Z-Analyse V1.0.0.1 Updated 05-December-2013 Tool run by pieter en anja on do 12-12-2013 at 17:47:42,48. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\PIETER~1\AppData\Local\Temp\Rar$EXa0.459\Z-Analyse.exe [Deep Scan] ==== Older Logs ====================== C:\zoek-results2013-12-11-184537.log 3440 bytes ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Program Files\iSafe\iSafeSvc.exe C:\Program Files\iSafe\iSafeSvc2.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Windows\FixCamera.exe C:\Windows\vsnpstd3.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe C:\Program Files\Fighters\Tray\FightersTray.exe C:\Program Files\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\ehome\ehtray.exe C:\Users\pieter en anja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\FilesFrog Update Checker\update_checker.exe C:\Users\pieter en anja\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe C:\Program Files\iSafe\iSafeTray.exe C:\Windows\system32\taskeng.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\System32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe C:\Program Files\Cyberlink\Shared files\RichVideo.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\rundll32.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Windows Mail\WinMail.exe C:\Windows\System32\mobsync.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\conime.exe c:\PROGRA~1\mcafee\siteadvisor\saui.exe C:\Users\PIETER~1\AppData\Local\Temp\Rar$EXa0.459\Z-Analyse.exe C:\Users\PIETER~1\AppData\Local\Temp\NirCmd.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 3326 MB CPU Info: AMD Athlon(tm) 7750 Dual-Core Processor CPU Speed: 2347,1 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: ATI Radeon HD 4300/4500 Series | ATI Radeon HD 4300/4500 Series | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (H: | ) H: HL-DT-STDVDRAM GH22NS40 Ports: COM1 | COM2 LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 576,2GB | D: 20,0GB Hard Disks - Free: C: 422,0GB | D: 10,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/19/08 | MEDION - 20081219 Time Zone: West-Europa (standaardtijd) Motherboard *: MEDIONPC MS-7501 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Default Browser: Firefox 25.0.1 Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 15.0 (x86 nl) Google Chrome version: 31.0.1650.63 Adobe Reader version: 9.5.5.316 Sun Java version: 1.7.0_45 (32-bit) Flash Player version: 11.9.900.170 Shockwave Player version: 12.0.4r144 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-12-04 20:23:57 03FA242A60CAE3D7AF0A187DE223FD0E 162 ----a-w- C:\Windows\Reimage.ini ====== C:\Users\PIETER~1\AppData\Local\Temp ==== 2013-12-12 16:48:04 7734ED3C53F2682DAD2E2EFF93330A7B 1274368 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\Z-Analyse\Z-Analyse.exe 2013-12-12 16:47:38 7734ED3C53F2682DAD2E2EFF93330A7B 1274368 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\Rar$EXa0.459\Z-Analyse.scr 2013-12-12 16:47:37 7734ED3C53F2682DAD2E2EFF93330A7B 1274368 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\Rar$EXa0.459\Z-Analyse.exe 2013-12-11 18:26:25 919160525DA7A3D5D09E0DD5A6B16454 264008 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes.dll 2013-12-11 18:26:24 EA77325B4FAF6EBC8ACEB42011747DA1 571472 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\MSS\3.8.130.10\McInstallerStartup.dll 2013-12-11 18:26:24 8D15BBCBA2B1A6096C0D15E3D1893B5F 153280 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes_LD.dll 2013-12-11 18:26:24 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\MSS\3.8.130.10\McUICnt.exe 2013-12-11 18:26:24 206A83BDC11D09FB1B3740236ED5E9EE 418568 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\MSS\3.8.130.10\mcbrwsr2.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2013-12-01 12:44:23 E713832D5E44C2EA5330DF80243584F2 163840 ----a-w- C:\Windows\System32\atitmmxx.dll 2013-12-01 12:44:23 A75B0381504F7CD5A30232C5CFB73FC8 58368 ----a-w- C:\Windows\System32\coinst_8.97.100.3.dll 2013-12-01 12:44:23 1257B250D07704DF9901C42A5015E88A 1960960 ----a-w- C:\Windows\System32\atiumdmv.dll 2013-12-01 12:44:22 41B157E2E0B8BA823A5D17CE832379FF 19586048 ----a-w- C:\Windows\System32\atioglxx.dll 2013-12-01 12:44:22 33E1F464D271E27F0D4C2269A65B86CF 56832 ----a-w- C:\Windows\System32\atimpc32.dll 2013-12-01 12:44:22 33E1F464D271E27F0D4C2269A65B86CF 56832 ----a-w- C:\Windows\System32\amdpcom32.dll 2013-12-01 12:44:22 2EB30EDF1D367216FBC95393B7F4BD6A 20992 ----a-w- C:\Windows\System32\atimuixx.dll 2013-12-01 12:44:21 DE4675194BD52F42F8CD93D63BB5E25E 46080 ----a-w- C:\Windows\System32\aticalrt.dll 2013-12-01 12:44:21 DD3DEC370451F33C1818911D4549FD5D 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2013-12-01 12:44:21 C4232FADFA9691B85DDA0A7B636C5F6D 217088 ----a-w- C:\Windows\System32\atiesrxx.exe 