Logfile of random's system information tool 1.10 (written by random/random) Run by marcwoutes at 2014-12-21 12:11:13 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 137 GB (30%) free of 465 GB Total RAM: 5118 MB (21% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:11:22, on 21/12/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16599) Boot mode: Normal Running processes: C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Temp\explorer.exe C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\hp\support\hpsysdrv.exe C:\Program Files (x86)\AirVideoServer HD\AirVideoServerUI.exe C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\NIS.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe C:\Program Files (x86)\AirVideoServer HD\ExternalEncoder.exe C:\hp\kbd\kbd.exe C:\Windows\SysWOW64\DllHost.exe c:\program files (x86)\internet explorer\iexplore.exe c:\program files (x86)\internet explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_235_ActiveX.exe c:\program files (x86)\internet explorer\iexplore.exe C:\Program Files\trend micro\marcwoutes.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1417265330&from=exp&uid=ST3500630AS_5QG2SRV9&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1417265330&from=exp&uid=ST3500630AS_5QG2SRV9&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1417265330&from=exp&uid=ST3500630AS_5QG2SRV9&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1417265330&from=exp&uid=ST3500630AS_5QG2SRV9&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O2 - BHO: iToolsBHO - {E1499FE7-129D-4B6E-B681-DDF21E14172C} - C:\Users\marcwoutes\Documents\iTools\Plugin\iToolsBHO.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe O4 - HKLM\..\Run: [BePCSC] C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [AirVideoServerHD] C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [AdobeUpdate] C:\TEMP\explorer.exe O4 - HKCU\..\Run: [DVDFab Passkey] "C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: MyPC Backup.lnk = ? O4 - Global Startup: Service Manager.lnk = C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.hola.org O15 - Trusted Zone: http://www.runaware.com O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} - http://foto.hema.be/ips-opdata/layout/hema/objects/canvasx.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DB28CF23-0083-40B5-BF63-69925D672385} (CNeroSerialChecker Object) - http://www.nero.com/doc/NeroVersionChecker.cab O16 - DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} (IlosoftImageUploadCtl Class) - http://webc.radio-annick.be/auth/controls/IlosoftImageUpload.dll O16 - DPF: {F8E691A0-C92E-4E42-9CDA-62FC07A9483B} (nvUnifiedControl Control) - http://www.thaicam.com/nvUnifiedControl.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{696038D2-D174-4F41-9876-25FAE94D0346}: NameServer = 216.87.84.209,216.87.84.211 O17 - HKLM\System\CS1\Services\Tcpip\..\{696038D2-D174-4F41-9876-25FAE94D0346}: NameServer = 216.87.84.209,216.87.84.211 O17 - HKLM\System\CS2\Services\Tcpip\..\{696038D2-D174-4F41-9876-25FAE94D0346}: NameServer = 216.87.84.209,216.87.84.211 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participações Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\NIS.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PostgreSQL Database Server (pgsql-8.0) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.0\bin\pg_ctl.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 14509 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 wininit.exe C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe c:\windows\system32\svchost.exe -k dcomlaunch "C:\Windows\system32\nvvsvc.exe" c:\windows\system32\svchost.exe -k rpcss c:\windows\system32\svchost.exe -k localservicenetworkrestricted "C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe" "C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe" c:\windows\system32\svchost.exe -k localsystemnetworkrestricted c:\windows\system32\svchost.exe -k netsvcs c:\windows\system32\svchost.exe -k gpsvcgroup C:\Windows\system32\SLsvc.exe c:\windows\system32\svchost.exe -k localservice "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first c:\windows\system32\svchost.exe -k networkservice taskeng.exe {E3EE1AD6-1CB7-456B-B1D8-70C478F85A18} C:\Windows\System32\spoolsv.exe c:\windows\system32\svchost.exe -k localservicenonetwork "C:\Windows\system32\Dwm.exe" taskeng.exe {6C52CC5F-0C42-4534-B629-016312070AFD} C:\Windows\Explorer.EXE "C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe" "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe" "C:\WINDOWS\ehome\ehtray.exe" "C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "C:\Temp\explorer.exe" "C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe" /n "C:\hp\support\hpsysdrv.exe" "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" "C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" c:\windows\system32\svchost.exe -k bthsvcs "C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE" "C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE" C:\Windows\SysWOW64\svchost.exe -k netsvcs "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI C:\Windows\ehome\ehmsas.exe -Embedding "C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe" -s DefaultInstance c:\hp\HPEZBTN\HPBtnSrv.exe "C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe" "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sRADIONOMY536765 "C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER "C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\diMaster.dll" /prefetch:1 "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" c:\windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe" c:\windows\system32\svchost.exe -k wersvcgroup "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0f1d1b9b-c5a8-4202-891f-ed111c2aef60 -SystemEventPortName:HostProcess-5bdadbf3-4fe2-40ca-a1d9-3d085846dd4f -IoCancelEventPortName:HostProcess-588dbdfe-49ea-4136-a0ec-55db6e276464 -NonStateChangingEventPortName:HostProcess-b75a5168-afa3-4a86-ab68-211b824e57fb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5480b38c-bf8f-4764-aa78-a682a6877e12 -DeviceGroupId:WpdFsGroup WLIDSvcM.exe 3800 "C:\Program Files (x86)\AirVideoServer HD\AirVideoServerUI.exe" "C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /c /a /s UserSession C:\Windows\System32\mobsync.exe -Embedding "C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe" -Embedding "C:\Program Files (x86)\AirVideoServer HD\ExternalEncoder.exe" C:\Users\marcwoutes\AppData\Local\AirVideoServerHD\Logs\external-encoder.log C:\Users\marcwoutes\AppData\Local\AirVideoServerHD\Cache\ExternalEncoder "C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance "C:\Program Files\Windows Media Player\wmpnscfg.exe" C:\Windows\SysWOW64\DllHost.exe /Processid:{304CE942-6E39-40D8-943A-B913C40C9CD4} c:\windows\system32\svchost.exe -k localserviceandnoimpersonation "C:\hp\kbd\kbd.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" "C:\Windows\system32\wuauclt.exe" C:\Windows\SysWOW64\DllHost.exe /Processid:{AD3EDBCA-0901-415B-82E9-C16D3B65E38C} "c:\program files (x86)\internet explorer\iexplore.exe" "c:\program files (x86)\internet explorer\iexplore.exe" SCODEF:4956 CREDAT:203009 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_235_ActiveX.exe -Embedding "c:\program files (x86)\internet explorer\iexplore.exe" SCODEF:4956 CREDAT:137480 taskeng.exe {F3E814CA-E2CB-4C69-ADFE-381AC194B689} C:\Windows\system32\wbem\wmiprvse.exe "C:\Users\marcwoutes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJ4IZE6G\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -updatecheck C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1530221515-459145888-4162723692-1000Core.job - C:\Users\marcwoutes\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1530221515-459145888-4162723692-1000UA.job - C:\Users\marcwoutes\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1499FE7-129D-4B6E-B681-DDF21E14172C}] BHOImpl Class - C:\Users\marcwoutes\Documents\iTools\Plugin\iToolsBHO64.dll [2013-01-17 40424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-07-23 392336] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-15 460712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-15 172968] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1499FE7-129D-4B6E-B681-DDF21E14172C}] BHOImpl Class - C:\Users\marcwoutes\Documents\iTools\Plugin\iToolsBHO.dll [2013-01-17 51176] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"=C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-10-31 