Logfile of random's system information tool 1.10 (written by random/random) Run by Daan at 2015-03-31 21:15:36 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 34 GB (24%) free of 138 GB Total RAM: 12285 MB (68% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:15:44, on 31-3-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17689) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe D:\Gebruikers\Daan\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\AirPort\APAgent.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files (x86)\1Password 4\Agile1pAgent.exe C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_native_messaging_host.exe C:\Program Files (x86)\TeamViewer\TeamViewer.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Daan.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {66bd2442-241b-44cd-8c7a-b51037053cdb} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: 1Password - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\PROGRA~2\1PASSW~1\x86\AGILE1~1.DLL O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [Agile1pAgent] C:\Program Files (x86)\1Password 4\Agile1pAgent.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_35765335B3B5C680009F09F21956C5FA] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Crack and Setup.lnk = C:\ProgramData\{bcd513af-e561-83d6-bcd5-513afe564ebf}\Crack and Setup.exe O4 - Startup: Dropbox.lnk = Daan\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~2\1PASSW~1\x86\AGILE1~1.DLL O9 - Extra 'Tools' menuitem: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~2\1PASSW~1\x86\AGILE1~1.DLL O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CS1\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CS2\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: NameServer = 208.67.222.222,208.67.220.220 O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: Bitdefender Desktop Parental Control (BdDesktopParental) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mediafour M4LIC service (M4LIC) - Mediafour Corporation - C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE O23 - Service: MacDrive 8 service (MacDrive8Service) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe O23 - Service: Mailbird Updater (MailbirdUpdater.exe) - Mailbird - C:\Program Files (x86)\Mailbird\MailbirdUpdater.exe O23 - Service: Mamut Synchronization Service (MamutSyncService) - Mamut ASA - C:\Program Files (x86)\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL - Unknown owner - C:\MySQL\bin\mysqld (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PostgreSQL_For_OpenERP - PostgreSQL Server 9.2 (PostgreSQL_For_OpenERP) - PostgreSQL Global Development Group - C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/bin/pg_ctl.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18732 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe "C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe" /service C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe" C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService /QuitInfo:0000000000000488;000000000000048C; /AddRef; atieclxx C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe" "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "taskhost.exe" /QuitInfo:00000000000004E0;00000000000004E4; /AddRef; /QuitInfo:00000000000004C0;00000000000004EC; "C:\Windows\system32\Dwm.exe" /loadhooks /Parent:0000000000000A68 C:\Windows\Explorer.EXE "C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe" "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe" "C:\Program Files\iTunes\iTunesHelper.exe" "C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "D:\Gebruikers\Daan\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\AirPort\APAgent.exe" "C:\Program Files (x86)\MagicDisc\MagicDisc.exe" "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup "C:\Program Files (x86)\1Password 4\Agile1pAgent.exe" "C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe" -autoupdate -startplugins "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe" "C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe" "C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe" -Embedding "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service "C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE" "C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe" "C:\Program Files (x86)\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe" "C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe" -sMAMUT "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sPAPEXPRESS "C:\MySQL\bin\mysqld" --defaults-file="C:\MySQL\my.ini" MySQL "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" "C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe" /service "C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe" "C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\iPod\bin\iPodService.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "https://www.spartoo.nl/compte.php?return_id=90E50A2B031736EE&track_id=email_125&email_crm=15297C835A564F08B1FC59D8591ECEF7AD718040FAE5A56A" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d9faf73d-40c1-45b4-8d5e-2e59d242599c -SystemEventPortName:HostProcess-449bf47b-d65d-4d36-90aa-87069758bb3b -IoCancelEventPortName:HostProcess-553ebec7-cedd-461a-bf04-094a4eaa4722 -NonStateChangingEventPortName:HostProcess-63750b04-00fc-4e06-935f-19534b3e23b1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:619330be-bf72-4c3c-9773-94e666213040 -DeviceGroupId:WpdFsGroup "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6252.0.1082445487\1282795618" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,40 --gpu-vendor-id=0x1002 --gpu-device-id=0x949e --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.1.2000 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.2.1706349838\775418481" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.3.1103038876\1308081068" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.5.2068952030\616146665" /prefetch:673131151 C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.10.537390550\1113888143" /prefetch:673131151 "C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.12.389655244\216731029" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.13.482792181\1713856641" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.15.506386126\833653983" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.16.521027879\1547634985" /prefetch:673131151 C:\Windows\splwow64.exe 12288 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.75.541735626\214394926" /prefetch:673131151 "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.109.1454030451\1838221719" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.111.770449734\1570213792" /prefetch:673131151 C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_native_messaging_host.exe" --parent-window=197902 chrome-extension://gbchcmhmhahfdphkhkmpfmihenigjmpp/ < \\.