2013-12-01 12:44:21 9C33B7DEC06665E81E1D6EBCBEEA7568 33280 ----a-w- C:\Windows\System32\atigktxx.dll 2013-12-01 12:44:21 54FCE3704351D5701F75FCD747ABFB07 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2013-12-01 12:44:21 1A89003CE7A4333C9630BB717F59C419 453632 ----a-w- C:\Windows\System32\atieclxx.exe 2013-12-01 12:44:20 E005C916FB9BEEAD7ECC3B0C60FE489B 246000 ----a-w- C:\Windows\System32\atiapfxx.blb 2013-12-01 12:44:20 C94324496F829A39FA65104BD48E1E1F 13402112 ----a-w- C:\Windows\System32\aticaldd.dll 2013-12-01 12:44:20 A019A1F7718268E6CD78F607E716BAAA 44544 ----a-w- C:\Windows\System32\aticalcl.dll 2013-12-01 12:44:20 374067E49E00CEC6DB9D39E7837ABADF 43520 ----a-w- C:\Windows\System32\ati2edxx.dll 2013-12-01 12:44:20 31EBECE35B34EE1D016E845568239427 159744 ----a-w- C:\Windows\System32\atiapfxx.exe 2013-12-01 12:44:20 036CAF931B3F2A05E0CB8452039E849C 364544 ----a-w- C:\Windows\System32\atiadlxx.dll ====== C:\Windows\system32\drivers ===== 2013-12-01 12:48:18 FF258424F0B2EF25EB98F04EE386E6E3 37944 ----a-w- C:\Windows\System32\drivers\amdiox86.sys 2013-12-01 12:44:22 112A7F24C6535DBD2E90AEF34ECB57A4 290304 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2013-12-01 12:44:21 10D681E635E81C253FC5DD1A5048B0E9 10070016 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2013-12-01 12:44:20 9F27C439FEADE1B576D3B0280B9657BB 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-12-08 14:35:38 -------- d-----w- C:\Program Files\trend micro 2013-12-07 09:53:58 -------- d-----w- C:\Program Files\iSafe 2013-12-01 12:50:43 -------- d-----w- C:\Program Files\AMD APP ======= C: ===== ====== C:\Users\pieter en anja\AppData\Roaming ====== 2013-12-07 09:54:27 -------- d-----w- C:\Users\pieter en anja\AppData\Roaming\eCyber 2013-12-07 09:53:58 -------- d-----w- C:\Users\pieter en anja\AppData\Roaming\iSafe 2013-12-01 13:15:00 DF34C25609C51EF5241A2EADDD63F31C 531872 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2013-12-01 12:50:55 -------- d-----w- C:\Users\pieter en anja\AppData\Local\AMD ====== C:\Users\pieter en anja ====== 2013-12-08 14:34:36 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\pieter en anja\Downloads\RSIT.exe 2013-12-07 14:22:49 44294B2E8256A473DC6AE0EF980EBC81 5938856 ----a-w- C:\Users\pieter en anja\Downloads\RegCureProSetup(1).exe 2013-12-07 11:55:05 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\pieter en anja\Downloads\SpyHunter-Installer(2).exe 2013-12-07 11:43:06 44294B2E8256A473DC6AE0EF980EBC81 5938856 ----a-w- C:\Users\pieter en anja\Downloads\RegCureProSetup.exe 2013-12-07 09:53:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC 2013-12-07 09:51:52 A8812955E623BDA5C140AA5596BC313B 903832 ----a-w- C:\Users\pieter en anja\Downloads\yet_another_cleaner(1).exe 2013-12-07 09:44:05 A8812955E623BDA5C140AA5596BC313B 903832 ----a-w- C:\Users\pieter en anja\Downloads\yet_another_cleaner.exe 2013-12-04 20:51:26 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\pieter en anja\Downloads\SpyHunter-Installer(1).exe 2013-12-04 20:26:47 -------- d-----w- C:\ProgramData\CDB 2013-12-04 20:23:37 93674CF1054782C57042E30A9621218B 714960 ----a-w- C:\Users\pieter en anja\Downloads\ReimageRepair.exe 2013-12-02 20:55:54 965048AE9066128A258F3D8185F18304 21896408 ----a-w- C:\Users\pieter en anja\Downloads\Windows-KB890830-V5.6.exe 2013-12-01 13:02:18 -------- d-----w- C:\ProgramData\ATI 2013-12-01 13:02:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center 2013-12-01 12:48:43 -------- d-----w- C:\ProgramData\AMD ====== C: exe-files == 2013-12-12 16:48:04 7734ED3C53F2682DAD2E2EFF93330A7B 1274368 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\Z-Analyse\Z-Analyse.exe 2013-12-12 16:47:37 7734ED3C53F2682DAD2E2EFF93330A7B 1274368 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\Rar$EXa0.459\Z-Analyse.exe 2013-12-11 18:26:24 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\pieter en anja\AppData\Local\Temp\MSS\3.8.130.10\McUICnt.exe 2013-12-08 14:35:38 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\pieter en anja.exe 2013-12-08 14:34:36 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\pieter en anja\Downloads\RSIT.exe 2013-12-07 14:22:49 44294B2E8256A473DC6AE0EF980EBC81 5938856 ----a-w- C:\Users\pieter en anja\Downloads\RegCureProSetup(1).exe 2013-12-07 12:09:50 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla18.exe 2013-12-07 11:55:05 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\pieter en anja\Downloads\SpyHunter-Installer(2).exe 2013-12-07 11:43:06 44294B2E8256A473DC6AE0EF980EBC81 5938856 ----a-w- C:\Users\pieter en anja\Downloads\RegCureProSetup.exe 2013-12-07 09:53:59 F6DF1A5C41436CCD24C19FA06C13F8F5 218280 ----a-w- C:\Program Files\iSafe\iStart.exe 2013-12-07 09:53:59 D5B8E08BB8B7D36E7B9569EF9FD3BC5C 236200 ----a-w- C:\Program Files\iSafe\dup.exe 2013-12-07 