Logfile of random's system information tool 1.10 (written by random/random) Run by vincent at 2015-11-28 18:56:23 Microsoft Windows 8 Pro System drive C: has 47 GB (44%) free of 108 GB Total RAM: 12218 MB (74% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:56:30, on 28-11-2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.17054) Boot mode: Normal Running processes: C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\AVG\Av\avgui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\vincent.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/#web/result?source=art&q= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/#web/result?source=art&q= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/#web/result?source=art&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/#web/result?source=art&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/#web/result?source=art&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/#web/result?source=art&q= R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/#web/result?source=art&q= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9296 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\Av\avgrsa.exe /boot C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-0e7b-47121a84cc5f /binaryPath="C:\Program Files (x86)\AVG\Av\\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe" "C:\Windows\system32\nvvsvc.exe" C:\Windows\system32\svchost.exe -k RPCSS "dwm.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\igfxCUIService.exe "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AVG\Av\avgidsagent.exe" "C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe" "C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation "C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe" dashost.exe {9071697a-96eb-4d50-8360dc8789a94ab2} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe "C:\Program Files (x86)\AVG\Av\avgnsa.exe" "C:\Program Files (x86)\AVG\Av\avgemca.exe" "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k print "C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\SysWOW64\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" "C:\Program Files (x86)\Popcorn Time\Updater.exe" C:\Windows\system32\svchost.exe -k wcssvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\DllHost.exe /Processid:{48DA6741-1BF0-4A44-8325-293086C79077} C:\Windows\servicing\TrustedInstaller.exe C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe -Embedding taskhostex.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\Explorer.EXE "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe" Service "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe" /HotCorners C:\Windows\system32\SearchIndexer.exe /Embedding igfxEM.exe igfxHK.exe "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" ctfmon.exe "C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" d76d47e2-dda3-4e27-a433-ffb838298662 \??\C:\Windows\system32\conhost.exe 0x4 "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp \??\C:\Windows\system32\conhost.exe 0x4 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4720.0.1730273730\127729838" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4080 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4720.2.2035516864\469736242" --font-cache-shared-handle=2204 /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4720.3.1439128623\2110329962" --font-cache-shared-handle=2228 /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4720.4.305476968\2053385910" --font-cache-shared-handle=2804 /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4720.6.347467391\1779308039" --font-cache-shared-handle=1580 /prefetch:673131151 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568 "C:\Users\vincent\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\ASC8_SkipUac_vincent.job - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe /SkipUac C:\Windows\tasks\Uninstaller_SkipUac_vincent.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer C:\Windows\tasks\Wise Care 365.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray C:\Windows\tasks\Wise Turbo Checker.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe =========Mozilla firefox========= ProfilePath - C:\Users\vincent\AppData\Roaming\Mozilla\Firefox\Profiles\b3riiftb.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 19.0.0.245 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.8\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.60.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10] "Description"=globalUpdate Update "Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4] "Description"=globalUpdate Update "Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 19.0.0.245 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll C:\Users\vincent\AppData\Roaming\Mozilla\Firefox\Profiles\b3riiftb.default\extensions\ iobitascsurfingprotection@iobit.com C:\Users\vincent\AppData\Roaming\Mozilla\Firefox\Profiles\b3riiftb.default\searchplugins\ avg-secure-search.xml bing-avast.xml google-avast.xml Google.