Logfile of random's system information tool 1.10 (written by random/random) Run by Anthony at 2014-09-08 21:16:49 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 202 GB (66%) free of 305 GB Total RAM: 7655 MB (65% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:17:03, on 8-9-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17239) Boot mode: Normal Running processes: C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Users\Anthony\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Users\Anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe C:\Program Files\trend micro\Anthony.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: MediaViewV1alpha3050 - {23398596-cfb3-463e-b896-8976097993b3} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3050\ie\MediaViewV1alpha3050.dll (file missing) O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: VideoPlayerV3beta335 - {4dc528cf-3142-4193-b86d-7d2c121eb9b7} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta335\ie\VideoPlayerV3beta335.dll (file missing) O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\IPS\IPSBHO.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Search Assistant BHO - {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll O2 - BHO: WebexpEnhancedV1alpha27 - {ba5f1506-0faa-4db0-a6bd-9928b703f977} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha27\ie\WebexpEnhancedV1alpha27.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: Toolbar BHO - {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} - C:\PROGRA~2\ALLIN1~1\bar\1.bin\8hbar.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Allin1Convert - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [Allin1Convert EPM Support] "C:\PROGRA~2\ALLIN1~1\bar\1.bin\8hmedint.exe" T8EPMSUP.DLL,S O4 - HKLM\..\Run: [Allin1Convert Search Scope Monitor] "C:\PROGRA~2\ALLIN1~1\bar\1.bin\8hsrchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [Allin1Convert_8h Browser Plugin Loader] C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe O4 - HKLM\..\Run: [Allin1Convert_8h Browser Plugin Loader 64] C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Copy] "C:\Users\Anthony\AppData\Roaming\Copy\CopyAgent.exe" O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Anthony\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: Dropbox.lnk = Anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Toshiba Places Icon Utility.lnk = ? O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{2D7CD791-5B1A-402A-A55A-2BA26E1594BA}: NameServer = 195.130.130.132,195.130.131.132 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Allin1ConvertService (Allin1Convert_8hService) - COMPANYVERS_NAME - C:\PROGRA~2\ALLIN1~1\bar\1.bin\8hbarsvc.exe O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Disc Soft Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17133 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService atieclxx C:\Windows\system32\WLANExt.exe 33767968 \??\C:\Windows\system32\conhost.exe "932889575-10392254741486278361432414519-59201192295137121818806443051815784862 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\PROGRA~2\ALLIN1~1\bar\1.bin\8hbarsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE" "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe" "C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe" "C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe" "C:\Program Files\Toshiba\Power Saver\TPwrMain.exe" "C:\Program Files\Toshiba\FlashCards\TCrdMain.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Toshiba\TECO\Teco.exe" /r "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\TODDSrv.exe "C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 3220 "C:\Program Files\TOSHIBA\TECO\TecoService.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" taskeng.exe {281B4B20-FBE6-4C1B-A328-42A557B55A60} "C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\diMaster.dll" /prefetch:1 C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe" "C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" /STAR "C:\Users\Anthony\AppData\Roaming\Copy\CopyAgent.exe" "C:\Users\Anthony\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe" "C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe" "C:\Users\Anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe" "C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe" "C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe" "C:\Program Files\PowerISO\PWRISOVM.EXE" -startup "C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe" "C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe" /c /a /s UserSession "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe" "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe" "C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe" "c:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="120.0.2082096894\44340565" /prefetch:3 "C:\Windows\system32\wuauclt.