59720] "ehTray.exe"=C:\Windows\e [2014-12-21 5681594368] "MobileDocuments"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [2012-02-23 59240] "AirVideoServerHD"=C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2014-09-29 2217736] "iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2013-10-31 59720] "AdobeUpdate"=C:\TEMP\explorer.exe [2014-11-09 548864] "DVDFab Passkey"=C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe [2014-08-11 1534496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD1] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Audiogalaxy] C:\Users\marcwoutes\AppData\Local\Audiogalaxy\Audiogalaxy.exe [2011-12-21 2955496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab Passkey] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Firefox] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [2010-12-15 353736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] C:\Program Files (x86)\Nero\Nero BackItUp 4\NBKeyScan.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] C:\Windows\system32\NvCpl.dll [2013-12-19 6671648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\Windows\system32\NvMcTray.dll [2013-12-19 386336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Olympus ib] C:\Program Files (x86)\Olympus\ib\olycamdetect.exe [2012-02-02 96128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrinterProDesktop] C:\Program Files (x86)\Printer Pro Desktop\PrinterProDesktop.exe [2011-12-06 2148352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VLC Streamer Configuration.exe] C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [2014-11-11 1205064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [1999-11-04 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk] C:\PROGRA~2\Toshiba\BLUETO~1\TosBtMng.exe [2010-12-09 2749856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^marcwoutes^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] C:\Users\MARCWO~1\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-12-05 39206856] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536] "OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2007-02-15 119296] "BePCSC"=C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe [2007-05-03 130560] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712] "KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\firefox] [] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\nokiamusic faststart] [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Service Manager.lnk - C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Users\marcwoutes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 C:\\Windows\\system32\\nnnoPhFW [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoThumbnailCache"=1 "NoActiveDesktopChanges"=0 "NoSetActiveDesktop"=0 "NoDriveTypeAutoRun"=221 "NofolderOptions"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\BitTorrent\bittorrent.exe"="C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux2"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - %SystemRoot%\SysWow64\WScript.exe "%1" %* .vbs - open - %SystemRoot%\SysWow64\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-12-20 20:52:24 ----D---- C:\rsit 2014-12-20 20:52:24 ----D---- C:\Program Files\trend micro 2014-12-20 20:46:57 ----D---- C:\Users\marcwoutes\AppData\Roaming\dll-files.com 2014-12-20 20:46:48 ----D---- C:\Program Files (x86)\Dll-Files.com Fixer 2014-12-20 20:36:31 ----D---- C:\ProgramData\Logs 2014-12-20 20:36:29 ----A---- C:\Windows\system32\roboot64.exe 2014-12-20 18:58:41 ----D---- C:\Program Files (x86)\Advanced Fix 2014 2014-12-20 13:16:37 ----D---- C:\Users\marcwoutes\AppData\Roaming\PCFixKit 2014-12-20 13:16:33 ----D---- C:\Program Files (x86)\PCFixKit 2014-12-20 13:13:39 ----D---- C:\Program Files (x86)\Advanced Fix 2014-12-20 12:29:38 ----D---- C:\Users\marcwoutes\AppData\Roaming\Elaborate Bytes 2014-12-20 12:28:27 ----D---- C:\ProgramData\Elaborate Bytes 2014-12-19 01:26:13 ----A---- C:\Windows\SYSWOW64\ElbyCDIO.dll 2014-12-19 01:26:13 ----A---- C:\Windows\system32\drivers\ElbyCDIO.sys 2014-12-14 10:55:07 ----A---- C:\Windows\SYSWOW64\tzres.dll 2014-12-14 10:55:07 ----A---- C:\Windows\system32\tzres.dll 2014-12-14 