09:53:59 C723ABF679F947502805DB751D5B3861 1145000 ----a-w- C:\Program Files\iSafe\iSafe.exe 2013-12-07 09:53:59 B442D52FD49355F9BA15308FC6A482E5 160424 ----a-w- C:\Program Files\iSafe\TrayDownloader.exe 2013-12-07 09:53:59 A2B792C9F721AE906A3367F68C7ECABD 390824 ----a-w- C:\Program Files\iSafe\iSafeSvc.exe 2013-12-07 09:53:59 73E3167BD06ABC468180CA64DB69692D 574120 ----a-w- C:\Program Files\iSafe\iSafeTray.exe 2013-12-07 09:53:59 6785F57F2FD3319C9A88DE5D0EE3EC8B 767144 ----a-w- C:\Program Files\iSafe\iSafeSvc2.exe 2013-12-07 09:53:59 2F0FBDFDB67D30152BCA9E636C13955A 671400 ----a-w- C:\Program Files\iSafe\uninstall.exe 2013-12-07 09:53:59 078F4FA3675F0966CF96B45DDCD4ED9C 256680 ----a-w- C:\Program Files\iSafe\bugreport.exe 2013-12-07 09:51:52 A8812955E623BDA5C140AA5596BC313B 903832 ----a-w- C:\Users\pieter en anja\Downloads\yet_another_cleaner(1).exe 2013-12-07 09:44:05 A8812955E623BDA5C140AA5596BC313B 903832 ----a-w- C:\Users\pieter en anja\Downloads\yet_another_cleaner.exe 2013-12-06 06:09:03 0C04A51D2892F0501FED4D0EAA43FA36 1751392 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.63\31.0.1650.63_31.0.1650.57_chrome_updater.exe === C: other files == 2013-12-07 09:53:59 DBD8CDD695077B2D8FFA8CB9102C0311 179840 ----a-w- C:\Program Files\iSafe\iSafeKrnl.sys 2013-12-07 09:53:59 7E188E1BB129C2B495AD57FB6BFAAB7C 54784 ----a-w- C:\Program Files\iSafe\iSafeNetFilter.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-1536129336-130342614-3972474088-1000\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "Spotify Web Helper"="C:\Users\pieter en anja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "SDP"="C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto " "FLV Player"="C:\Users\pieter en anja\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Spotify"="C:\Users\pieter en anja\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn /f" "panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn /f" "panda4_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn /f" "panda4_0dn_XP"="reg.exe delete HKCU\Software\panda4_0dn /f" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn /f" "panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn /f" "panda4_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn /f" "panda4_0dn_XP"="reg.exe delete HKCU\Software\panda4_0dn /f" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup" "Google EULA Launcher"="C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe GE" "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "FixCamera"="C:\Windows\FixCamera.exe" "snpstd3"="C:\Windows\vsnpstd3.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon" "DATAMNGR"="C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "CommonToolkitTray"="C:\Program Files\Fighters\Tray\FightersTray.exe" "KPN Assistent"="C:\Program Files\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "Spotify Web Helper"="C:\Users\pieter en anja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "SDP"="C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto " "FLV Player"="C:\Users\pieter en anja\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Spotify"="C:\Users\pieter en anja\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\docume~1\\ settings\\all users\\application data\\bitguard\\2.7.1769.27\\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} c:\\docume~1\\ c:\\progra~1\\google\\google~1\\goec62~1.dll" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "SSBkgdUpdate"="\"C:\\Program Files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot" "ArcSoft Connection Service"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" ==== Startup Folders ====================== 2009-08-22 16:02:22 1823 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO HD Edition.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2013 19:12] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [01-02-2010 13:42] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [01-02-2010 13:42] C:\Windows\tasks\SLOW-PCfighter-pieter en anja-Notification.job --a------ C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe [02-03-2012 17:06] C:\Windows\tasks\SLOW-PCfighter-pieter en anja-Startup.job --a------ C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [02-03-2012 17:07] C:\Windows\tasks\User_Feed_Synchronization-{6CC2ED6B-1AD9-4076-AE4B-5C2927BC4B55}.job --ah----- C:\Windows\system32\msfeedssync.exe [28-08-2013 17:41] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\ArcSoft Connect Daemon" [C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe] "C:\Windows\system32\tasks\BitGuard" [C:\Windows\system32\sc.exe start BitGuard] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe] "C:\Windows\system32\tasks\ScanSoft Background Update" [C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe] "C:\Windows\system32\tasks\SLOW-PCfighter-pieter