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe" "C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe" C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --ran-launcher "C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --ran-launcher /crash-reporter-parent-id=4824 "C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=gpu-process --channel="4824.0.2115071727\1380250662" --crash-reporter-pid=976 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9641 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.911.6.0 --crash-reporter-pid=976 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=nl --extension-process --disable-client-side-phishing-detection --renderer-print-preview --with-feature:enhanced-autofill --crash-reporter-pid=976 --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="4824.2.1375083618\1189010602" /prefetch:673131151 "C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=nl --disable-client-side-phishing-detection --renderer-print-preview --with-feature:enhanced-autofill --crash-reporter-pid=976 --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="4824.4.1706693960\1416444227" /prefetch:673131151 "C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=nl --disable-client-side-phishing-detection --renderer-print-preview --with-feature:enhanced-autofill --crash-reporter-pid=976 --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="4824.12.1205356092\395482341" /prefetch:673131151 "C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=nl --disable-client-side-phishing-detection --renderer-print-preview --with-feature:enhanced-autofill --crash-reporter-pid=976 --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="4824.13.2054553967\493997161" /prefetch:673131151 "C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=nl --disable-client-side-phishing-detection --renderer-print-preview --with-feature:enhanced-autofill --crash-reporter-pid=976 --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="4824.14.704912436\1332070050" /prefetch:673131151 taskeng.exe {3CB7E979-0C82-40DB-8D8E-6A09E32CC5F0} C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Users\Anthony\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2037804108-4009389822-1668227099-1001Core.job - C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2037804108-4009389822-1668227099-1001UA.job - C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll [2014-07-31 916320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23398596-cfb3-463e-b896-8976097993b3}] Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3050\ie\MediaViewV1alpha3050.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}] Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4dc528cf-3142-4193-b86d-7d2c121eb9b7}] Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta335\ie\VideoPlayerV3beta335.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll [2014-07-31 654688] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\IPS\IPSBHO.DLL [2014-07-23 392336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-29 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}] Search Assistant BHO - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll [2014-01-03 140360] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba5f1506-0faa-4db0-a6bd-9928b703f977}] Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha27\ie\WebexpEnhancedV1alpha27.dll [2013-12-19 87552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-29 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}] Toolbar BHO - C:\PROGRA~2\ALLIN1~1\bar\1.bin\8hbar.dll [2014-01-03 859720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll [2014-07-31 916320] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352] {cd1a63ba-a08c-431b-9a34-f240aadc728d} - Allin1Convert - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll [2014-01-03 859720] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll [2014-07-31 654688] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2011-03-30 38304] "Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2011-03-02 566696] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2010-09-25 296824] "TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2011-03-09 967544] "SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2010-12-14 316032] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-03 2679592] "Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2011-04-07 1544104] "TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-12-08 710040] "TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2011-07-01 712096] "TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2011-03-03 597928] "TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376] "Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2011-08-10 150992] "Allin1Convert Home Page Guard 64 bit"=C:\PROGRA~2\ALLIN1~1\bar\1.bin\AppIntegrator64.exe [2014-01-03 485448] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2011-05-16 846936] "Facebook