10:53:47 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2014-12-14 10:53:47 ----A---- C:\Windows\system32\WindowsCodecs.dll 2014-12-14 10:49:06 ----A---- C:\Windows\SYSWOW64\schannel.dll 2014-12-14 10:49:06 ----A---- C:\Windows\system32\schannel.dll 2014-12-13 13:22:31 ----D---- C:\Program Files (x86)\Google 2014-12-12 12:48:13 ----D---- C:\Users\marcwoutes\AppData\Roaming\25940 2014-12-10 19:53:14 ----D---- C:\Program Files (x86)\Hobbyist Software 2014-12-10 17:13:04 ----A---- C:\Windows\system32\jscript9.dll 2014-12-10 17:12:40 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-12-10 17:12:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-12-10 17:12:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-12-10 17:12:40 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-12-10 17:12:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-12-10 17:12:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-12-10 17:12:39 ----A---- C:\Windows\SYSWOW64\jscript.dll 2014-12-10 17:12:39 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-12-10 17:12:39 ----A---- C:\Windows\system32\wininet.dll 2014-12-10 17:12:39 ----A---- C:\Windows\system32\vbscript.dll 2014-12-10 17:12:39 ----A---- C:\Windows\system32\mshtmled.dll 2014-12-10 17:12:39 ----A---- C:\Windows\system32\jsproxy.dll 2014-12-10 17:12:39 ----A---- C:\Windows\system32\jscript.dll 2014-12-10 17:12:39 ----A---- C:\Windows\system32\ieui.dll 2014-12-10 17:12:39 ----A---- C:\Windows\system32\dxtmsft.dll 2014-12-10 17:12:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-12-10 17:12:36 ----A---- C:\Windows\system32\dxtrans.dll 2014-12-10 17:12:35 ----A---- C:\Windows\system32\mshtml.dll 2014-12-10 17:12:34 ----A---- C:\Windows\SYSWOW64\mshta.exe 2014-12-10 17:12:33 ----A---- C:\Windows\system32\mshta.exe 2014-12-10 17:12:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-12-10 17:12:32 ----A---- C:\Windows\system32\msfeedsbs.dll 2014-12-10 17:12:32 ----A---- C:\Windows\system32\ieUnatt.exe 2014-12-10 17:12:31 ----A---- C:\Windows\SYSWOW64\url.dll 2014-12-10 17:12:31 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll 2014-12-10 17:12:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-12-10 17:12:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-12-10 17:12:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-12-10 17:12:31 ----A---- C:\Windows\system32\urlmon.dll 2014-12-10 17:12:31 ----A---- C:\Windows\system32\url.dll 2014-12-10 17:12:31 ----A---- C:\Windows\system32\msfeeds.dll 2014-12-10 17:12:31 ----A---- C:\Windows\system32\iertutil.dll 2014-12-10 17:12:30 ----A---- C:\Windows\system32\ieframe.dll 2014-12-10 17:12:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-12-10 17:12:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-12-10 17:12:28 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe 2014-12-10 17:12:28 ----A---- C:\Windows\system32\msfeedssync.exe 2014-12-09 19:11:21 ----D---- C:\Users\marcwoutes\AppData\Roaming\FreeHideIP 2014-12-09 19:11:21 ----D---- C:\ProgramData\FreeHideIP 2014-12-07 19:32:58 ----D---- C:\ProgramData\Twan Wintjes 2014-12-07 19:29:31 ----D---- C:\Program Files (x86)\AVCHDCoder 2014-12-06 14:02:51 ----D---- C:\ProgramData\Mozilla 2014-12-06 14:02:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-05 19:58:38 ----D---- C:\Users\marcwoutes\AppData\Roaming\0F1L1I1P0H1L1E1E1F 2014-12-05 19:58:38 ----D---- C:\Program Files (x86)\MyPC Backup 2014-12-02 18:50:10 ----D---- C:\Users\marcwoutes\AppData\Roaming\g_dvd_maker 2014-12-02 18:50:10 ----A---- C:\Windows\SYSWOW64\wvc1dmod.dll 2014-12-02 18:50:03 ----D---- C:\Program Files (x86)\GET DVD Maker Ultimate 2014-11-30 10:50:15 ----A---- C:\Windows\system32\win32k.sys 2014-11-30 10:48:39 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL 2014-11-30 10:48:39 ----A---- C:\Windows\system32\IMJP10K.DLL 2014-11-30 10:48:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-11-30 10:48:30 ----A---- C:\Windows\system32\kerberos.dll 2014-11-30 10:47:23 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2014-11-30 10:47:23 ----A---- C:\Windows\system32\msaudite.dll 2014-11-30 10:47:22 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2014-11-30 10:47:22 ----A---- C:\Windows\system32\adtschema.dll 