Logfile of random's system information tool 1.09 (written by random/random)
Run by maryke at 2013-11-04 14:52:44
Microsoft Windows 7 Professional  Service Pack 1
System drive C: has 153 GB (51%) free of 300 GB
Total RAM: 4095 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:52:57, on 4-11-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Sitecom\Common\RaUI.exe
C:\Program Files (x86)\Datacolor\Spyder4Express\Utility\SpyderUtility.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\maryke.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10068&did=10703&barid=8508129373711480166948421966123931240
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: qualitink - {73ad5d47-66e5-4127-80ca-c0eedabafbcc} - C:\Program Files (x86)\qualitink\qualitinkbho.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1323948606-1254354113-2269261338-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1323948606-1254354113-2269261338-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files (x86)\Sitecom\Common\RaUI.exe
O4 - Global Startup: SpyderUtility.lnk = C:\Program Files (x86)\Datacolor\Spyder4Express\Utility\SpyderUtility.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RalinkRegistryWriter - Ralink Technology, Corp. - C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe
O23 - Service: RalinkRegistryWriter64 - Ralink Technology, Corp. - C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe
O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Unknown owner - C:\Program Files (x86)\Sitecom\Common\RaMediaServer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update qualitink - qualitink - C:\Program Files (x86)\qualitink\updatequalitink.exe
O23 - Service: Util qualitink - qualitink - C:\Program Files (x86)\qualitink\bin\utilqualitink.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11327 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe" 
C:\Windows\system32\WLANExt.exe 39702704
\??\C:\Windows\system32\conhost.exe "20375882671956333748-1299945418217938429180000971-16938462991288057931-146252197
"C:\Program Files (x86)\Sitecom\Common\RaUI.exe" -s
"C:\Program Files (x86)\Datacolor\Spyder4Express\Utility\SpyderUtility.exe" 
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" 
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006d8
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\qualitink\updatequalitink.exe"
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\qualitink\bin\utilqualitink.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Internet Explorer\iexplore.exe" http://www.pc-helpforum.be/register.php?a=act&u=45973&i=35bb201802592ed1e3e3e4a74dfff7eb09feafc7
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6552 CREDAT:267521 /prefetch:2
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding
C:\Windows\system32\AUDIODG.EXE 0xa54
C:\Windows\system32\sppsvc.exe
"C:\Users\maryke\Desktop\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1323948606-1254354113-2269261338-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1323948606-1254354113-2269261338-1000UA.job
C:\Windows\tasks\RMAutoUpdate.job
C:\Windows\tasks\RMSchedule.job
C:\Windows\tasks\Torntv 2-codedownloader.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2010-09-23 6042176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73ad5d47-66e5-4127-80ca-c0eedabafbcc}]
qualitink - C:\Program Files (x86)\qualitink\qualitinkbho.dll [2013-10-05 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-05-30 1309456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2010-09-23 6042176]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-05-30 1309456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2010-09-23 160328]
"Google Update"=C:\Users\maryke\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-26 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-08-28 2252800]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-08-21 105120]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-09-10 347192]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11 958576]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Sitecom Wireless Utility.lnk - C:\Program Files (x86)\Sitecom\Common\RaUI.exe
SpyderUtility.lnk - C:\Program Files (x86)\Datacolor\Spyder4Express\Utility\SpyderUtility.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoInstrumentation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-04 14:52:44 ----D---- C:\rsit
2013-11-04 14:52:44 ----D---- C:\Program Files\trend micro
2013-11-01 06:28:34 ----D---- C:\ProgramData\Ralink
2013-11-01 06:25:05 ----D---- C:\ProgramData\Sitecom Driver
2013-11-01 06:25:05 ----A---- C:\Windows\SYSWOW64\RaCoInst.dat
2013-11-01 06:25:05 ----A---- C:\Windows\system32\RaCoInstx.dll
2013-11-01 06:25:05 ----A---- C:\Windows\system32\RaCoInst.dat
2013-11-01 06:25:05 ----A---- C:\Windows\system32\drivers\netr28ux.sys
2013-11-01 06:24:49 ----D---- C:\Program Files (x86)\Cisco
2013-11-01 06:24:42 ----D---- C:\Windows\system32\RaLanguages
2013-11-01 06:24:42 ----A---- C:\Windows\SYSWOW64\RAIHV.dll
2013-11-01 06:24:42 ----A---- C:\Windows\SYSWOW64\RAEXTUI.dll
2013-11-01 06:24:42 ----A---- C:\Windows\SYSWOW64\DiagFunc.ini
2013-11-01 06:24:42 ----A---- C:\Windows\system32\RAIHV.dll