Update"=C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver [] "DAEMON Tools Ultra Agent"=C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [2014-02-12 3195096] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352] "Copy"=C:\Users\Anthony\AppData\Roaming\Copy\CopyAgent.exe [2014-08-02 15367824] "Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2014-06-24 4566952] "SkyDrive"=C:\Users\Anthony\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-09-08 251040] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "NBAgent"=c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-06-29 1409424] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-11 343168] "TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2010-06-04 252792] "ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2010-11-29 1294712] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] "ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START [] "Allin1Convert EPM Support"=C:\PROGRA~2\ALLIN1~1\bar\1.bin\8hmedint.exe [2014-01-03 12872] "Allin1Convert Search Scope Monitor"=C:\PROGRA~2\ALLIN1~1\bar\1.bin\8hsrchmn.exe [2014-01-03 55368] "Allin1Convert_8h Browser Plugin Loader"=C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe [2014-01-03 61512] "Allin1Convert_8h Browser Plugin Loader 64"=C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe [2014-01-03 71752] "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2014-02-03 377368] "IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168] "Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-05-26 2688920] "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe Toshiba Places Icon Utility.lnk - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NofolderOptions"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave5"=wdmaud.drv "mixer5"=wdmaud.drv "vidc.mjpg"=bdmjpeg64.dll "vidc.mpeg"=bdmpegv64.dll "msacm.bdmpeg"=bdmpega64.acm ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-09-08 21:16:49 ----D---- C:\rsit 2014-09-08 21:16:49 ----D---- C:\Program Files\trend micro 2014-09-08 20:32:22 ----HD---- C:\OneDriveTemp 2014-09-08 00:58:31 ----D---- C:\Program Files (x86)\Microsoft OneDrive 2014-09-08 00:58:08 ----D---- C:\ProgramData\Microsoft OneDrive 2014-09-06 00:37:44 ----D---- C:\Program Files (x86)\MetaGeek 2014-09-06 00:26:13 ----A---- C:\Windows\system32\activity.txt 2014-09-05 23:19:15 ----A---- C:\Windows\wininit.ini 2014-09-05 21:52:36 ----A---- C:\Windows\system32\sdnclean64.exe 2014-09-05 21:52:32 ----D---- C:\ProgramData\Spybot - Search & Destroy 2014-09-05 21:52:19 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-09-02 15:32:47 ----D---- C:\Program Files (x86)\GeoGebra 4.4 2014-08-27 21:56:58 ----A---- C:\Windows\system32\win32k.sys 2014-08-27 21:56:57 ----A---- C:\Windows\system32\gdi32.dll 2014-08-27 21:56:53 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2014-08-18 21:01:03 ----A---- C:\Windows\SYSWOW64\infocardapi.dll 2014-08-18 21:01:03 ----A---- C:\Windows\system32\infocardapi.dll 2014-08-18 21:01:02 ----A---- C:\Windows\SYSWOW64\icardagt.exe 2014-08-18 21:01:02 ----A---- C:\Windows\system32\icardagt.exe 2014-08-18 21:01:00 ----A---- C:\Windows\SYSWOW64\icardres.dll 2014-08-18 21:01:00 ----A---- C:\Windows\system32\icardres.dll 2014-08-18 21:00:04 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe 2014-08-18 21:00:04 ----A---- C:\Windows\system32\TsWpfWrp.exe 2014-08-17 19:18:40 ----A---- C:\Windows\SYSWOW64\tzres.dll 2014-08-17 19:18:40 ----A---- C:\Windows\system32\tzres.dll 2014-08-17 19:18:13 ----A---- C:\Windows\SYSWOW64\msi.dll 2014-08-17 19:18:13 ----A---- C:\Windows\system32\msi.dll 2014-08-17 19:18:13 ----A---- C:\Windows\system32\authui.dll 2014-08-17 19:18:12 ----A---- C:\Windows\SYSWOW64\msihnd.dll 2014-08-17 19:18:12 ----A---- C:\Windows\SYSWOW64\authui.dll 2014-08-17 19:18:12 ----A---- C:\Windows\system32\msihnd.dll 2014-08-17 19:18:12 ----A---- C:\Windows\system32\consent.exe 2014-08-17 19:18:04 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2014-08-17 19:18:02 ----A---- C:\Windows\system32\shell32.dll 2014-08-17 19:18:01 ----A---- C:\Windows\SYSWOW64\shell32.dll 2014-08-17 19:17:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-08-17 19:17:46 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-08-17 19:17:46 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-08-17 19:17:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-08-17 19:17:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-08-17 19:17:45 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-08-17 19:17:45 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-08-17 19:17:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-08-17 19:17:44 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-08-17 19:17:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-08-17 19:17:44 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-17 19:17:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-08-17 