2014-11-30 10:47:20 ----A---- C:\Windows\SYSWOW64\secur32.dll 2014-11-30 10:47:20 ----A---- C:\Windows\system32\termsrv.dll 2014-11-30 10:47:20 ----A---- C:\Windows\system32\lsasrv.dll 2014-11-30 10:47:12 ----A---- C:\Windows\SYSWOW64\oleaut32.dll 2014-11-30 10:47:12 ----A---- C:\Windows\system32\oleaut32.dll 2014-11-30 10:47:07 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2014-11-30 10:47:07 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2014-11-30 10:47:07 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2014-11-30 10:47:07 ----A---- C:\Windows\SYSWOW64\audiodg.exe 2014-11-30 10:47:07 ----A---- C:\Windows\system32\EncDump.dll 2014-11-30 10:47:07 ----A---- C:\Windows\system32\audiosrv.dll 2014-11-30 10:47:07 ----A---- C:\Windows\system32\AUDIOKSE.dll 2014-11-30 10:47:07 ----A---- C:\Windows\system32\AudioEng.dll 2014-11-30 10:36:34 ----A---- C:\Windows\SYSWOW64\packager.dll 2014-11-30 10:36:34 ----A---- C:\Windows\system32\packager.dll 2014-11-30 10:34:28 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-11-30 10:34:28 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-11-30 10:34:28 ----A---- C:\Windows\system32\msxml3r.dll 2014-11-30 10:34:28 ----A---- C:\Windows\system32\msxml3.dll 2014-11-29 22:26:38 ----D---- C:\Program Files (x86)\Nero 2014-11-29 13:55:38 ----A---- C:\Windows\system32\drivers\{5e3e9883-9c0d-443b-ab98-b792663acb63}Gt64.sys 2014-11-29 13:51:21 ----D---- C:\Users\marcwoutes\AppData\Roaming\337Games 2014-11-27 18:25:48 ----D---- C:\ProgramData\Nero ======List of files/folders modified in the last 1 month====== 2014-12-21 12:10:58 ----D---- C:\Windows\Temp 2014-12-21 11:26:04 ----D---- C:\Program Files (x86)\Internet Explorer 2014-12-21 10:34:59 ----SHD---- C:\System Volume Information 2014-12-20 21:20:33 ----D---- C:\Program Files (x86)\Elaborate Bytes 2014-12-20 21:07:01 ----D---- C:\Users\marcwoutes\AppData\Roaming\UseNeXT 2014-12-20 21:02:54 ----D---- C:\Windows\system32\Tasks 2014-12-20 20:52:24 ----RD---- C:\Program Files 2014-12-20 20:50:11 ----D---- C:\Users\marcwoutes\AppData\Roaming\BitTorrent 2014-12-20 20:47:02 ----D---- C:\Windows\Tasks 2014-12-20 20:46:48 ----D---- C:\Program Files (x86) 2014-12-20 20:36:31 ----HD---- C:\ProgramData 2014-12-20 20:36:29 ----D---- C:\Windows\System32 2014-12-20 20:15:44 ----D---- C:\Windows\SysWOW64 2014-12-20 19:41:01 ----D---- C:\Program Files (x86)\UseNeXT 2014-12-20 19:37:59 ----D---- C:\Windows\Logs 2014-12-20 19:33:27 ----D---- C:\Windows\inf 2014-12-20 19:33:27 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-12-20 19:25:46 ----AD---- C:\WINDOWS 2014-12-20 19:19:36 ----D---- C:\Windows\SYSWOW64\Msdtc 2014-12-20 19:19:35 ----D---- C:\Windows\system32\Msdtc 2014-12-20 19:19:34 ----D---- C:\Windows\SMINST 2014-12-20 19:19:34 ----D---- C:\Windows\Panther 2014-12-20 19:19:33 ----D---- C:\Windows\Debug 2014-12-20 19:19:30 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-12-20 19:19:30 ----D---- C:\Program Files (x86)\Blu-ray to DVD Pro 2014-12-20 11:58:44 ----D---- C:\Windows\Prefetch 2014-12-15 19:44:44 ----D---- C:\Users\marcwoutes\AppData\Roaming\vlc 2014-12-14 18:12:15 ----D---- C:\Windows\winsxs 2014-12-14 18:08:48 ----D---- C:\Windows\rescache 2014-12-14 17:49:55 ----D---- C:\Windows\system32\catroot 2014-12-14 17:49:53 ----D---- C:\Windows\system32\catroot2 2014-12-14 15:10:19 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-12-14 15:10:19 ----D---- C:\Windows\system32\nl-NL 2014-12-14 15:10:16 ----D---- C:\Windows\SYSWOW64\migration 2014-12-14 15:10:13 ----D---- C:\Windows\system32\migration 2014-12-14 15:10:08 ----D---- C:\Program Files\Internet Explorer 2014-12-14 14:46:46 ----SHD---- C:\Temp 2014-12-14 11:03:17 ----D---- C:\Windows\system32\MRT 2014-12-14 10:56:54 ----A---- C:\Windows\system32\mrt.exe 2014-12-13 13:27:01 ----SHD---- C:\Windows\Installer 2014-12-12 10:23:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-12-08 19:32:48 ----D---- C:\Program Files (x86)\DVDFab Media Player 2 2014-12-07 18:56:45 ----D---- C:\Windows\system32\drivers 2014-12-07 18:06:47 ----D---- C:\Users\marcwoutes\AppData\Roaming\Ashampoo 2014-12-07 18:06:04 ----D---- C:\Program Files (x86)\Ashampoo 2014-12-06 13:55:53 ----D---- C:\Users\marcwoutes\AppData\Roaming\Dropbox 