Logfile of random's system information tool 1.10 (written by random/random) Run by Dirk Wuyten at 2014-07-19 19:24:36 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 452 GB (51%) free of 881 GB Total RAM: 8098 MB (53% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:24:52, on 19/07/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17207) Boot mode: Normal Running processes: C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Launch Manager\OSD.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Dirk Wuyten\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Dirk Wuyten.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://be.msn.com/default.aspx?lang=nl-be&ocid=OIE9HP R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files (x86)\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1836305183-848894975-1166310881-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1836305183-848894975-1166310881-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{BD8AA823-9479-43A4-B500-8B7F6D59BC48}: NameServer = 0.0.0.0 O18 - Protocol: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files (x86)\QlikView\QvProtocol\qvp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Polar Daemon - Unknown owner - C:\Program Files (x86)\Polar\Daemon\polard.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe -- End of file - 17239 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=a283a414-bd9f-466b-afda-830ea17ac37c /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\efc48945-0e14-435b-b0cc-bd348cff753f-1c8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS "C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe" "C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" "C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe" C:\Windows\system32\WLANExt.exe 24396928 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" \??\C:\Windows\system32\conhost.exe "-640544613-6502468722023536640765776409925652389-477122562-1482770903-618672270 "C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe" "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe" "C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe" "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" C:\Windows\system32\svchost.exe -k bthsvcs "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" "C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe" "C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe" "C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe" "C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" "C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe" -runService:MsDepSvc "c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS "C:\Program Files (x86)\Polar\Daemon\polard.exe" C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=d8d57365-7bd0-4f5f-ac18-1d2cdcd13429 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\c6b5d203-4b48-4304-8264-dd0b3b4c915d-ba4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" "c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe" "C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" WLIDSvcM.exe 4092 C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" C:\Windows\system32\igfxsrvc.exe -Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Launch Manager\OSD.exe" "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe" "C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" "C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe" "C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe" -Embedding C:\Windows\system32\svchost.exe -k WindowsMobile "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe" "C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE" "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8776.0.260645659\881645331" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.1.628704075\1625783402" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.2.1393353055\916489611" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.3.1807348271\1193055336" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.4.8341521\622187547" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.5.1277066404\1905443452" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.6.635379628\1576619717" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.7.385795918\1029302257" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --instant-process --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.8.1815883061\1769204105" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.9.1966996872\1121619554" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="8776.11.1537152487\264339871" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll" --lang=nl --channel="8776.12.997749056\1299199394" /prefetch:-390060480 "C:\Users\Dirk Wuyten\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.13.840546603\697180284" /prefetch:673131151 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe33_ Global\UsGthrCtrlFltPipeMssGthrPipe33 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 "C:\Users\Dirk Wuyten\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k WerSvcGroup ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1836305183-848894975-1166310881-1001Core.job - C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1836305183-848894975-1166310881-1001UA.job - C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-05-13 590408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-27 49440] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-05-13 475208] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-25 