----A---- C:\Windows\SYSWOW64\mfps.dll 2015-04-08 15:43:04 ----A---- C:\Windows\SYSWOW64\LAPRXY.DLL 2015-04-08 15:43:04 ----A---- C:\Windows\SYSWOW64\evr.dll 2015-04-08 15:43:04 ----A---- C:\Windows\SYSWOW64\dxmasf.dll 2015-04-08 15:43:04 ----A---- C:\Windows\SYSWOW64\CameraSettingsUIHost.exe 2015-04-08 15:43:04 ----A---- C:\Windows\system32\wmpps.dll 2015-04-08 15:43:04 ----A---- C:\Windows\system32\wmdmps.dll 2015-04-08 15:43:04 ----A---- C:\Windows\system32\Windows.Media.Streaming.ps.dll 2015-04-08 15:43:04 ----A---- C:\Windows\system32\LAPRXY.DLL 2015-04-08 15:43:03 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll 2015-04-08 15:43:03 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL 2015-04-08 15:43:03 ----A---- C:\Windows\system32\MFWMAAEC.DLL 2015-04-08 15:43:03 ----A---- C:\Windows\system32\mfmjpegdec.dll 2015-04-08 15:43:02 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL 2015-04-08 15:43:02 ----A---- C:\Windows\SYSWOW64\mfAACEnc.dll 2015-04-08 15:43:02 ----A---- C:\Windows\system32\MP4SDECD.DLL 2015-04-08 15:43:02 ----A---- C:\Windows\system32\mfAACEnc.dll 2015-04-08 15:43:00 ----A---- C:\Windows\system32\DMRServer.exe 2015-04-08 15:42:59 ----A---- C:\Windows\SYSWOW64\wmvdspa.dll 2015-04-08 15:42:59 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL 2015-04-08 15:42:59 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL 2015-04-08 15:42:59 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL 2015-04-08 15:42:59 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL 2015-04-08 15:42:59 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll 2015-04-08 15:42:59 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL 2015-04-08 15:42:59 ----A---- C:\Windows\system32\WMVXENCD.DLL 2015-04-08 15:42:59 ----A---- C:\Windows\system32\WMVSENCD.DLL 2015-04-08 15:42:59 ----A---- C:\Windows\system32\wmvdspa.dll 2015-04-08 15:42:59 ----A---- C:\Windows\system32\VIDRESZR.DLL 2015-04-08 15:42:59 ----A---- C:\Windows\system32\MPG4DECD.DLL 2015-04-08 15:42:59 ----A---- C:\Windows\system32\MP43DECD.DLL 2015-04-08 15:42:59 ----A---- C:\Windows\system32\MP3DMOD.DLL 2015-04-08 15:42:58 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll 2015-04-08 15:42:58 ----A---- C:\Windows\SYSWOW64\unregmp2.exe 2015-04-08 15:42:58 ----A---- C:\Windows\SYSWOW64\PortableDeviceWiaCompat.dll 2015-04-08 15:42:58 ----A---- C:\Windows\SYSWOW64\dlnashext.dll 2015-04-08 15:42:58 ----A---- C:\Windows\system32\wmdrmnet.dll 2015-04-08 15:42:58 ----A---- C:\Windows\system32\unregmp2.exe 2015-04-08 15:42:58 ----A---- C:\Windows\system32\logagent.exe 2015-04-08 15:42:58 ----A---- C:\Windows\system32\evr.dll 2015-04-08 15:42:58 ----A---- C:\Windows\system32\dlnashext.dll 2015-04-08 15:42:58 ----A---- C:\Windows\system32\cewmdm.dll 2015-04-08 15:42:57 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL 2015-04-08 15:42:57 ----A---- C:\Windows\SYSWOW64\cewmdm.dll 2015-04-08 15:42:57 ----A---- C:\Windows\SYSWOW64\audiodev.dll 2015-04-08 15:42:57 ----A---- C:\Windows\system32\WMNetMgr.dll 2015-04-08 15:42:57 ----A---- C:\Windows\system32\wmidx.dll 2015-04-08 15:42:57 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll 2015-04-08 15:42:56 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\WPDSp.dll 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\PortableDeviceWMDRM.dll 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\msscp.dll 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll 2015-04-08 15:42:55 ----A---- C:\Windows\SYSWOW64\blackbox.dll 2015-04-08 15:42:54 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll 2015-04-08 15:42:54 ----A---- C:\Windows\SYSWOW64\wmidx.dll 2015-04-08 15:42:54 ----A---- C:\Windows\SYSWOW64\logagent.exe 2015-04-08 15:42:54 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2015-04-08 15:42:54 ----A---- C:\Windows\system32\drivers\WpdUpFltr.sys 2015-04-08 15:42:53 ----A---- C:\Windows\SYSWOW64\PortableDeviceClassExtension.dll 2015-04-08 15:42:52 ----A---- C:\Windows\SYSWOW64\PortableDeviceTypes.dll 2015-04-08 15:42:52 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\WPDSp.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\WMVSDECD.DLL 2015-04-08 15:42:52 ----A---- C:\Windows\system32\wmdrmsdk.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\wmdrmdev.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\msscp.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\drmv2clt.