19:17:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-08-17 19:17:40 ----A---- C:\Windows\system32\urlmon.dll 2014-08-17 19:17:40 ----A---- C:\Windows\system32\iernonce.dll 2014-08-17 19:17:40 ----A---- C:\Windows\system32\ie4uinit.exe 2014-08-17 19:17:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-08-17 19:17:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-08-17 19:17:39 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-08-17 19:17:39 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-08-17 19:17:38 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-08-17 19:17:38 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-08-17 19:17:38 ----A---- C:\Windows\system32\msfeeds.dll 2014-08-17 19:17:38 ----A---- C:\Windows\system32\dxtmsft.dll 2014-08-17 19:17:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-08-17 19:17:36 ----A---- C:\Windows\system32\iesetup.dll 2014-08-17 19:17:35 ----A---- C:\Windows\system32\iedkcs32.dll 2014-08-17 19:17:34 ----A---- C:\Windows\system32\iertutil.dll 2014-08-17 19:17:33 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-08-17 19:17:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-08-17 19:17:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-08-17 19:17:32 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-08-17 19:17:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-08-17 19:17:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-08-17 19:17:32 ----A---- C:\Windows\system32\jsproxy.dll 2014-08-17 19:17:31 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-08-17 19:17:31 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-08-17 19:17:30 ----A---- C:\Windows\system32\ieui.dll 2014-08-17 19:17:30 ----A---- C:\Windows\system32\ieframe.dll 2014-08-17 19:17:30 ----A---- C:\Windows\system32\dxtrans.dll 2014-08-17 19:17:29 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-08-17 19:17:29 ----A---- C:\Windows\system32\mshtmled.dll 2014-08-17 19:17:29 ----A---- C:\Windows\system32\jscript9diag.dll 2014-08-17 19:17:29 ----A---- C:\Windows\system32\ieUnatt.exe 2014-08-17 19:17:28 ----A---- C:\Windows\system32\vbscript.dll 2014-08-17 19:17:28 ----A---- C:\Windows\system32\jscript9.dll 2014-08-17 19:17:27 ----A---- C:\Windows\system32\wininet.dll 2014-08-17 19:17:27 ----A---- C:\Windows\system32\ieapfltr.dll 2014-08-17 19:17:26 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-08-17 19:17:25 ----A---- C:\Windows\system32\msrating.dll 2014-08-17 19:17:24 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-17 19:17:24 ----A---- C:\Windows\system32\mshtml.dll 2014-08-17 19:16:59 ----A---- C:\Windows\system32\rpcrt4.dll 2014-08-17 19:16:58 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2014-08-17 19:13:50 ----A---- C:\Windows\system32\aepdu.dll 2014-08-17 19:13:49 ----A---- C:\Windows\system32\aeinv.dll ======List of files/folders modified in the last 1 month====== 2014-09-08 21:16:49 ----RD---- C:\Program Files 2014-09-08 21:13:08 ----D---- C:\Windows\Temp 2014-09-08 20:53:10 ----D---- C:\Windows\system32\config 2014-09-08 20:32:26 ----D---- C:\Windows\System32 2014-09-08 20:32:26 ----D---- C:\Windows\inf 2014-09-08 20:32:26 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-09-08 01:42:35 ----D---- C:\Users\Anthony\AppData\Roaming\Dropbox 2014-09-08 01:42:24 ----D---- C:\Users\Anthony\AppData\Roaming\Copy 2014-09-08 01:40:30 ----D---- C:\Windows\Prefetch 2014-09-08 00:58:31 ----RD---- C:\Program Files (x86) 2014-09-08 00:58:08 ----HD---- C:\ProgramData 2014-09-07 03:58:00 ----SHD---- C:\System Volume Information 2014-09-06 01:27:58 ----D---- C:\Program Files (x86)\Canon 2014-09-06 00:37:50 ----SHD---- C:\Windows\Installer 2014-09-06 00:30:16 ----D---- C:\Program Files (x86)\TeamViewer 2014-09-06 00:30:13 ----RSD---- C:\Windows\Fonts 2014-09-05 23:23:42 ----D---- C:\Windows\system32\NDF 2014-09-05 23:20:55 ----D---- C:\Windows\system32\catroot2 2014-09-05 23:19:26 ----D---- C:\Program Files (x86)\Common Files 2014-09-05 23:19:16 ----D---- C:\ProgramData\Tarma Installer 2014-09-05 23:19:15 ----D---- C:\Windows 2014-09-05 21:52:50 ----SD---- C:\ProgramData\Microsoft 2014-09-05 07:37:13 ----D---- C:\Users\Anthony\AppData\Roaming\uTorrent 2014-09-05 00:20:37 ----D---- C:\ProgramData\CanonIJPLM 2014-09-04 22:29:25 ----D---- C:\Windows\system32\Tasks 2014-09-04 22:18:42 ----D---- C:\Windows\system32\drivers\NISx64 2014-09-03 11:03:02 ----D---- C:\Windows\SysWOW64 2014-09-02 21:13:09 ----D---- C:\Program Files (x86)\Opera 2014-08-29 18:39:18 ----D---- C:\Windows\winsxs 2014-08-28 23:24:56 ----D---- C:\Users\Anthony\AppData\Roaming\vlc 2014-08-27 21:54:35 ----D---- C:\Windows\system32\catroot 2014-08-25 02:21:32 ----D---- C:\Program Files (x86)\Google 2014-08-22 17:31:15 ----D---- C:\Windows\Microsoft.NET 2014-08-22 17:29:50 ----RSD---- C:\Windows\assembly 2014-08-19 18:40:15 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-08-19 18:40:15 ----D---- C:\Windows\system32\nl-NL 2014-08-19 