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-09-18 2472224] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01 672032] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-09-30 8497368] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-12 2655520] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-10-12 1710752] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 8"=C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2015-04-08 2429728] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-10-19 8551848] "CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2015-10-19 8551848] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-07-28 5889824] "AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-11-12 1136552] "AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-10-30 3826600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\system32\nvinitx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] igfxdev.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] wlnotify.dll [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "SoftwareSASGeneration"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=221 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCleaner.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCleaner64.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\maintenanceservice_tmp.exe] "Debugger="C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-11-28 18:56:23 ----D---- C:\rsit 2015-11-28 18:56:23 ----D---- C:\Program Files\trend micro 2015-11-28 11:24:40 ----D---- C:\Program Files\Speccy 2015-11-22 13:55:04 ----RHD---- C:\ESD 2015-11-22 13:11:54 ----D---- C:\RefreshImage 2015-11-21 16:03:32 ----D---- C:\Program Files\Microsoft Silverlight 2015-11-21 16:03:32 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2015-11-21 15:34:54 ----D---- C:\Program Files\Common Files\AV 2015-11-21 15:03:08 ----D---- C:\Program Files\Bonjour 2015-11-21 15:03:08 ----D---- C:\Program Files (x86)\Bonjour 2015-11-21 13:19:40 ----D---- C:\Windows\SoftwareDistribution 2015-11-21 13:17:31 ----D---- C:\Windows\softwaredistribution.bak 2015-11-21 12:19:49 ----D---- C:\Windows\SYSWOW64\NV 2015-11-21 12:19:49 ----D---- C:\Windows\system32\NV 2015-11-18 20:41:54 ----A---- C:\Windows\system32\nvshext.dll 2015-11-16 17:32:32 ----D---- C:\Program Files (x86)\Mozilla Firefox 2015-11-08 17:44:07 ----A---- C:\Windows\SYSWOW64\IObitSmartDefragExtension.dll 2015-11-08 17:44:07 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll 2015-11-06 02:08:50 ----A---- C:\Windows\system32\nvwgf2umx.dll 2015-11-06 02:08:40 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll 2015-11-06 02:08:04 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll 2015-11-06 02:08:04 ----A---- C:\Windows\system32\nvumdshimx.dll 2015-11-06 02:07:40 ----A---- C:\Windows\system32\drivers\nvpciflt.sys 2015-11-06 02:07:38 ----A---- C:\Windows\system32\nvopencl.dll 2015-11-06 02:07:28 ----A---- C:\Windows\SYSWOW64\nvopencl.dll 2015-11-06 02:07:02 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll 2015-11-06 02:06:48 ----A---- C:\Windows\system32\nvoglshim64.dll 2015-11-06 02:06:46 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll 2015-11-06 02:06:32 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys 2015-11-06 02:06:12 ----A---- C:\Windows\SYSWOW64\nvinit.dll 2015-11-06 02:06:12 ----A---- C:\Windows\system32\nvinitx.dll 2015-11-06 02:06:10 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll 2015-11-06 02:06:10 ----A---- C:\Windows\system32\NvIFROpenGL.dll 2015-11-06 02:06:08 ----A---- C:\Windows\system32\NvIFR64.dll 2015-11-06 02:06:06 ----A---- C:\Windows\SYSWOW64\NvIFR.dll 2015-11-06 02:05:10 ----A---- C:\Windows\system32\NvFBC64.dll 2015-11-06 02:05:08 ----A---- C:\Windows\SYSWOW64\NvFBC.dll 2015-11-06 02:05:06 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll 2015-11-06 02:05:06 ----A---- C:\Windows\system32\nvEncodeAPI64.dll 2015-11-06 02:05:02 ----A---- C:\Windows\system32\nvdispgenco6435435.dll 2015-11-06 02:04:58 ----A---- C:\Windows\system32\nvdispco6435435.dll 2015-11-06 02:04:50 ----A---- C:\Windows\system32\nvd3dumx.dll 2015-11-06 02:04:40 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll 2015-11-06 02:04:30 ----A---- C:\Windows\system32\nvcuvid.dll 2015-11-06 02:04:26 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll 2015-11-06 02:04:22 ----A---- C:\Windows\system32\nvcuda.dll 2015-11-06 02:04:12 ----A---- C:\Windows\SYSWOW64\nvcuda.dll 2015-11-06 02:02:34 ----A---- C:\Windows\system32\nvcompiler.dll 2015-11-06 02:02:18 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll 2015-11-06 02:01:32 ----A---- C:\Windows\system32\nvapi64.dll 2015-11-06 02:01:28 ----A---- C:\Windows\SYSWOW64\nvapi.dll 2015-11-06 01:52:24 ----A---- C:\Windows\system32\nvoglv64.dll 2015-11-01 21:30:05 ----N---- C:\bootsqm.dat 2015-11-01 21:10:32 ----A---- C:\Windows\system32\RtNicProp64.dll 2015-11-01 21:10:32 ----A---- C:\Windows\system32\drivers\Rt630x64.sys 2015-11-01 21:09:00 ----A---- C:\Windows\system32\SRSWOW64.