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\drmmgrtn.dll 2015-04-08 15:42:52 ----A---- C:\Windows\system32\blackbox.dll 2015-04-08 15:42:51 ----A---- C:\Windows\SYSWOW64\wpdshext.dll 2015-04-08 15:42:51 ----A---- C:\Windows\system32\wpdshext.dll 2015-04-08 15:42:51 ----A---- C:\Windows\system32\wpd_ci.dll 2015-04-08 15:42:51 ----A---- C:\Windows\system32\WMVENCOD.DLL 2015-04-08 15:42:50 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2015-04-08 15:42:50 ----A---- C:\Windows\system32\WMVCORE.DLL 2015-04-08 15:42:50 ----A---- C:\Windows\system32\wmploc.DLL 2015-04-08 15:42:44 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL 2015-04-08 15:42:44 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL 2015-04-08 15:42:44 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL 2015-04-08 15:42:44 ----A---- C:\Windows\system32\MSAudDecMFT.dll 2015-04-08 15:42:43 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL 2015-04-08 15:42:43 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL 2015-04-08 15:42:43 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll 2015-04-08 15:42:43 ----A---- C:\Windows\SYSWOW64\MSAudDecMFT.dll 2015-04-08 15:42:43 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL 2015-04-08 15:42:43 ----A---- C:\Windows\system32\WMSPDMOE.DLL 2015-04-08 15:42:43 ----A---- C:\Windows\system32\wmpeffects.dll 2015-04-08 15:42:43 ----A---- C:\Windows\system32\WMADMOE.DLL 2015-04-08 15:42:43 ----A---- C:\Windows\system32\WMADMOD.DLL 2015-04-08 15:42:43 ----A---- C:\Windows\system32\msmpeg2adec.dll 2015-04-08 15:28:14 ----D---- C:\Program Files (x86)\Audio Service 2015-04-07 18:23:09 ----SD---- C:\Windows\SYSWOW64\GWX 2015-04-07 18:23:08 ----SD---- C:\Windows\system32\GWX 2015-03-27 14:56:47 ----A---- C:\Windows\system32\invagent.dll 2015-03-27 14:56:47 ----A---- C:\Windows\system32\generaltel.dll 2015-03-27 14:56:47 ----A---- C:\Windows\system32\devinv.dll 2015-03-27 14:56:47 ----A---- C:\Windows\system32\appraiser.dll 2015-03-27 14:56:47 ----A---- C:\Windows\system32\aeinv.dll 2015-03-27 14:56:47 ----A---- C:\Windows\system32\acmigration.dll 2015-03-27 14:56:46 ----A---- C:\Windows\system32\aepdu.dll ======List of files/folders modified in the last 1 month====== 2015-04-15 14:47:46 ----D---- C:\Windows\Prefetch 2015-04-15 14:47:43 ----RD---- C:\Program Files 2015-04-15 14:46:53 ----D---- C:\Users\Max\AppData\Roaming\ClassicShell 2015-04-15 14:45:27 ----D---- C:\Users\Max\AppData\Roaming\Skype 2015-04-15 14:43:38 ----D---- C:\Windows\Temp 2015-04-15 14:43:31 ----D---- C:\Users\Max\AppData\Roaming\Copy 2015-04-15 14:43:00 ----D---- C:\Windows\system32\sru 2015-04-13 20:20:09 ----D---- C:\Windows\system32\config 2015-04-13 20:14:15 ----RD---- C:\Windows\System32 2015-04-13 20:14:15 ----D---- C:\Windows\Inf 2015-04-13 20:14:15 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-04-13 20:05:14 ----SHD---- C:\Windows\Installer 2015-04-13 20:05:14 ----SHD---- C:\Config.Msi 2015-04-13 20:05:08 ----RD---- C:\Program Files (x86) 2015-04-13 20:00:41 ----SHD---- C:\System Volume Information 2015-04-13 15:52:14 ----D---- C:\Windows\WinSxS 2015-04-13 15:28:54 ----D---- C:\Windows\system32\catroot2 2015-04-13 15:16:42 ----D---- C:\Windows\Microsoft.NET 2015-04-13 14:44:19 ----D---- C:\Windows\CbsTemp 2015-04-13 14:35:05 ----D---- C:\Windows\SysWOW64 2015-04-13 14:34:29 ----HD---- C:\ProgramData 2015-04-13 14:34:29 ----D---- C:\Program Files\Common Files\Apple 2015-04-10 21:30:49 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-04-10 21:30:49 ----D---- C:\Windows\SYSWOW64\en-US 2015-04-10 21:30:48 ----D---- C:\Windows\system32\nl-NL 2015-04-10 21:30:48 ----D---- C:\Windows\system32\en-US 2015-04-10 21:19:43 ----D---- C:\Users\Max\AppData\Roaming\FileZilla 2015-04-10 21:19:26 ----D---- C:\Users\Max\AppData\Roaming\.minecraft 2015-04-10 15:04:33 ----D---- C:\Program Files (x86)\Steam 2015-04-10 14:29:33 ----D---- C:\ProgramData\Skype 2015-04-08 16:02:44 ----D---- C:\Windows\AppReadiness 2015-04-08 16:02:43 ----HD---- C:\Program Files\WindowsApps 2015-04-08 15:52:53 ----D---- C:\Windows\system32\Tasks 2015-04-08 15:47:24 ----D---- C:\Windows\SYSWOW64\wbem 2015-04-08 15:47:08 ----D---- C:\Windows\PolicyDefinitions 2015-04-08 15:47:07 ----D---- C:\Windows\system32\drivers\en-US 2015-04-08 15:47:07 ----D---- C:\Windows\system32\drivers 2015-04-08 15:47:04 ----D---- C:\Windows\system32\wbem 2015-04-08 15:46:54 ----D---- C:\Windows 2015-04-08 15:46:53 ----SD---- C:\ProgramData\Microsoft 2015-04-08 15:46:48 ----D---- C:\Windows\system32\DriverStore 2015-04-08 15:41:38 ----D---- C:\Windows\SoftwareDistribution 2015-04-07 19:27:06 ----D---- C:\Users\Max\AppData\Roaming\OBS 2015-04-07 18:25:33 ----D---- C:\Windows\Logs 2015-04-07 17:35:06 ----D---- C:\Program Files\OBS 2015-04-07 