18:40:14 ----D---- C:\Windows\ehome 2014-08-19 18:40:02 ----D---- C:\Windows\system32\drivers 2014-08-19 18:40:01 ----D---- C:\Program Files\Internet Explorer 2014-08-19 18:40:00 ----D---- C:\Windows\SYSWOW64\en-US 2014-08-19 18:39:58 ----D---- C:\Windows\PolicyDefinitions 2014-08-19 18:39:57 ----D---- C:\Windows\system32\en-US 2014-08-19 18:39:53 ----D---- C:\Program Files (x86)\Internet Explorer 2014-08-18 20:59:24 ----SD---- C:\Windows\system32\CompatTel ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-03-01 381440] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1505000.013\SYMDS64.SYS [2013-10-30 493656] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1505000.013\SYMEFA64.SYS [2014-03-04 1148120] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840] R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [2014-08-19 1588016] R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1505000.013\ccSetx64.sys [2014-02-25 162392] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-01 283064] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-06-11 486192] R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\IPSDefs\20140905.001\IDSvia64.sys [2014-08-29 633560] R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2014-02-03 129944] R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1505000.013\SRTSP64.SYS [2014-02-13 875736] R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1505000.013\SRTSPX64.SYS [2013-10-30 36952] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1505000.013\Ironx64.SYS [2013-10-30 264280] R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS [2014-02-18 593112] R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-11 10496512] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 326656] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-12-17 2675712] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-09-24 116752] R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-01-27 1577088] R3 dtscsibus;DAEMON Tools Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtscsibus.sys [2014-03-01 29696] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-07-11 142128] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-02-09 77424] R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140907.003\ENG64.SYS [2014-08-31 129752] R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140907.003\EX64.SYS [2014-08-31 2137304] R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096] R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\drivers\QIOMem.sys [2009-06-15 12800] R3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2012-07-31 38992] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-04-14 177752] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-02-03 1413680] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784] R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664] R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-08-05 292024] R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864] R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2011-07-12 19904] R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472] R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984] S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RTSUVSTOR.sys [2010-11-30 307304] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528] S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 Allin1Convert_8hService;Allin1ConvertService; C:\PROGRA~2\ALLIN1~1\bar\1.bin\8hbarsvc.exe [2014-01-03 88648] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 204288] R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200] R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456] R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312] R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe [2014-07-31 276376] R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408] R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 138656] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2010-12-09 489384] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-04-07 294328] R3 Disc Soft Bus Service;Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [2014-02-12 753880] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 198064] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632] R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 136176] S2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-01-14 227904] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 136176] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-04-18 119408] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080] S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136] S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [2012-05-13 18432] S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [2012-04-19 8177664] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-17 1255736] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------