Logfile of random's system information tool 1.10 (written by random/random) Run by c-jay at 2014-08-12 22:32:02 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 201 GB (72%) free of 278 GB Total RAM: 3894 MB (50% free) HijackThis download failed ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=7239d34c-f151-4b69-8d94-bc3fd2f7ff74 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\0c218e34-bd2c-420e-acfe-8c426cdbf37e-1c0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe" "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" C:\Windows\SysWOW64\ezSharedSvcHost.exe "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" C:\Windows\SysWow64\winrdlv3.exe winwdgv3.dll,RunMonitor32 "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" C:\Windows\SysWow64\winrdlv3.exe winoav3.dll,RunAgent32 "C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe" "C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe" "C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\AVG\AVG2013\avgemca.exe" C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe "C:\Program Files (x86)\SurveilStar\OMailRpt.exe" -service "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" \??\C:\Windows\system32\conhost.exe "-407466354-1006082599-773522440-830490577-584982233-1885039114-2308705331178294092 "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 2652 "taskhost.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding C:\Windows\SysWOW64\winrdlv3.exe winoauv3.dll,RunAgentU32 C:\Windows\system32\winrdlv3.exe winoauv364.dll,RunAgentU64 C:\Windows\system32\winrdlv3.exe winoauv364.dll,RunAgentU64 "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" taskeng.exe {FFDE5A5D-14FA-4910-A239-43CA9ABE6983} "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun "C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe" "C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe" "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" "C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegrator64.exe" "C:\Users\c-jay\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver "C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background "C:\Users\c-jay\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "C:\Users\c-jay\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart "C:\Windows\winlogin.exe" "C:\Program Files (x86)\SurveilStar\OControl3.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY "C:\Program Files (x86)\AVG Secure Search\vprot.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe" "C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" C:\Windows\splwow64.exe 8192 "C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE" "C:\Users\c-jay\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4784.0.1487463942\1435705672" /prefetch:673131151 "C:\Users\c-jay\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4784.1.757316289\1356650781" /prefetch:673131151 "C:\Users\c-jay\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4784.2.359070031\1024029094" /prefetch:673131151 "C:\Users\c-jay\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4784.3.2094361991\1848293895" /prefetch:673131151 "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\diMaster.dll" /prefetch:1 "C:\Users\c-jay\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="4784.4.172664746\1700958903" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2430 --lang=en-US --log-severity=disable /prefetch:822062411 "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe" C:\Windows\servicing\TrustedInstaller.exe taskeng.exe {6ED03DC2-582C-4A0A-AEE9-838B6C48C9D8} C:\Windows\system32\sppsvc.exe "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-edb9e484-aa13-4d59-80a6-fe5c89a11881 -SystemEventPortName:HostProcess-19f01b54-fd29-48b5-9a8e-12eb81099c83 -IoCancelEventPortName:HostProcess-2770717e-0294-4035-a339-724de749baf4 -NonStateChangingEventPortName:HostProcess-2a426f5b-f7b3-41e8-b527-95f5d70d58c1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:87951b8f-9aa8-49b4-ad57-ebaf5b32e4b3 -DeviceGroupId:WpdFsGroup C:\Windows\system32\igfxsrvc.exe -Embedding "C:\Users\c-jay\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\AmiUpdXp.job - C:\Users\c-jay\AppData\Local\SwvUpdater\Updater.exe C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{E657D2B2-4B8B-433B-903B-FB5D1A6CF92E}.exe --uninstall=1 C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000Core.job - C:\Users\c-jay\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000UA.job - C:\Users\c-jay\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000Core.job - C:\Users\c-jay\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000UA.job - C:\Users\c-jay\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HPCeeScheduleForc-jay.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForc-jay (null) C:\Windows\tasks\Re-markit Update.job - C:\Program Files (x86)\Re-markit\ReMarkit_up.exe /update C:\Windows\tasks\Re-markit_wd.job - C:\Program Files (x86)\Re-markit\Re-markit_wd.exe ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}] Toolbar BHO - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll [2013-08-30 712264] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2b2798ef-c931-4a3b-b51a-baaa1bfe6593}] Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta374\ie\VideoPlayerV3beta374.dll [2014-01-07 87040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{320b278d-d966-4908-840c-4d91b5632b67}] Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1646\ie\MediaViewV1alpha1646.dll [2014-02-26 87040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e4143a5-b4f4-42dd-b32d-822553c432a1}] Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9357\ie\MediaViewV1alpha9357.dll [2014-02-27 