2013-11-01 06:24:42 ----A---- C:\Windows\system32\RAEXTUI.dll
2013-11-01 06:24:42 ----A---- C:\Windows\system32\RaCertMgr.dll
2013-11-01 06:24:42 ----A---- C:\Windows\system32\DiagFunc.ini
2013-11-01 06:24:41 ----D---- C:\Program Files (x86)\Sitecom
2013-11-01 06:24:41 ----A---- C:\Windows\SYSWOW64\RaCertMgr.dll
2013-11-01 06:24:41 ----A---- C:\Windows\SYSWOW64\DiagFunc.dll
2013-11-01 06:24:41 ----A---- C:\Windows\system32\DiagFunc.dll
2013-11-01 06:23:54 ----D---- C:\Users\maryke\AppData\Roaming\InstallShield
2013-10-29 22:34:41 ----D---- C:\Users\maryke\AppData\Roaming\Nico Mak Computing
2013-10-29 22:34:38 ----D---- C:\ProgramData\Nico Mak Computing
2013-10-29 22:34:37 ----D---- C:\Program Files (x86)\WinZip Malware Protector
2013-10-29 22:34:37 ----A---- C:\Windows\system32\wsusnative64.exe
2013-10-22 20:57:56 ----D---- C:\Users\maryke\AppData\Roaming\Ulead Systems
2013-10-22 20:56:52 ----D---- C:\Program Files\Common Files\Protexis
2013-10-22 20:56:19 ----D---- C:\Program Files\Corel
2013-10-22 20:54:46 ----D---- C:\Program Files (x86)\Corel
2013-10-22 20:49:46 ----D---- C:\Program Files (x86)\SweetIM
2013-10-22 20:48:56 ----D---- C:\Program Files (x86)\qualitink
2013-10-22 20:48:49 ----D---- C:\Program Files (x86)\Torntv 2
2013-10-22 20:48:32 ----D---- C:\Program Files (x86)\TornTV.com
2013-10-10 22:57:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-10 22:57:22 ----A---- C:\Windows\system32\ieui.dll
2013-10-10 22:57:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-10 22:57:21 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-10 22:57:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-10 22:57:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-10 22:57:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-10 22:57:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 22:57:21 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-10 22:57:21 ----A---- C:\Windows\system32\iesetup.dll
2013-10-10 22:57:21 ----A---- C:\Windows\system32\iernonce.dll
2013-10-10 22:57:21 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-10 22:57:20 ----A---- C:\Windows\system32\iertutil.dll
2013-10-10 22:57:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-10 22:57:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-10 22:57:19 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-10 22:57:19 ----A---- C:\Windows\system32\jscript.dll
2013-10-10 22:57:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-10 22:57:18 ----A---- C:\Windows\system32\jscript9.dll
2013-10-10 22:57:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-10 22:57:17 ----A---- C:\Windows\system32\urlmon.dll
2013-10-10 22:57:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-10 22:57:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-10 22:57:16 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-10 22:57:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-10 22:57:15 ----A---- C:\Windows\system32\wininet.dll
2013-10-10 22:57:14 ----A---- C:\Windows\system32\ieframe.dll
2013-10-10 22:57:13 ----A---- C:\Windows\system32\mshtml.dll
2013-10-10 22:57:11 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-10 06:57:19 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-10 06:57:19 ----A---- C:\Windows\system32\comctl32.dll
2013-10-10 06:57:17 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-10 06:57:17 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-10 06:57:17 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-10 06:57:17 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-10 06:57:17 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-10 06:57:17 ----A---- C:\Windows\system32\lpk.dll
2013-10-10 06:57:17 ----A---- C:\Windows\system32\fontsub.dll
2013-10-10 06:57:17 ----A---- C:\Windows\system32\dciman32.dll
2013-10-10 06:57:17 ----A---- C:\Windows\system32\atmlib.dll
2013-10-10 06:57:17 ----A---- C:\Windows\system32\atmfd.dll
2013-10-10 06:57:16 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-10 06:57:16 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-10 06:57:15 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-10 06:57:15 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 06:57:15 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-10 06:57:13 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-10 06:57:13 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-10 06:57:13 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-10 06:57:13 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-10 06:57:13 ----A---- C:\Windows\system32\davclnt.dll
2013-10-10 06:57:11 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-10 06:57:11 ----A---- C:\Windows\system32\mswsock.dll
2013-10-10 06:57:11 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-10 06:57:11 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-10 06:57:10 ----A---- C:\Windows\system32\win32k.sys
2013-10-10 06:57:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-10 06:57:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-10 06:57:05 ----A---- C:\Windows\system32\advapi32.dll
2013-10-10 06:57:04 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-10 06:57:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-10 06:57:04 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-10 06:57:04 ----A---- C:\Windows\system32\tdh.dll