461216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-25 170912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IntelPROSet"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-09-16 1935120] "IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-09-16 1935120] "BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-09-03 2294568] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-26 12681320] "RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-03 167704] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-03 392472] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-03 416024] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-02 116648] "OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064] "GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2014-05-15 122200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [2013-02-11 6869080] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2014-01-21 4411952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-01-30 21822128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Memory Cleaner] C:\Users\Dirk Wuyten\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [2013-02-03 791560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2014-06-16 4566664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe [2014-07-04 296520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-04-15 136488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [2011-04-15 228448] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Polar WebSync.lnk] C:\PROGRA~2\Polar\WebSync\WebSync.exe [2013-02-26 6227512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk] C:\PROGRA~2\Real\REALPL~1\RPDS\Bin64\RPSYST~1.EXE [2014-07-04 1022048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dirk Wuyten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] C:\Users\DIRKWU~1\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-05-20 33322312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dirk Wuyten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk] C:\PROGRA~2\MICROS~2\Office14\ONENOTEM.EXE [2013-06-25 228552] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440] "LMgrVolOSD"=C:\Program Files (x86)\Launch Manager\OSD.exe [2011-08-06 348960] "CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-04 107816] "RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2011-03-30 87336] "Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2011-02-03 506712] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640] "GDFirewallTray"=C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [2014-05-20 1756792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\system32\nvinitx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2012-10-10 441856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-07-19 19:24:36 ----D---- C:\rsit 2014-07-09 08:55:05 ----A---- C:\Windows\system32\drivers\afd.sys 2014-07-09 08:54:55 ----A---- C:\Windows\system32\aepdu.dll 2014-07-09 08:54:55 ----A---- C:\Windows\system32\aeinv.dll 2014-07-09 08:54:27 ----A---- C:\Windows\SYSWOW64\osk.exe 2014-07-09 08:54:27 ----A---- C:\Windows\system32\win32k.sys 2014-07-09 08:54:27 ----A---- C:\Windows\system32\osk.exe 2014-07-09 08:54:25 ----A---- C:\Windows\SYSWOW64\qedit.dll 2014-07-09 08:54:25 ----A---- C:\Windows\system32\qedit.dll 2014-07-09 08:54:22 ----A---- C:\Windows\SYSWOW64\schannel.dll 2014-07-09 08:54:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-07-09 08:54:22 ----A---- C:\Windows\system32\schannel.dll 2014-07-09 08:54:22 ----A---- C:\Windows\system32\kerberos.dll 2014-07-09 08:54:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2014-07-09 08:54:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-07-09 08:54:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2014-07-09 08:54:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2014-07-09 08:54:21 ----A---- C:\Windows\system32\wdigest.dll 2014-07-09 08:54:21 ----A---- C:\Windows\system32\TSpkg.dll 2014-07-09 08:54:21 ----A---- C:\Windows\system32\ncrypt.dll 2014-07-09 08:54:21 ----A---- C:\Windows\system32\msv1_0.dll 2014-07-09 08:54:21 ----A---- C:\Windows\system32\credssp.dll 2014-07-09 08:54:20 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-07-09 08:54:03 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-07-09 08:54:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-07-09 08:54:03 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-07-09 08:54:03 ----A---- C:\Windows\system32\iernonce.dll 2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-07-09 08:54:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 08:54:02 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-07-09 08:54:02 ----A---- C:\Windows\system32\iedkcs32.dll 2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-07-09 08:54:01 ----A---- C:\Windows\system32\urlmon.dll 2014-07-09 08:54:01 ----A---- C:\Windows\system32\msfeeds.dll 2014-07-09 08:54:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 08:54:01 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-07-09 08:54:01 ----A---- C:\Windows\system32\dxtmsft.dll 2014-07-09 08:54:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-07-09 08:54:00 ----A---- C:\Windows\system32\iesetup.dll 2014-07-09 08:54:00 ----A---- C:\Windows\system32\ie4uinit.exe 2014-07-09 08:53:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-07-09 08:53:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-07-09 08:53:59 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-07-09 08:53:59 ----A---- C:\Windows\system32\iertutil.dll 2014-07-09 08:53:58 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-07-09 08:53:58 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-07-09 08:53:58 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-07-09 08:53:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-07-09 08:53:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-07-09 08:53:58 ----A---- C:\Windows\system32\jsproxy.dll 2014-07-09 08:53:57 ----A---- C:\Windows\system32\ieui.dll 2014-07-09 08:53:57 ----A---- C:\Windows\system32\ieframe.dll 2014-07-09 08:53:57 ----A---- C:\Windows\system32\dxtrans.dll 2014-07-09 08:53:56 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-07-09 08:53:56 ----A---- C:\Windows\system32\mshtmled.dll 2014-07-09 08:53:56 ----A---- C:\Windows\system32\jscript9diag.dll 2014-07-09 08:53:56 ----A---- C:\Windows\system32\jscript9.dll 2014-07-09 08:53:56 ----A---- C:\Windows\system32\ieUnatt.exe 2014-07-09 08:53:55 ----A---- C:\Windows\system32\wininet.dll 2014-07-09 08:53:55 ----A---- C:\Windows\system32\vbscript.dll 2014-07-09 08:53:55 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-07-09 08:53:55 ----A---- C:\Windows\system32\ieapfltr.dll 2014-07-09 08:53:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 08:53:54 ----A---- C:\Windows\system32\msrating.dll 2014-07-09 08:53:54 ----A---- C:\Windows\system32\mshtml.dll 2014-07-09 08:53:49 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2014-07-09 08:53:49 ----A---- C:\Windows\SYSWOW64\secur32.dll 2014-07-09 08:53:49 ----A---- C:\Windows\system32\lsasrv.dll 2014-07-08 12:17:32 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Plex Home Theater 2014-07-08 12:06:14 ----D---- C:\Program Files (x86)\Plex Home Theater 2014-07-07 13:22:28 ----A---- C:\Windows\system32\drivers\GDKBFlt64.sys 2014-07-05 14:09:27 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Apple Computer 2014-07-05 14:09:26 ----D---- C:\ProgramData\boost_interprocess 2014-07-05 14:08:02 ----D---- C:\Program Files (x86)\Plex 2014-07-04 14:24:00 ----D---- C:\ProgramData\RealNetworks 2014-07-04 14:24:00 ----D---- C:\Program Files (x86)\RealNetworks 2014-07-04 14:23:25 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll 2014-07-04 14:23:04 ----A---- C:\Windows\SYSWOW64\pncrt.dll 2014-07-04 14:22:58 ----A---- C:\Windows\SYSWOW64\msvcr71.dll 2014-07-04 14:22:58 ----A---- C:\Windows\SYSWOW64\msvcp71.dll ======List of files/folders modified in the last 1 month====== 2014-07-19 19:24:52 ----D---- C:\Windows\Prefetch 2014-07-19 19:24:47 ----D---- C:\Windows\Temp 2014-07-19 19:24:46 ----D---- C:\Program Files\trend micro 2014-07-19 18:49:16 ----D---- C:\Dirk 2014-07-19 18:11:03 ----SHD---- C:\System Volume Information 2014-07-19 17:18:16 ----D---- C:\Windows\inf 2014-07-19 17:18:15 ----D---- C:\Windows\Logs 2014-07-19 17:18:15 ----D---- C:\Windows\debug 2014-07-19 17:18:15 ----D---- C:\Windows 2014-07-19 16:41:21 ----D---- C:\Windows\system32\config 2014-07-19 15:29:49 ----D---- C:\ProgramData\MFAData 2014-07-19 14:36:57 ----D---- C:\Windows\system32\Tasks 2014-07-19 14:36:38 ----RD---- C:\Users 2014-07-19 14:36:36 ----A---- C:\Windows\SYSWOW64\log.txt 2014-07-19 14:30:19 ----D---- C:\ProgramData\NVIDIA 2014-07-18 14:06:12 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\vlc 2014-07-17 19:13:06 ----HD---- C:\Windows\system32\WLANProfiles 2014-07-13 22:09:04 ----D---- C:\Windows\pss 2014-07-13 12:39:39 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Dropbox 2014-07-13 12:39:04 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\DropboxMaster 2014-07-11 17:17:49 ----D---- C:\Windows\System32 2014-07-11 17:17:49 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-07-10 18:07:28 ----D---- C:\Windows\rescache 2014-07-10 14:03:44 ----D---- C:\Windows\winsxs 2014-07-10 13:56:20 ----D---- C:\Program Files\Windows Journal 2014-07-10 13:56:19 ----SD---- C:\Windows\system32\CompatTel 2014-07-10 13:56:18 ----D---- C:\Windows\SYSWOW64\Dism 2014-07-10 13:56:17 ----D---- C:\Windows\system32\Dism 2014-07-10 13:56:14 ----D---- C:\Windows\SysWOW64 2014-07-10 13:56:14 ----D---- C:\Windows\ehome 2014-07-10 13:56:13 ----D---- C:\Windows\system32\drivers 2014-07-10 13:56:11 ----D---- C:\Windows\system32\nl-NL 2014-07-10 13:56:10 ----D---- C:\Program Files\Internet Explorer 2014-07-10 13:56:09 ----D---- C:\Windows\SYSWOW64\en-US 2014-07-10 13:56:06 ----D---- C:\Windows\system32\en-US 2014-07-10 13:56:03 ----D---- C:\Program Files (x86)\Internet Explorer 2014-07-09 19:10:36 ----SHD---- C:\Windows\Installer 2014-07-09 19:10:28 ----D---- C:\ProgramData\Microsoft Help 2014-07-09 19:08:46 ----D---- C:\Windows\system32\MRT 2014-07-09 19:06:01 ----A---- C:\Windows\system32\MRT.exe 2014-07-09 08:54:09 ----D---- C:\Windows\system32\catroot 2014-07-09 08:53:39 ----D---- C:\Windows\system32\catroot2 2014-07-08 12:11:04 ----D---- C:\ProgramData\Package Cache 2014-07-08 12:06:14 ----RD---- C:\Program Files (x86) 2014-07-07 13:24:14 ----D---- C:\Windows\SYSWOW64\drivers 2014-07-07 13:19:06 ----D---- C:\ProgramData\G Data 2014-07-05 14:09:26 ----HD---- C:\ProgramData 2014-07-05 13:45:03 ----D---- C:\Windows\Tasks 2014-07-04 14:24:54 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\RealNetworks 2014-07-04 14:24:53 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Real 2014-07-04 14:24:17 ----D---- C:\Program Files (x86)\Real 2014-07-04 14:23:33 ----D---- C:\Program Files (x86)\Common Files 2014-07-04 14:23:31 ----D---- C:\ProgramData\Real 2014-06-25 22:36:15 ----D---- C:\Windows\system32\wfp 2014-06-25 22:36:10 ----D---- C:\Windows\system32\wbem 2014-06-25 22:34:27 ----D---- C:\Windows\system32\DriverStore 2014-06-25 22:34:16 ----D---- C:\Windows\system32\NDF 2014-06-25 22:34:16 ----D---- C:\Windows\system32\CodeIntegrity 2014-06-25 22:34:14 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\qBittorrent 2014-06-25 22:34:06 ----D---- C:\Windows\registration ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-10-23 45880] R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys [2014-07-07 55808] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-05-20 557848] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-10-17 28992] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 246072] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-04-15 240952] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816] R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2014-07-07 142336] R1 gdwfpcd;G Data WFP CD; C:\Windows\system32\drivers\gdwfpcd64.sys [2014-07-07 64000] R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2013-12-21 106272] R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2014-07-07 61440] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-09-15 299008] R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2012-08-26 138400] R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712] R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944] R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-04-15 31088] R3 GDKBFlt;G Data GDKBFlt Driver; \??\C:\Windows\system32\drivers\GDKBFlt64.sys [2014-07-07 20992] R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2014-07-07 64000] R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-30 3069032] R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440] R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\drivers\iwdbus.sys [2011-09-09 25496] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-01-25 77424] R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-12-28 56344] R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-09-18 8604672] R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2011-03-15 311400] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys [2010-09-03 1392688] R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-09-08 136000] R3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-09-08 409408] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-09-15 299008] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys [2011-03-08 46592] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2011-09-09 34200] S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2011-10-27 158464] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 SMA_USBBUS;SMA USB Serial Converter; C:\Windows\system32\drivers\ftdibus.sys [2012-01-14 69320] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S4 RsFx0151;RsFx0151 Driver; C:\Windows\system32\DRIVERS\RsFx0151.sys [2011-06-17 313696] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-09-15 1166848] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136] R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2014-05-27 2250360] R2 AVKService;G Data Scheduler; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2013-12-19 914552] R2 AVKWCtl;G Data Bestandssysteembewaker; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2014-05-20 2683760] R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984] R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808] R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928] R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-04-14 70952] R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-04-14 312616] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-09-16 1518352] R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-09-07 8704] R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-05-15 443224] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-28 325656] R2 MsDepSvc;Web Deployment Agent Service; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-04-01 67400] R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2011-06-17 62111072] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-17 1640768] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-17 2253120] R2 Polar Daemon;Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [2012-08-17 413184] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-05-13 39568] R2 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-07-04 1141848] R2 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-05-23 23552] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-09-16 844560] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2010-12-14 244904] R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-17 381248] R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-28 2656280] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296] R3 GDFwSvc;G Data Personal Firewall; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2014-05-20 3203392] R3 GDScan;G Data Scanner; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2014-05-20 700536] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-09-07 100864] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07 136176] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-09-16 340240] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-09 1255736] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-06-17 431456] S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616] -----------------EOF-----------------