en anja-Notification" [C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe] "C:\Windows\system32\tasks\SLOW-PCfighter-pieter en anja-Startup" [C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{6CC2ED6B-1AD9-4076-AE4B-5C2927BC4B55}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [04-10-2013 16:20] ==== Firefox Extensions ====================== ProfilePath: C:\Users\pieter en anja\AppData\Roaming\Mozilla\Firefox\Profiles\iy4wii2d.default - McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor - Youtube MP3 Podcaster - %ProfilePath%\extensions\youtubemp3podcaster@jeremy.d.gregorio.com - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} - AppsHat - %ProfilePath%\extensions\{97A78363-B868-4B48-AC91-A783A31215AF} - Searchqu Toolbar - %ProfilePath%\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} - Youtube Mp3 Downloader - %ProfilePath%\extensions\youtubemp3@email.com.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Undetermined - %AppDir%\extensions\{129b29a3-f554-444b-aa12-8ead59836cc8} - Undetermined - %AppDir%\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\pieter en anja\AppData\Roaming\Mozilla\Firefox\Profiles\iy4wii2d.default F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash C36444D7301A8C881FC7296B092609C7 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update C2321043FA2CA4C32FF449DE6116B5D9 - C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll - Shockwave for Director / Shockwave for Director 6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45 F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18 D27E5A0797194C13A2F879A5B499B9FB - C:\Program Files\McAfee\SiteAdvisor\NPMcFFPlg32.dll - McAfee SiteAdvisor 9D4A0B314CB9CF134CA27E1E0217E51E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In 0C0C5C207121C7A78414A8250E8E099A - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director 7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4 9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4 5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4 3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4 A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4 AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox CE252B04FB9F4F773A7DB5338BFEEA5B - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility 84715535F8C1296B855BA02BD2C0B237 - C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 625D0A824F513CE1CABB8861E97F2142 - C:\Program Files\Google\Picasa3\npPicasa2.dll - Picasa AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== YouTube - pieter en anja - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - pieter en anja - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - pieter en anja - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - pieter en anja - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com" "Search Bar"="http://search.bearshare.com/sidebar.html?src=ssb" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search/?q=%s" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0191A6B0-1154-4C22-9182-23A95BBE92D9} Google Url="http://www.google.com/search?q={searchTerms}" {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDB" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rlz=1I7MEDB_nl&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" {70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=pZX1H3u9P8N3JFUAsNPPRj281iY?q={searchTerms}" {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} Web Search Url="http://search.bearshare.com/webResults.html?src=ieb&q={searchTerms}" ==== HijackThis Entries ====================== R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe GE O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\pieter en anja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto O4 - HKCU\..\Run: [FLV Player] C:\Users\pieter en anja\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\pieter en anja\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f (User 'Default user') O4 - Global Startup: PHOTOfunSTUDIO HD Edition.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\Minibar.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\docume~1\ settings\all users\application data\bitguard\2.7.1769.27\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} c:\docume~1\ c:\progra~1\google\google~1\goec62~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe O23 - Service: BitGuard - Unknown owner - C:\Documents and Settings\All Users\Application Data\BitGuard\2.7.1769.27\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: iSafeService - Elex do Brasil Participações Ltda - C:\Program Files\iSafe\iSafeSvc.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe ==== After Reboot ====================== ==== EOF on do 12-12-2013 at 18:05:46,07 ======================