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\SRSTSX64.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\SRRPTR64.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\SRCOM64.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\SRCOM.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\SRAPO64.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\sltech64.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\slprp64.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\slcnt64.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\sl3apo64.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\RtPgEx64.dll 2015-11-01 21:09:00 ----A---- C:\Windows\system32\RtlCPAPI64.dll 2015-11-01 21:08:59 ----A---- C:\Windows\system32\SETE8E7.tmp 2015-11-01 21:08:59 ----A---- C:\Windows\system32\SETDE64.tmp 2015-11-01 21:08:59 ----A---- C:\Windows\system32\SETD54D.tmp 2015-11-01 21:08:59 ----A---- C:\Windows\system32\SETD1FD.tmp 2015-11-01 21:08:59 ----A---- C:\Windows\system32\RTEEP64A.dll 2015-11-01 21:08:59 ----A---- C:\Windows\system32\RTEEL64A.dll 2015-11-01 21:08:59 ----A---- C:\Windows\system32\RTEEG64A.dll 2015-11-01 21:08:59 ----A---- C:\Windows\system32\RTEED64A.dll 2015-11-01 21:08:59 ----A---- C:\Windows\system32\RtDataProc64.dll 2015-11-01 21:08:59 ----A---- C:\Windows\system32\RTCOM64.dll 2015-11-01 21:08:59 ----A---- C:\Windows\system32\RP3DHT64.dll 2015-11-01 21:08:59 ----A---- C:\Windows\system32\RP3DAA64.dll 2015-11-01 21:08:59 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys 2015-11-01 21:08:59 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT 2015-11-01 21:08:58 ----A---- C:\Windows\system32\RCoRes64.dat 2015-11-01 21:08:58 ----A---- C:\Windows\system32\RCoInstII64.dll 2015-11-01 21:08:54 ----A---- C:\Windows\system32\CX64APO.dll 2015-11-01 21:08:54 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2015-11-01 21:08:54 ----A---- C:\Windows\system32\AERTAR64.dll 2015-11-01 21:08:54 ----A---- C:\Windows\system32\AERTAC64.dll ======List of files/folders modified in the last 1 month====== 2015-11-28 18:56:23 ----RD---- C:\Program Files 2015-11-28 18:55:22 ----D---- C:\Windows\Temp 2015-11-28 18:36:06 ----D---- C:\Windows 2015-11-28 18:32:08 ----D---- C:\ProgramData\ProductData 2015-11-28 18:30:38 ----D---- C:\Windows\system32\config 2015-11-28 13:00:02 ----D---- C:\Windows\system32\sru 2015-11-28 12:26:51 ----D---- C:\Windows\Microsoft.NET 2015-11-28 12:26:49 ----RSD---- C:\Windows\assembly 2015-11-28 12:17:42 ----D---- C:\Windows\CbsTemp 2015-11-28 12:17:27 ----SHD---- C:\System Volume Information 2015-11-28 12:17:10 ----D---- C:\Windows\debug 2015-11-28 11:24:47 ----D---- C:\Windows\Inf 2015-11-28 10:56:03 ----D---- C:\Windows\system32\catroot2 2015-11-28 10:43:19 ----D---- C:\ProgramData\MFAData 2015-11-25 18:20:36 ----D---- C:\Windows\System32 2015-11-25 18:20:36 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-11-23 00:10:49 ----SHD---- C:\Windows\Installer 2015-11-23 00:10:49 ----SHD---- C:\Config.Msi 2015-11-23 00:10:14 ----D---- C:\Windows\SysWOW64 2015-11-22 14:31:38 ----D---- C:\Users\vincent\AppData\Roaming\HpUpdate 2015-11-22 13:14:56 ----D---- C:\Windows\Logs 2015-11-22 11:45:38 ----D---- C:\Windows\system32\catroot 2015-11-21 17:05:00 ----D---- C:\Windows\system32\DriverStore 2015-11-21 17:05:00 ----D---- C:\Program Files\Common Files\Apple 2015-11-21 16:03:32 ----RD---- C:\Program Files (x86) 2015-11-21 15:46:02 ----D---- C:\Program Files\Common Files\microsoft shared 2015-11-21 15:37:14 ----D---- C:\Program Files (x86)\Google 2015-11-21 15:34:54 ----D---- C:\Program Files\Common Files 2015-11-21 15:28:52 ----D---- C:\Windows\system32\AppLocker 2015-11-21 15:24:22 ----D---- C:\Windows\Tasks 2015-11-21 15:24:22 ----D---- C:\Windows\system32\Tasks 2015-11-21 15:22:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-21 15:22:33 ----D---- C:\Intel 2015-11-21 15:21:22 ----D---- C:\Windows\SYSWOW64\wbem 2015-11-21 15:01:32 ----D---- C:\ProgramData\Apple 2015-11-21 15:01:32 ----D---- C:\Program Files (x86)\Common Files 2015-11-21 12:19:44 ----D---- C:\ProgramData\NVIDIA 2015-11-18 20:40:50 ----D---- C:\Windows\system32\Drivers 2015-11-15 22:23:08 ----D---- C:\Windows\system32\LogFiles 2015-11-15 22:22:53 ----SD---- C:\Windows\system32\Microsoft 2015-11-15 22:22:37 ----D---- C:\Windows\system32\MsDtc 2015-11-15 21:31:16 ----D---- C:\Windows\system32\MRT 2015-11-15 21:28:37 ----A---- C:\Windows\system32\MRT.exe 2015-11-08 20:54:10 ----D---- C:\Windows\Prefetch 2015-11-08 17:06:36 ----D---- C:\Windows\SYSWOW64\setup 2015-11-01 21:38:30 ----D---- C:\Windows\AUInstallAgent 2015-11-01 21:38:24 ----HD---- C:\Program Files\WindowsApps 2015-11-01 21:16:45 ----D---- C:\Users\vincent\AppData\Roaming\Wise Registry Cleaner 2015-11-01 21:09:57 ----D---- C:\Windows\LastGood 2015-11-01 21:09:48 ----D---- C:\Windows\SYSWOW64\RTCOM ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2015-08-20 298416] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2015-10-21 