DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.18057 Run by roof_1 at 19:51:06 on 2015-10-29 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1044.18.65475.50762 [GMT 1:00] . AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D} SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe C:\Program Files\Blue Iris 4\BlueIrisService.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\System32\svchost.exe -k utcsvc C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe C:\Program Files\Blue Iris 4\BlueIris.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe C:\Program Files\Ruiware\WinAntiRansom\WARSvc.exe C:\Program Files\Ruiware\WinPrivacy\WinPrivacySvc.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files\CyberLink\Shared files\RichVideo64.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\GWX\GWX.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files\Ruiware\WinPrivacy\WinPrivacyTrayApp.exe C:\Windows\SysWOW64\UMonit64.exe C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe C:\Users\roof_1\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\NVIDIA Corporation\Display\nvtray.exe H:\1. Skydrive erstatter fra A disken 27.12.2012\OneDrive\WEATERLINK II NY FEBRUAR 2014\WeatherLink 6.0.3.exe C:\Program Files (x86)\WinZip\WZQKPICK.EXE C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\bdwtxapps.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Buypass\Javafri løsning\Buypass.SCProxy.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Windows\system32\taskeng.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\SysWOW64\RunDll32.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Windows\splwow64.exe C:\Program Files\HitmanPro\hmpsched.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe H:\0.3 chrome mars 2015\MicrosoftFixit.Devices.RNP.1365786332178912.4.1.Run.exe C:\Windows\TEMP\RunBoot-Temp_.08e5939b-b83d-4dae-8bd2-9d8da5e7cc64\MatsBoot.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Blue Iris 4\BlueIris.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\System32\MsSpellCheckingFacility.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://10.0.0.44/doc/page/main.asp mStart Page = about:blank mWinlogon: Userinit = userinit.exe BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll BHO: Microsoft Web Test Recorder 14.0 Helper: {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} - C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll EB: Web Test Recorder 14.0: {054bd34d-c8d6-4577-84ce-a8e19812df6a} - uRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe" uRun: [AdobeBridge] "C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe" -stealth uRun: [OneDrive] "C:\Users\roof_1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRunOnce: [Application Restart #2] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://rover.ebay.com/rover/0/e11051.m44.l1139/7?euid=f8a54e2c4ac74e83bce6eac67b5076dd&loc=http%3A%2F%2Fcontact.ebay.co.uk%2Fws%2FeBayISAPI.dll%3FM2MContact%26item%3D191307293106%26requested%3Dqchao2013%26qid%3D1138887102010%26redirect%3D0 mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe mRun: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe mRun: [FontExpertType1Loader] C:\Program Files (x86)\FontExpert\Type1Loader.exe mRun: [Javafri løsning] "C:\Program Files (x86)\Buypass\Javafri løsning\Buypass.SCProxy.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REVOUN~1.LNK - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WEATHE~1.LNK - C:\Windows\Installer\{E344C807-7DE0-4CC2-81BB-1F895CF8CBDF}\_A197383735BFB6385E0702.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINANT~1.LNK - C:\Program Files\Ruiware\WinAntiRansom\WAR_TrayApp.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINZIP~1.LNK - C:\Program Files (x86)\WinZip\WZQKPICK.