Logfile of random's system information tool 1.10 (written by random/random) Run by Carl at 2014-09-15 19:23:48 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 23 GB (39%) free of 60 GB Total RAM: 2013 MB (38% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:23:50, on 15-9-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16843) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Users\Carl\AppData\Local\LPT\srptm.exe C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe C:\Program Files\Wave Systems Corp\SecureUpgrade.exe C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe C:\Program Files\iMesh Applications\iMesh\iMesh.exe C:\Users\Carl\AppData\Local\Smartbar\Application\SafeFinder.exe C:\Program Files\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_152_ActiveX.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Carl\Downloads\RSIT.exe C:\Users\Carl\AppData\Local\Smartbar\Application\Lrcnta.exe C:\Program Files\trend micro\Carl.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: SafeFinder SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll O3 - Toolbar: SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [AutoLockProcess] C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe O4 - HKLM\..\Run: [Acer PowerSaver] C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe O4 - HKLM\..\Run: [Acer SmartBoot] C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [WavXMgr] "C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" O4 - HKLM\..\Run: [SecureUpgrade] "C:\Program Files\Wave Systems Corp\SecureUpgrade.exe" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [iMesh] "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Carl\AppData\Local\Smartbar\Application\SafeFinder.exe startup O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Acer SmartBoot Service (ASLSvc) - Acer Incorporated - C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LPT System Updater Service (LPTSystemUpdater) - Unknown owner - C:\Program Files\LPT\srpts.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- End of file - 9467 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] SafeFinder SmartbarEngine - C:\Windows\system32\mscoree.dll [2010-11-05 297808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}] PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08 92208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll [2014-04-29 510816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL [2012-11-15 387040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-04 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll [2014-04-29 510816] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-04 194504] {25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384] {ae07101b-46d4-4a98-af68-0333ea26e113} - SafeFinder Smartbar - C:\Windows\system32\mscoree.dll [2010-11-05 297808] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"=C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-11-18 261888] "AutoLockProcess"=C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe [2009-02-17 446464] "Acer PowerSaver"=C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe [2009-04-18 434176] "Acer SmartBoot"=C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe [2009-05-13 376832] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-11-13 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-11-13 175128] "Persistence"=C:\Windows\system32\igfxpers.exe [2009-11-13 166424] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-11-17 8092192] "WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2009-10-09 134656] "SecureUpgrade"=C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [2009-10-15 656696] "RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2009-04-16 91432] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-12-11 39408] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016] "VoipBuster"=C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe [2014-02-19 19753792] "iMesh"=C:\Program Files\iMesh Applications\iMesh\iMesh.exe [2013-11-21 31010816] "Browser Infrastructure Helper"=C:\Users\Carl\AppData\Local\Smartbar\Application\SafeFinder.exe [2014-08-27 28160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2009-11-06 226304] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 wvauth [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=iyvu9_32.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "vidc.iv50"=ir50_32.dll "vidc.iv41"=ir41_32.ax "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "wave1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2014-09-15 16:15:33 ----D---- C:\Program Files\CCleaner 2014-09-15 15:38:19 ----D---- C:\ProgramData\1399 2014-09-15 15:23:19 ----D---- C:\Program Files\LPT 2014-09-15 15:07:18 ----D---- C:\ProgramData\12335 2014-09-13 18:50:30 ----D---- C:\ProgramData\Canneverbe Limited 2014-09-13 18:50:09 ----D---- C:\Users\Carl\AppData\Roaming\Canneverbe Limited 2014-09-13 18:50:07 ----D---- C:\Program Files\CDBurnerXP 2014-08-26 11:04:13 ----D---- C:\Program Files\TeamViewer 2014-08-25 22:31:52 ----A---- C:\Windows\wininit.ini 2014-08-21 16:14:00 ----A---- C:\Windows\system32\wups2.dll 2014-08-21 16:14:00 ----A---- C:\Windows\system32\wucltux.dll 2014-08-21 16:14:00 ----A---- C:\Windows\system32\wuaueng.dll 2014-08-21 16:14:00 ----A---- C:\Windows\system32\wuauclt.exe 2014-08-21 16:13:52 ----A---- C:\Windows\system32\wups.dll 2014-08-21 16:13:52 ----A---- C:\Windows\system32\wudriver.dll 2014-08-21 16:13:52 ----A---- C:\Windows\system32\wuapi.dll 2014-08-21 16:13:33 ----A---- C:\Windows\system32\wuwebv.dll 2014-08-21 16:13:33 ----A---- C:\Windows\system32\wuapp.exe ======List of files/folders modified in the last 1 month====== 2014-09-15 19:23:49 ----D---- C:\Program Files\trend micro 2014-09-15 19:22:47 ----AD---- C:\Windows 2014-09-15 19:20:38 ----D---- C:\Windows\temp 2014-09-15 16:35:14 ----SHD---- C:\System Volume Information 2014-09-15 16:30:50 ----SHD---- C:\Windows\Installer 2014-09-15 16:28:44 ----D---- C:\Program Files\PDFCreator 2014-09-15 16:28:35 ----D---- C:\Windows\Panther 2014-09-15 16:28:35 ----D---- C:\Windows\Logs 2014-09-15 16:28:35 ----D---- C:\Windows\inf 2014-09-15 16:28:35 ----D---- C:\Windows\debug 2014-09-15 16:15:38 ----D---- C:\Windows\system32\Tasks 2014-09-15 16:15:33 ----RD---- C:\Program Files 2014-09-15 15:51:10 ----D---- C:\Windows\system32\config 2014-09-15 15:38:19 ----D---- C:\ProgramData 2014-09-15 15:36:48 ----D---- C:\Windows\system32\catroot2 2014-09-15 15:31:27 ----D---- C:\Windows\system32\appmgmt 2014-09-15 15:22:06 ----D---- C:\Windows\Prefetch 2014-09-15 15:21:47 ----RSD---- C:\Windows\assembly 2014-09-15 15:21:39 ----SD---- C:\Users\Carl\AppData\Roaming\Microsoft 2014-09-15 15:14:22 ----D---- C:\Windows\System32 2014-09-15 13:10:56 ----D---- C:\Carl 2014-09-14 10:18:24 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-09-13 11:24:21 ----D---- C:\ProgramData\Norton 2014-09-13 11:24:20 ----D---- C:\Program Files\NortonInstaller 2014-09-13 11:22:33 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-08-30 17:38:46 ----D---- C:\Windows\ShellNew 2014-08-26 11:04:21 ----RSD---- C:\Windows\Fonts 2014-08-25 12:15:00 ----D---- C:\Windows\rescache 2014-08-25 10:33:28 ----D---- C:\Windows\winsxs 2014-08-25 10:33:02 ----D---- C:\Windows\system32\nl-NL 2014-08-21 16:14:12 ----D---- C:\Windows\system32\catroot ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver; C:\Windows\system32\DRIVERS\eLock2BurnerLockDriver.sys [2008-03-12 22560] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1405000.01C\SYMDS.SYS [2013-05-20 367704] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1405000.01C\SYMEFA.SYS [2013-01-30 934488] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20140912.003\BHDrvx86.sys [2014-09-13 1137368] R1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NIS\1405000.01C\ccSetx86.sys [2013-04-15 134744] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-09-13 378672] R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20140912.001\IDSvix86.sys [2014-08-29 476888] R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1405000.01C\SRTSP.SYS [2013-05-15 603224] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1405000.01C\SRTSPX.SYS [2013-01-28 32344] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1405000.01C\Ironx86.SYS [2012-11-15 175264] R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NIS\1405000.01C\SYMNETS.SYS [2013-04-24 339544] R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 48128] R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 296064] R2 eLock2FSCTLDriver;eLock2FSCTLDriver; C:\Windows\system32\DRIVERS\eLock2FSCTLDriver.sys [2008-03-12 87072] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] R2 tvicport;tvicport; \??\C:\Windows\system32\drivers\tvicport.sys [2009-02-06 14544] R2 WavxDMgr;WavxDMgr; C:\Windows\system32\DRIVERS\WavxDMgr.sys [2009-10-09 205824] R2 zntport;zntport; \??\C:\Windows\system32\drivers\zntport.sys [2009-02-06 6080] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-11-15 274984] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-13 111408] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-11-06 6229504] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-11-17 2807392] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-05-20 30576] R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140913.021\NAVENG.SYS [2014-08-21 95704] R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140913.021\NAVEX15.SYS [2014-08-21 1636696] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 15360] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2013-11-29 142496] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 14336] R3 vpcbus;Hostbusservice voor Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416] R3 vpcusb;Connectorservice voor USB-virtualisatie; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336] S3 catchme;catchme; \??\C:\Users\Carl\AppData\Local\Temp\catchme.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 20480] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 ASLSvc;Acer SmartBoot Service; C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe [2009-05-13 417792] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 eLockService;eLock Service; C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2009-02-18 24576] R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [2012-02-20 167520] R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [2012-02-20 142432] R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2009-02-18 24576] R2 Greg_Service;GRegService; C:\Program Files\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] R2 LPTSystemUpdater;LPT System Updater Service; C:\Program Files\LPT\srpts.exe [2014-08-27 32768] R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [2013-05-20 144368] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-11-18 255744] R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496] R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280] R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-25 135664] S2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-13 267440] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-25 135664] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-11-25 194032] S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2009-06-03 1019904] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-21 1343400] -----------------EOF-----------------