17:35:06 ----D---- C:\Program Files (x86)\OBS 2015-04-07 16:46:15 ----D---- C:\Program Files (x86)\FileZilla FTP Client 2015-03-31 16:26:20 ----HD---- C:\Windows\ELAMBKUP 2015-03-30 20:39:30 ----D---- C:\Windows\rescache 2015-03-29 19:53:55 ----D---- C:\Windows\system32\catroot 2015-03-29 19:51:33 ----SD---- C:\Windows\system32\CompatTel 2015-03-29 19:51:31 ----D---- C:\Windows\system32\appraiser 2015-03-29 19:51:25 ----D---- C:\Windows\apppatch 2015-03-29 19:49:12 ----D---- C:\Windows\system32\drivers\NSTx64 2015-03-27 14:44:21 ----D---- C:\Windows\system32\drivers\NAVx64 2015-03-25 20:08:19 ----D---- C:\Program Files (x86)\Jelbrus Secure Web ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amdkmpfd;@oem3.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2013-12-13 36096] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAVx64\1507000.00B\SYMDS64.SYS [2014-08-26 493656] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAVx64\1507000.00B\SYMEFA64.SYS [2014-08-26 1148120] R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536] R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [2015-02-03 1622744] R1 ccSet_NAV;NAV Settings Manager; C:\Windows\system32\drivers\NAVx64\1507000.00B\ccSetx64.sys [2014-02-21 162392] R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [2013-09-27 162392] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-11-25 487216] R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\IPSDefs\20150323.001\IDSvia64.sys [2015-02-07 669400] R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1507000.00B\SRTSPX64.SYS [2014-08-26 37592] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1507000.00B\Ironx64.SYS [2014-08-06 266968] R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NAVx64\1507000.00B\SYMNETS.SYS [2014-08-26 593112] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-07-21 626688] R3 Apowersoft_AudioDevice;@oem11.inf,%DriverFile%;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [2014-03-25 31920] R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-11-25 142640] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240] R3 LGBusEnum;@oem36.inf,%LGBusEnum.SVCDESC%;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408] R3 LVRS64;@oem14.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-10-26 351520] R3 LVUVC64;@oem13.inf,%PID_081B_DD%(UVC);Logitech HD Webcam C310(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-10-26 4758176] R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT-stuurprogramma; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2015-01-04 177752] R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912] S0 SymELAM;Symantec ELAM Driver; C:\Windows\system32\drivers\NAVx64\1507000.00B\SymELAM.sys [2014-08-26 23568] S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [] S3 AtiDCM;AtiDCM; \??\C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [2014-03-13 28416] S3 dg_ssudbus;@oem5.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 LGVirHid;@oem37.inf,%LGVirHid.SVCDESC%;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008] S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\VirusDefs\20150324.034\ENG64.SYS [2015-01-20 129752] S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\VirusDefs\20150324.034\EX64.SYS [2015-01-20 2137304] S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NAVx64\1507000.00B\SRTSP64.SYS [2014-08-26 876248] S3 ssudmdm;@oem6.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 tap0901;@oem10.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664] S3 USBAAPL64;@oem41.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-16 54784] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-07-21 239616] R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-20 77128] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-10-05 110976] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\NAV.exe [2015-03-07 262928] R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [2015-03-05 131144] R2 PrivoxyService;Privoxy (PrivoxyService); C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe [2015-02-17 371200] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19 107848] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-09 267440] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19 107848] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2015-04-07 643880] S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2013-08-22 32568] S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-07 1900400] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-09 836288] -----------------EOF-----------------