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 130.67.15.198 193.213.112.4 10.0.0.138 TCP: Interfaces\{90F996A2-EE0C-437D-A118-1F84C0DA15FB} : DHCPNameServer = 130.67.15.198 193.213.112.4 10.0.0.138 SSODL: WebCheck - LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = about:blank x64-BHO: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll x64-TB: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll x64-EB: Web Test Recorder 14.0: {054bd34d-c8d6-4577-84ce-a8e19812df6a} - x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s x64-Run: [RtHDVBg_DTS] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe" x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart x64-Run: [WinPrivacy] C:\Program Files\Ruiware\WinPrivacy\WinPrivacyTrayApp.exe x64-Run: [UMonit] C:\Windows\SysWOW64\UMonit64.exe x64-SSODL: WebCheck - . ============= SERVICES / DRIVERS =============== . R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-9-21 49760] R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2015-8-27 1369288] R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2015-8-27 160032] R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2012-2-23 27440] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2015-8-26 55280] R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2015-8-27 107080] R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2015-8-27 76944] R1 rwpvcy;rwpvcy;C:\Windows\System32\drivers\rwpvcy.sys [2015-10-7 49944] R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-7-22 680112] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2015-8-26 936728] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [2015-8-26 954648] R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [2015-8-26 1656464] R2 BlueIris;Blue Iris Service;C:\Program Files\Blue Iris 4\BlueIrisService.exe [2015-9-28 59960] R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136] R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2015-8-26 240576] R2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE;C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2015-9-6 413848] R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-9-6 1156384] R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2015-8-6 273904] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-8-26 169432] R2 Marvell Storage Management;Marvell Storage Management Service;C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe [2012-4-9 351592] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-8-26 1513784] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-8-26 1135416] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-7-15 786256] R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-9-6 1873696] R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-9-6 5568288] R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824] R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2015-8-26 614664] R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-9-11 743688] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-10-9 417400] R2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE;C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [2015-7-16 105112] R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [2015-8-27 67320] R2 WARSvc;WARSvc;C:\Program Files\Ruiware\WinAntiRansom\WARSvc.exe [2015-10-20 189576] R2 WinPrivacySvc;WinPrivacySvc;C:\Program Files\Ruiware\WinPrivacy\WinPrivacySvc.exe [2015-10-7 466568] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2014-3-7 138456] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2014-3-7 424664] R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2015-8-27 271272] R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2015-9-7 172760] R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2015-9-7 22736] R3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2012-12-3 95344] R3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2012-12-3 21872] R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2015-9-7 598808] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2015-9-7 39976] R3 cxbu0x64;OMNIKEY 3x21;C:\Windows\System32\drivers\cxbu0x64.sys [2014-4-5 191224] R3 GeneStor;Genesys Logic Storage Driver;C:\Windows\System32\drivers\GeneStor.sys [2015-10-21 185744] R3 hcwD1capture;Hauppauge Colossus Capture Service;C:\Windows\System32\drivers\hcwD1cap.sys [2015-8-26 243528] R3 hcwD1encoder;Hauppauge Colossus Encoder Service;C:\Windows\System32\drivers\hcwD1xcd.sys [2015-8-26 8496640] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-8-26 25816] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-8-26 192216] R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-8-26 63704] R3 Mv_Process;Marvell process notification.;C:\Windows\SysWOW64\Mv_Process.sys [2011-11-22 14376] R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-9-6 20768] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-9-6 50472] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-10-23 