2014-12-05 19:41:49 ----D---- C:\ProgramData\Skype 2014-12-04 19:30:17 ----D---- C:\Users\marcwoutes\AppData\Roaming\Vso 2014-12-04 17:22:39 ----D---- C:\Program Files (x86)\AirVideoServer HD 2014-12-02 13:38:37 ----D---- C:\ProgramData\vsosdk 2014-11-30 20:00:31 ----D---- C:\Windows\Microsoft.NET 2014-11-30 19:59:52 ----RSD---- C:\Windows\assembly 2014-11-30 14:04:40 ----D---- C:\Program Files (x86)\ProShow MediaSource - Wedding Essentials 2014-11-30 13:41:48 ----A---- C:\Users\marcwoutes\AppData\Roaming\inst.exe 2014-11-30 12:22:27 ----D---- C:\ProgramData\Vso 2014-11-29 13:55:44 ----A---- C:\Windows\win.ini 2014-11-22 20:19:18 ----D---- C:\Users\marcwoutes\AppData\Roaming\Skype ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iastor.sys [2008-12-04 407064] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-20 530488] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS [2013-09-10 493656] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS [2014-03-04 1148120] R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [2014-10-03 1587416] R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [2013-09-26 162392] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-11 487216] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-19 40344] R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2013-06-21 46792] R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20141219.001\IDSvia64.sys [2014-11-18 637656] R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2014-12-04 249000] R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2014-12-04 99496] R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2014-12-04 65704] R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2014-11-03 60584] R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2009-02-10 115600] R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [2014-08-26 876248] R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [2014-08-26 37592] R1 StarPortLite;StarPort Storage Controller (Lite); C:\Windows\system32\DRIVERS\StarPortLite.sys [2008-08-20 117352] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [2014-08-06 266968] R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMTDIV.SYS [2014-02-18 510168] R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224] R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616] R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632] R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-07-16 35344] R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2010-11-16 15672] R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2014-04-24 138664] R3 dvdfab;dvdfab; C:\Windows\system32\drivers\dvdfab.sys [2011-08-15 79232] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 142640] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:\Windows\system32\drivers\HCW85BDA.sys [2008-03-19 1379584] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-03-26 1417240] R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20141220.002\ENG64.SYS [2014-10-27 129752] R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20141220.002\EX64.SYS [2014-10-27 2137304] R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2008-02-26 615424] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-12-19 12645664] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-02-14 160768] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-11-24 177752] R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-04-24 42184] R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664] S1 CopyHDDVDHlp;CopyHDDVDHlp Driver; C:\Windows\system32\drivers\copyhddvdhlp.sys [] S1 ssnfd;ssnfd; C:\Windows\system32\drivers\ssnfd.sys [] S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys [] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 695296] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 35328] S3 CoachUsb;Coach Digital Camera on USB; C:\Windows\system32\DRIVERS\CoachUsb.sys [2009-05-07 78472] S3 CoachVid;CoachVid; C:\Windows\system32\DRIVERS\CoachVid.sys [2009-05-07 72968] S3 DbusAudio;DbusAudio; C:\Windows\system32\drivers\DbusAudio.sys [2011-10-05 34040] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144] S3 DrmRAudio;DrmRAudio; C:\Windows\system32\drivers\DrmRAudio.sys [2011-09-01 34040] S3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648] S3 ElbyCDI0;ElbyCDI0 Driver; C:\Windows\system32\drivers\ElbyCDI0.sys [] S3 EMVSCARD;EMVSCARD; C:\Windows\System32\Drivers\EMVSCARD.sys [2006-12-13 28544] S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [2010-01-27 5248] S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys [2014-12-04 45224] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936] S3 MusCAudio;MusCAudio; C:\Windows\system32\drivers\MusCAudio.sys [2009-11-19 33336] S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600] S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-10-20 82816] S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176] S3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] S3 SYMDNS;SYMDNS; C:\Windows\system32\drivers\SYMDNS.sys [] S3 SYMFW;Symantec Network Filter Driver; C:\Windows\system32\drivers\SYMFW.sys [] S3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NISx64\1007020.00B\SYMNDISV.SYS [] S3 SYMREDRV;SYMREDRV; C:\Windows\system32\drivers\SYMREDRV.sys [] S3 tbhsd;Tunebite High-Speed Dubbing; C:\Windows\system32\drivers\tbhsd.sys [2011-08-29 46112] S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2010-12-12 291760] S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864] S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528] S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472] S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856] S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-12-02 67384] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200] S3 USBCCID;USB-smartcardlezer; C:\Windows\system32\DRIVERS\usbccid.sys [2009-04-11 38400] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 40960] S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 169312] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648] R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840] R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648] R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376] R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648] R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-03-14 94208] R2 HPBtnSrv;HP Chasis Button Service; c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240] R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840] R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2014-12-04 118048] R2 MSSQL$RADIONOMY536765;SQL Server (RADIONOMY536765); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408] R2 MSSQLSERVER;MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [2002-12-17 7520337] R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\NIS.exe [2014-09-21 276376] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-12-19 922912] R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440] R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 196976] R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552] S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] S2 pgsql-8.0;PostgreSQL Database Server; C:\Program Files (x86)\PostgreSQL\8.0\bin\pg_ctl.exe [2014-11-09 66335] S2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-16 867080] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800] S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 27648] S3 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-13 107912] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-13 107912] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-09-01 640840] S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2014-11-09 73728] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800] S3 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-07-14 786256] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800] S3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S3 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2010-05-18 327064] S3 SQLSERVERAGENT;SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE [2002-12-17 311872] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704] S3 UPnPService;UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-10-21 548864] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-12-05 92632] -----------------EOF-----------------