87040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}] flash-Enhancer - C:\Program Files (x86)\AmiExt\flashEnhancer\ie\AmiBho.dll [2013-12-10 177664] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5aa230b3-88e7-4d81-b4bf-83f1a6babbd7}] Media Player - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha111\ie\MediaPlayerV1alpha111.dll [2014-01-28 87040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll [2011-08-11 492984] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.DLL [2011-07-25 210872] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}] Search Assistant BHO - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll [2013-08-30 62864] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8ed106f8-b076-481d-8e7a-4b81e11592d1}] Media Buzz - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7625\ie\MediaBuzzV1mode7625.dll [2014-04-24 87040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll [2014-06-24 3584024] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b811c8bc-5799-4377-a71f-dd0067c9b883}] Media Watch - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home5213\ie\MediaWatchV1home5213.dll [2014-03-21 87040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll [2011-08-11 492984] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll [2014-06-24 3584024] {364ea597-e728-4ce4-bb4a-ed846ef47970} - MapsGalaxy - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll [2013-08-30 712264] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-09-15 7466600] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-08-19 2821416] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-07-02 167704] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-07-02 392472] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-07-02 416024] "SetDefault"=C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-09-30 43320] "fssui"=C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [2014-03-31 892608] "MapsGalaxy Home Page Guard 64 bit"=C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator64.exe [2013-08-30 548936] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-08-05 21720] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"=C:\Users\c-jay\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096] "SkyDrive"=C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-08-07 251040] "Spotify Web Helper"=C:\Users\c-jay\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-07-09 1178168] "NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544] "Google Update"=C:\Users\c-jay\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-02 116648] "Spotify"=C:\Users\c-jay\AppData\Roaming\Spotify\spotify.exe [2014-07-09 6162488] "winlogin"=C:\Windows\winlogin.exe [2014-01-21 305152] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64"=C:\Windows\system32\cmd.exe [2010-11-21 345088] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440] "HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-09-29 169528] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-09-15 61112] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2014-01-21 4411952] "vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-06-24 2571288] "HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944] "beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup [] "MapsGalaxy Search Scope Monitor"=C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe [2013-08-30 44784] "MapsGalaxy_39 Browser Plugin Loader"=C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe [2013-08-30 30096] "CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2013-05-02 1282120] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12 49208] ""= [] "mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [] "winlogin"=C:\windows\winlogin.exe [2014-01-21 305152] C:\Users\c-jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup SurveilStar V3 Service Controller.lnk - C:\Program Files (x86)\SurveilStar\OControl3.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-06-27 389632] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-10-15 52920] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\.Winhlpsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ipnpf.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\.Winhlpsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnpf.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-08-12 22:32:02 ----D---- C:\rsit 2014-08-12 22:32:02 ----D---- C:\Program Files\trend micro 2014-08-12 14:54:05 ----D---- C:\Program Files (x86)\Trend Micro 2014-08-10 04:20:33 ----SHD---- C:\found.001 2014-08-02 11:08:57 ----A---- C:\Windows\system32\wups2.dll 2014-08-02 11:08:57 ----A---- C:\Windows\system32\wucltux.dll 2014-08-02 11:08:57 ----A---- C:\Windows\system32\wuaueng.dll 2014-08-02 11:08:57 ----A---- C:\Windows\system32\wuauclt.exe 2014-08-02 11:08:24 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2014-08-02 11:08:24 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2014-08-02 11:08:24 ----A---- C:\Windows\system32\wuwebv.dll 2014-08-02 11:08:24 ----A---- C:\Windows\system32\wuapp.exe 2014-07-15 18:16:22 ----D---- C:\Windows\SYSWOW64\siscardplugins ======List of files/folders modified in the last 1 month====== 2014-08-12 22:32:02 ----RD---- C:\Program Files 2014-08-12 22:28:00 ----D---- C:\Windows\Temp 2014-08-12 22:27:49 ----D---- C:\Users\c-jay\AppData\Roaming\Spotify 2014-08-12 22:00:41 ----D---- C:\ProgramData\MFAData 2014-08-12 21:55:05 ----D---- C:\Windows\system32\config 2014-08-12 14:55:47 ----D---- C:\Windows\System32 2014-08-12 14:55:47 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-08-12 14:55:43 ----D---- C:\Windows\inf 2014-08-12 14:54:06 ----SHD---- C:\Windows\Installer 2014-08-12 14:54:05 ----SD---- C:\Users\c-jay\AppData\Roaming\Microsoft 2014-08-12 