2013-10-10 06:57:04 ----A---- C:\Windows\system32\ntdll.dll
2013-10-10 06:57:03 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-10 06:57:03 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-10 06:57:03 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-10 06:57:03 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-10 06:57:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-10 06:57:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-10 06:57:03 ----A---- C:\Windows\system32\wow64.dll
2013-10-10 06:57:00 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 06:57:00 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 06:56:59 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 06:56:58 ----A---- C:\Windows\system32\scavengeui.dll

======List of files/folders modified in the last 1 month======

2013-11-04 14:52:57 ----D---- C:\Windows\Prefetch
2013-11-04 14:52:55 ----D---- C:\Windows\Temp
2013-11-04 14:52:44 ----RD---- C:\Program Files
2013-11-04 11:59:46 ----D---- C:\Windows\SysWOW64
2013-11-04 05:51:30 ----D---- C:\Windows\System32
2013-11-04 05:51:30 ----D---- C:\Windows\inf
2013-11-04 05:51:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-04 05:46:06 ----AD---- C:\ProgramData\TEMP
2013-11-04 02:46:54 ----D---- C:\Windows\system32\config
2013-11-03 19:28:48 ----SHD---- C:\System Volume Information
2013-11-03 05:56:00 ----D---- C:\Windows\system32\catroot2
2013-11-01 23:28:26 ----D---- C:\ProgramData\CanonIJPLM
2013-11-01 06:28:34 ----HD---- C:\ProgramData
2013-11-01 06:27:40 ----D---- C:\Windows\system32\drivers
2013-11-01 06:25:19 ----D---- C:\Windows\system32\catroot
2013-11-01 06:25:18 ----D---- C:\Windows\system32\DriverStore
2013-11-01 06:25:05 ----SHD---- C:\Windows\Installer
2013-11-01 06:25:05 ----SHD---- C:\Config.Msi
2013-11-01 06:24:49 ----RD---- C:\Program Files (x86)
2013-11-01 06:24:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-10-31 13:36:31 ----D---- C:\Windows\system32\LogFiles
2013-10-30 01:02:46 ----D---- C:\Program Files (x86)\hosts
2013-10-29 22:34:52 ----D---- C:\Windows\system32\Tasks
2013-10-29 16:17:52 ----SHD---- C:\$Recycle.Bin
2013-10-29 15:44:58 ----D---- C:\Windows
2013-10-27 09:45:09 ----SD---- C:\Users\maryke\AppData\Roaming\Microsoft
2013-10-27 08:01:01 ----D---- C:\Windows\Minidump
2013-10-22 20:57:42 ----D---- C:\Windows\Tasks
2013-10-22 20:57:42 ----D---- C:\Program Files (x86)\Google
2013-10-22 20:56:52 ----D---- C:\Program Files\Common Files
2013-10-22 20:55:56 ----D---- C:\ProgramData\Corel
2013-10-22 20:55:56 ----D---- C:\Program Files (x86)\Common Files
2013-10-22 20:55:26 ----D---- C:\Windows\winsxs
2013-10-18 10:12:56 ----D---- C:\Windows\system32\FxsTmp
2013-10-14 07:51:12 ----D---- C:\Windows\system32\NDF
2013-10-11 18:00:52 ----D---- C:\Windows\debug
2013-10-11 08:27:21 ----D---- C:\Windows\rescache
2013-10-11 07:43:22 ----RSD---- C:\Windows\assembly
2013-10-11 07:43:22 ----D---- C:\Windows\Microsoft.NET
2013-10-11 06:13:02 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-11 06:12:59 ----D---- C:\Program Files\Internet Explorer
2013-10-11 06:12:52 ----D---- C:\Windows\AppPatch
2013-10-10 22:59:15 ----D---- C:\ProgramData\Microsoft Help
2013-10-10 22:53:22 ----D---- C:\Windows\system32\MRT
2013-10-10 22:51:57 ----A---- C:\Windows\system32\MRT.exe
2013-10-10 22:47:18 ----D---- C:\Windows\system32\nl-NL
2013-10-08 21:02:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-09-10 132088]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-07-13 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-09-10 105344]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2012-08-17 1733216]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-19 239616]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver; C:\Windows\system32\DRIVERS\RTL85n64.sys [2010-03-23 2061856]
R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 1235968]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 Spyder4;Datacolor Spyder4; C:\Windows\system32\DRIVERS\dccmtr.sys [2011-06-02 15360]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AntiVirSchedulerService;Avira Planner; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-09-10 84024]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-09-10 108088]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-08-21 794272]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 RalinkRegistryWriter;RalinkRegistryWriter; C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe [2012-01-12 372736]
R2 RalinkRegistryWriter64;RalinkRegistryWriter64; C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe [2012-01-12 447488]
R2 Update qualitink;Update qualitink; C:\Program Files (x86)\qualitink\updatequalitink.exe [2013-10-05 65312]
R2 Util qualitink;Util qualitink; C:\Program Files (x86)\qualitink\bin\utilqualitink.exe [2013-10-24 65312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 RaMediaServer;Ralink UPnP Media Server; C:\Program Files (x86)\Sitecom\Common\RaMediaServer.exe [2011-08-18 625728]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-22 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------