986368] R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);C:\Windows\System32\drivers\rusb3hub.sys [2011-11-21 101376] R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);C:\Windows\System32\drivers\rusb3xhc.sys [2011-11-21 217088] R3 semav6msr64;semav6msr64;C:\Windows\System32\drivers\semav6msr64.sys [2015-9-6 21984] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2015-8-27 93600] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-6-19 104120] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-6-19 124088] S2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2015-9-9 135824] S2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2015-10-29 127752] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-2-18 315488] S3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2015-8-27 747120] S3 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [2015-8-27 78144] S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2015-8-27 121928] S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2015-8-27 82824] S3 CH341SER_A64;CH341SER_A64;C:\Windows\System32\drivers\CH341S64.SYS [2015-8-26 58368] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2015-9-11 110720] S3 iANSMiniport;Intel(R) Advanced Network Services Virtual Adapter;C:\Windows\System32\drivers\iANSW60e.sys [2015-2-5 166032] S3 IANSPROTOCOL;Intel(R) Advanced Network Services Protocol;C:\Windows\System32\drivers\iANSW60e.sys [2015-2-5 166032] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-10-14 114688] S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-8-29 19456] S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2015-8-27 31800] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2015-9-11 206080] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-8-29 56832] S3 USER_ESRV_SVC_WILLAMETTE;User Energy Server Service WILLAMETTE;C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2015-9-6 413848] S3 VSStandardCollectorService140;Visual Studio Standard Collector Service;C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [2015-7-6 52968] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-8-27 1255736] S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520] S4 MSUWebService;MSU Web Service;C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe [2011-11-22 24645] S4 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2015-8-27 94624] . =============== File Associations =============== . FileExt: .txt: txtfile="C:\Windows\System32\NOTEPAD.EXE" %1 FileExt: .ini: inifile="C:\Windows\System32\NOTEPAD.EXE" %1 FileExt: .inf: inffile="C:\Windows\System32\NOTEPAD.EXE" %1 ShellExec: BlueIris.exe: open="C:\PROGRA~1\BLUEIR~1\BlueIrisAdmin.exe" "%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2015-10-29 02:23:40 -------- d-----w- C:\Program Files\HitmanPro 2015-10-29 02:08:15 -------- d-----w- C:\ProgramData\HitmanPro 2015-10-26 00:54:13 -------- d-----w- C:\Users\roof_1\AppData\Roaming\Wings3D 2015-10-25 22:20:20 3210240 ----a-w- C:\Windows\System32\win32k.sys 2015-10-23 02:01:54 986368 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys 2015-10-23 02:01:54 82544 ----a-w- C:\Windows\System32\RtNicProp64.dll 2015-10-21 06:55:20 1730304 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll 2015-10-21 06:55:16 169752 ----a-w- C:\Windows\System32\GSCoinst.dll 2015-10-21 06:55:12 5636296 ----a-w- C:\Windows\System32\GeneIcon.dll 2015-10-21 06:52:50 185744 ----a-w- C:\Windows\System32\drivers\GeneStor.sys 2015-10-20 19:57:28 -------- d-----w- C:\Logs 2015-10-20 19:56:02 16152 ----a-w- C:\Windows\SysWow64\drivers\CGKDarkWatcher.sys 2015-10-14 22:47:48 -------- d-----w- C:\Users\roof_1\Web 2015-10-13 22:34:53 5569472 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-10-13 22:12:31 1866752 ----a-w- C:\Windows\System32\ExplorerFrame.dll 2015-10-13 22:12:31 1498624 ----a-w- C:\Windows\SysWow64\ExplorerFrame.dll 2015-10-13 22:12:22 544768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll 2015-10-13 22:12:22 503296 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll 2015-10-13 22:12:22 348672 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll 2015-10-13 22:12:22 224768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe 2015-10-13 22:12:22 1247232 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll 2015-10-13 22:12:22 110592 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll 2015-10-13 22:12:22 10240 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe 2015-10-13 17:12:21 -------- d-----w- C:\Users\roof_1\Ny mappe 2015-10-13 17:11:59 -------- d-----w- C:\Users\roof_1\0.0 BLUE IRIS DATABASE 2015-10-12 01:55:39 -------- d-----w- C:\Users\roof_1\Tracing 2015-10-12 01:47:58 -------- d-----w- C:\Users\roof_1\AppData\Local\Skype 2015-10-12 01:47:51 -------- d-----r- C:\Program Files (x86)\Skype 2015-10-09 00:42:33 102520 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2015-10-08 01:30:57 -------- d-----w- C:\ProgramData\DesignSpark PCB 2015-10-08 00:02:29 -------- d-----w- C:\Users\roof_1\AppData\Roaming\DesignSpark PCB 2015-10-08 00:02:29 -------- d-----w- C:\Program Files (x86)\DesignSpark 2015-10-07 17:28:30 -------- d-----w- C:\Program Files (x86)\BillP Studios 2015-10-07 17:04:46 49944 ----a-w- C:\Windows\System32\drivers\rwpvcy.sys 2015-10-07 17:04:45 -------- d-----w- C:\Users\roof_1\AppData\Local\WinPatrol 2015-10-07 17:04:43 -------- d-----w- C:\ProgramData\WinPatrol 2015-10-07 17:04:43 -------- d-----w- C:\Program Files\WinPatrol 2015-10-07 17:04:43 -------- d-----w- C:\Program Files\Ruiware 2015-10-07 15:36:14 -------- d-----w- C:\Users\roof_1\AppData\Roaming\WinPatrol 2015-10-07 15:36:10 -------- d-----w- C:\ProgramData\InstallMate 2015-10-07 15:36:10 -------- d-----w- C:\Program Files (x86)\Ruiware 2015-10-04 10:03:35 -------- d-----w- C:\Users\roof_1\4.10.15 2015-10-02 14:40:50 17314496 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSO.DLL . ==================== Find3M ==================== . 2015-10-29 18:11:37 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-10-29 02:39:14 1048576 ----a-w- C:\Windows\PE_Rom.dll 2015-10-25 22:18:23 6656 ----a-w- C:\Windows\System32\bcmwlrc.dll 2015-10-25 14:18:01 96600 ----a-w- C:\Windows\System32\bcmwlcoi.dll 2015-10-25 14:18:01 7765240 ----a-w- C:\Windows\System32\drivers\BCMWL664.SYS 2015-10-25 14:18:01 4401152 ----a-w- C:\Windows\System32\bcmihvsrv64.dll 2015-10-25 14:18:01 3667968 ----a-w- C:\Windows\System32\bcmihvui64.dll 2015-10-23 02:00:32 116304 ----a-w- C:\Windows\System32\RTNUninst64.dll 2015-10-21 06:55:16 61744 ----a-w- C:\Windows\SysWow64\UMonit64.exe 2015-10-17 16:47:10 780488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2015-10-17 16:47:10 142536 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2015-10-12 03:05:01 1423304 ----a-w- C:\Windows\SysWow64\nvspcap.dll 2015-10-12 03:05:01 1316000 ----a-w- C:\Windows\SysWow64\nvspbridge.dll 2015-10-12 03:04:46 1756424 ----a-w- C:\Windows\System32\nvspbridge64.dll 2015-10-12 03:04:46 1710752 ----a-w- C:\Windows\System32\nvspcap64.dll 2015-10-05 07:50:18 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-10-05 07:50:10 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-10-05 07:50:06 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-10-03 02:49:56 6358648 ----a-w- C:\Windows\System32\nvcpl.dll 2015-10-03 02:49:56 2982520 ----a-w- C:\Windows\System32\nvsvc64.dll 2015-10-03 02:49:54 938800 ----a-w- C:\Windows\System32\nvvsvc.exe 2015-10-03 02:49:54 62768 ----a-w- C:\Windows\System32\nvshext.dll 2015-10-03 02:49:54 385328 ----a-w- C:\Windows\System32\nvmctray.dll 2015-10-03 02:49:54 2554488 ----a-w- C:\Windows\System32\nvsvcr.dll 2015-10-01 18:06:49 692672 ----a-w- C:\Windows\System32\winload.efi 2015-10-01 18:04:11 616360 ----a-w- C:\Windows\System32\winresume.efi 2015-10-01 18:00:59 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll 2015-10-01 18:00:43 59392 ----a-w- C:\Windows\System32\appidapi.dll 2015-10-01 18:00:43 32768 ----a-w- C:\Windows\System32\appidsvc.dll 2015-10-01 18:00:06 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2015-10-01 18:00:06 147456 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2015-10-01 17:50:35 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll 2015-10-01 17:00:54 61440 ----a-w- C:\Windows\System32\drivers\appid.sys 2015-10-01 09:33:41 5284082 ----a-w- C:\Windows\System32\nvcoproc.bin 2015-09-29 03:13:50 1730496 ----a-w- C:\Windows\System32\ntdll.dll 2015-09-29 03:11:19 362496 ----a-w- C:\Windows\System32\wow64win.dll 2015-09-29 03:11:19 243712 ----a-w- C:\Windows\System32\wow64.dll 2015-09-29 03:11:19 215040 ----a-w- C:\Windows\System32\winsrv.dll 2015-09-29 03:11:19 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2015-09-29 03:11:06 210944 ----a-w- C:\Windows\System32\wdigest.dll 2015-09-29 03:11:03 86528 ----a-w- C:\Windows\System32\TSpkg.dll 2015-09-29 03:11:01 503808 ----a-w- C:\Windows\System32\srcore.dll 2015-09-29 03:11:01 50176 ----a-w- C:\Windows\System32\srclient.dll 2015-09-29 03:10:59 1216512 ----a-w- C:\Windows\System32\rpcrt4.dll 2015-09-29 03:10:56 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2015-09-29 03:10:55 315392 ----a-w- C:\Windows\System32\msv1_0.dll 2015-09-29 03:10:53 729088 ----a-w- C:\Windows\System32\kerberos.dll 2015-09-29 03:10:53 424960 ----a-w- C:\Windows\System32\KernelBase.dll 2015-09-29 03:10:47 44032 ----a-w- C:\Windows\System32\cryptbase.dll 2015-09-29 03:10:47 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2015-09-29 03:10:47 22016 ----a-w- C:\Windows\System32\credssp.dll 2015-09-29 03:10:30 112640 ----a-w- C:\Windows\System32\smss.exe 2015-09-29 03:10:25 296960 ----a-w- C:\Windows\System32\rstrui.exe 2015-09-29 03:09:59 338432 ----a-w- C:\Windows\System32\conhost.exe 2015-09-29 03:09:53 64000 ----a-w- C:\Windows\System32\auditpol.exe 2015-09-29 03:05:56 60416 ----a-w- C:\Windows\System32\msobjs.dll 2015-09-29 03:05:36 146432 ----a-w- C:\Windows\System32\msaudite.dll 2015-09-29 03:05:01 3990976 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2015-09-29 03:05:01 3936192 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2015-09-29 03:02:09 1311768 ----a-w- C:\Windows\SysWow64\ntdll.dll 2015-09-29 02:59:20 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll 2015-09-29 02:59:17 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll 2015-09-29 02:59:16 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2015-09-29 02:59:10 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2015-09-29 02:59:08 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll 2015-09-29 02:59:04 552960 ----a-w- C:\Windows\SysWow64\kerberos.dll 2015-09-29 02:58:57 36864 ----a-w- C:\Windows\SysWow64\cryptbase.dll 2015-09-29 02:58:57 17408 ----a-w- C:\Windows\SysWow64\credssp.dll 2015-09-29 02:58:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2015-09-29 02:58:36 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2015-09-29 02:58:05 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe 2015-09-29 02:57:53 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2015-09-29 02:57:53 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2015-09-29 02:57:52 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2015-09-29 02:53:44 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll 2015-09-29 02:53:28 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll 2015-09-29 01:50:29 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2015-09-29 01:49:43 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2015-09-29 01:49:31 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2015-09-29 01:43:29 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2015-09-29 01:43:27 2048 ----a-w- C:\Windows\SysWow64\user.exe 2015-09-29 01:40:57 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2015-09-29 01:40:57 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2015-09-29 01:40:57 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2015-09-29 01:40:57 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2015-09-28 11:34:35 6420480 ----a-w- C:\Program Files (x86)\GUTE531.tmp 2015-09-25 18:07:19 98816 ----a-w- C:\Windows\System32\wudriver.dll 2015-09-25 18:07:19 3168768 ----a-w- C:\Windows\System32\wucltux.dll 2015-09-25 18:07:19 192512 ----a-w- C:\Windows\System32\wuwebv.dll 2015-09-25 18:06:54 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll 2015-09-25 18:06:44 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll 2015-09-25 18:06:40 37888 ----a-w- C:\Windows\System32\wuapp.exe 2015-09-25 17:59:08 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll 2015-09-25 17:59:08 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2015-09-25 17:58:25 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe 2015-09-18 19:22:39 25432 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2015-09-18 19:19:26 700416 ----a-w- C:\Windows\System32\invagent.dll 2015-09-18 19:19:23 766464 ----a-w- C:\Windows\System32\generaltel.dll 2015-09-18 19:19:20 503808 ----a-w- C:\Windows\System32\devinv.dll 2015-09-18 19:19:17 73216 ----a-w- C:\Windows\System32\acmigration.dll . ============= FINISH: 19:51:24,21 ===============