255408] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416] R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2015-09-30 1455552] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-11-06 40264] R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-08-10 197040] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-10-19 313776] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080] R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2015-10-08 306608] R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-18 26528] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000] R3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2013-01-09 51712] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752] R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2014-12-12 49504] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-01-10 4856760] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-11-01 4613888] R3 MEIx64;@oem69.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2015-10-11 184608] R3 netr28x;@oem27.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2014-12-12 2536648] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-11-06 11105936] R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-12 20768] R3 nvvad_WaveExtensible;@oem68.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2013-03-01 156672] R3 rtbth;@oem4.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\Windows\System32\drivers\rtbth.sys [2013-12-02 1204424] R3 RTL8168;@oem72.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-11-01 887536] R3 RTSPER;@oem60.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2015-09-30 752856] R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-09-30 33448] R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2012-10-11 12288] R3 SynTP;@oem37.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-04-24 495856] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920] S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2015-09-09 23152] S1 MpKsl6c69c159;MpKsl6c69c159; C:\Windows\system32\drivers\MpKsl6c69c159.sys [] S1 ppfd_vw_1_10_0_21;ppfd_vw_1_10_0_21; C:\Windows\system32\drivers\ppfd_vw_1_10_0_21.sys [] S1 ppfd_vw_1_10_0_24;ppfd_vw_1_10_0_24; C:\Windows\system32\drivers\ppfd_vw_1_10_0_24.sys [] S3 avchv;@oem29.inf,%ServiceDesc%;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys [] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040] S3 cxbu0x64;@oem47.inf,%VID1PID2ReaderDescription%;OMNIKEY 1021; C:\Windows\system32\DRIVERS\cxbu0x64.sys [2014-05-14 147576] S3 dg_ssudbus;@oem57.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-07-01 20872] S3 IntcDAud;@oem64.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-10-15 454416] S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2015-03-25 34848] S3 RSUSBCCID;@oem46.inf,%USBCCID.DeviceDesc%;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys [2009-08-10 50176] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [] S3 ssudmdm;@oem59.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2015-03-25 23016] S3 USBAAPL64;@oem18.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-01 43008] S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2015-03-25 23048] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128] R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-08-05 821024] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-10-30 3815648] R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-11-12 1046952] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-10-30 579776] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096] R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-12 1156384] R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-09-28 25800] R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-01-10 344168] R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-07-17 882464] R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-12 1873696] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-12 5568288] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-10-15 1255544] R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-09-30 294616] R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2015-09-21 1055008] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2015-07-13 93040] R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2015-10-19 339968] R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616] S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-13 269000] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200] S2 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200] S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2012-09-20 29696] S2 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-19 147624] S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-10-30 595376] S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-01-10 279144] S4 vToolbarUpdater40.1.8;vToolbarUpdater40.1.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\ToolbarUpdater.exe [2015-10-04 1875856] -----------------EOF-----------------