14:54:05 ----RD---- C:\Program Files (x86) 2014-08-12 14:53:51 ----SHD---- C:\System Volume Information 2014-08-12 14:35:39 ----D---- C:\Users\c-jay\AppData\Roaming\newnext.me 2014-08-12 14:35:23 ----A---- C:\Windows\win.ini 2014-08-12 14:34:40 ----A---- C:\Windows\SYSWOW64\log.txt 2014-08-12 14:13:18 ----HD---- C:\HP 2014-08-12 13:42:34 ----D---- C:\Windows\system32\wbem 2014-08-12 13:42:34 ----D---- C:\Windows 2014-08-12 13:41:26 ----D---- C:\Program Files (x86)\SurveilStar 2014-08-12 13:41:25 ----SHD---- C:\Windows\SYSWOW64\Ocular 2014-08-12 13:41:25 ----D---- C:\Windows\Tasks 2014-08-12 13:41:25 ----D---- C:\Windows\SysWOW64 2014-08-12 13:41:25 ----D---- C:\Windows\system32\DriverStore 2014-08-12 13:41:25 ----D---- C:\Windows\system32\drivers 2014-08-12 13:41:25 ----D---- C:\Windows\system32\catroot2 2014-08-12 13:41:25 ----D---- C:\Windows\registration 2014-08-12 13:23:32 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-08-12 13:23:31 ----D---- C:\Program Files\Microsoft Silverlight 2014-08-12 13:23:20 ----D---- C:\Windows\system32\wfp 2014-08-12 13:23:20 ----D---- C:\Windows\system32\Tasks 2014-08-12 13:23:20 ----D---- C:\Windows\system32\nl-NL 2014-08-12 13:23:20 ----D---- C:\Windows\system32\CodeIntegrity 2014-08-12 13:23:20 ----D---- C:\Windows\rescache 2014-08-12 13:23:19 ----D---- C:\Windows\winsxs 2014-08-10 12:10:43 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-08-09 22:41:16 ----D---- C:\Windows\Prefetch 2014-08-02 11:09:06 ----D---- C:\Windows\system32\catroot 2014-07-24 11:44:37 ----HD---- C:\ProgramData 2014-07-15 18:16:21 ----D---- C:\Program Files (x86)\Belgium Identity Card 2014-07-15 18:15:58 ----D---- C:\drivers ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-10-23 45880] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 246072] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-04-15 240952] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-06-24 50464] R1 IPNPF;WinPcap Packet Driver (IPNPF); C:\Windows\system32\drivers\IPNPF.sys [2013-07-01 42152] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840] R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-21 146432] R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088] R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-06-27 12231584] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-09-17 3073256] R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\Windows\system32\DRIVERS\rtl8192Ce.sys [2013-05-26 878184] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-08-19 391728] R3 TFsfltdrv;TFsfltdrv; \??\C:\Windows\system32\drivers\tfsfltdrv.sys [2013-07-01 68776] R3 TpacketvMP;TpacketvMP; C:\Windows\system32\DRIVERS\tpacketv.sys [2013-07-01 84680] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys [2013-07-17 44672] S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232] S3 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120711.002_a59\BHDrvx64.sys [2012-07-11 1161376] S3 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys [2011-08-08 167048] S3 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2012-06-03 484512] S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-06-09 138912] S3 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120720.001\IDSvia64.sys [2012-06-18 509088] S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120720.024\ENG64.SYS [2012-07-21 120440] S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120720.024\EX64.SYS [2012-07-21 2068600] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056] S3 SQTECH900C;EasyCamera(PID_900C_00); C:\Windows\System32\Drivers\Capt900C.sys [2010-02-25 139072] S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS [2011-08-02 729720] S3 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS [2011-08-02 37496] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS [2011-07-25 451192] S3 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS [2011-07-28 1084536] S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2012-03-09 174200] S3 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS [2011-07-25 189560] S3 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS [2011-07-25 401016] S3 Tpacketv;Tpacketv Service; C:\Windows\system32\DRIVERS\tpacketv.sys [2013-07-01 84680] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 TVDisk;TVDisk; C:\Windows\System32\drivers\TVDisk.sys [2013-07-01 359080] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUSB.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] R2 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160] R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624] R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592] R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-23 268824] R2 MapsGalaxy_39Service;MapsGalaxyService; C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe [2013-08-30 42504] R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [2011-08-10 138760] R2 OMAILREPORT;OCULAR V3 MAILREPORT; C:\Program Files (x86)\SurveilStar\OMailRpt.exe [2013-05-23 1630304] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-23 2320920] R2 vToolbarUpdater18.1.7;vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [2014-06-24 1813528] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 .Winhlpsvr;Windows Helper Service; C:\Program Files (x86)\Common Files\System\winrdgv3.exe [2013-07-01 681024] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-18 136176] S2 OSERVER3;SurveilStar SERVER; C:\Program Files (x86)\SurveilStar\OServer3.exe [2013-07-18 4645000] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-18 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-31 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-09 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------