\pipe\chrome.nativeMessaging.in.2d6e4080a28ee63e > \\.\pipe\chrome.nativeMessaging.out.2d6e4080a28ee63e \??\C:\Windows\system32\conhost.exe "-13794888138654502201186676506-1263685498483372925-1093329323-403785719-1378890022 "C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_native_messaging_host.exe" --parent-window=197902 chrome-extension://gbchcmhmhahfdphkhkmpfmihenigjmpp/ "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" "C:\Program Files (x86)\TeamViewer\TeamViewer.exe" "C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log "C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SHA1ToolbarUIJune2016/Warning/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.147.1992215810\7166574" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SHA1ToolbarUIJune2016/Warning/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.152.1163690695\1157125733" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SHA1ToolbarUIJune2016/Warning/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_23/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6252.153.645152105\951892577" /prefetch:673131151 "D:\Gebruikers\Daan\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2474986109-20418994-3047346730-1004Core.job - D:\Gebruikers\Daan\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2474986109-20418994-3047346730-1004UA.job - D:\Gebruikers\Daan\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\SW-Booster-S-2124589612.job - c:\programdata\showappit\sw-booster\SW-Booster.exe /schedule /profile "c:\programdata\showappit\sw-booster\2124589612.ini" ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}] 1Password - C:\PROGRA~2\1PASSW~1\x64\AGILE1~1.DLL [2015-03-23 2361104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-03-13 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12 163720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2012-10-01 2322576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12 163720] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}] 1Password - C:\PROGRA~2\1PASSW~1\x86\AGILE1~1.DLL [2015-03-23 2198800] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-03-13 394800] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12 141192] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12 141192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12 163720] {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-03-13 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12 141192] {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-03-13 394800] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "MacDrive 8 application"=C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe [2010-02-04 345688] "Getting started with MacDrive 8"=C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe [2009-03-31 151040] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 169768] "Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [2015-03-17 1691112] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2014-10-17 43816] "AdobeBridge"= [] "GoogleChromeAutoLaunch_35765335B3B5C680009F09F21956C5FA"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-03-14 809288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager] C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [2013-03-13 1039248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSKAppManager] C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2013-12-22 477064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-02-13 60712] "AirPort Base Station Agent"=C:\Program Files (x86)\AirPort\APAgent.exe [2009-11-11 771360] "ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2012-05-23 371896] "BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2009-05-26 1159168] "ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688] "Agile1pAgent"=C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [2015-03-23 3783952] ""= [] "Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2014-09-12 3499920] D:\Gebruikers\Daan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Crack and Setup.lnk - C:\ProgramData\{bcd513af-e561-83d6-bcd5-513afe564ebf}\Crack and Setup.exe Dropbox.lnk - D:\Gebruikers\Daan\AppData\Roaming\Dropbox\bin\Dropbox.exe MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 ""= [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=lvcod64.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "MSVideo"=vfwwdm32.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1" .scr - open - C:\Windows\system32\notepad.exe "%1" .scr - install - .scr - config - .txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 ======List of files/folders created in the last 1 month====== 2015-03-31 21:15:36 ----D---- C:\rsit 2015-03-31 21:15:36 ----D---- C:\Program Files\trend micro 2015-03-24 20:31:01 ----A---- C:\Windows\system32\invagent.dll 2015-03-24 20:31:01 ----A---- C:\Windows\system32\generaltel.dll 2015-03-24 20:31:01 ----A---- C:\Windows\system32\devinv.dll 2015-03-24 20:31:01 ----A---- C:\Windows\system32\appraiser.dll 2015-03-24 20:31:01 ----A---- C:\Windows\system32\aepic.dll 2015-03-24 20:31:01 ----A---- C:\Windows\system32\aepdu.dll 2015-03-24 20:31:01 ----A---- C:\Windows\system32\aeinv.dll 2015-03-24 20:31:01 ----A---- C:\Windows\system32\acmigration.dll 2015-03-20 01:39:38 ----D---- C:\Windows\Simple Port Tester 2015-03-20 01:39:38 ----D---- C:\Program Files (x86)\Simple Port Tester 2015-03-20 01:39:25 ----A---- C:\Windows\Simple Port Tester Setup Log.txt 2015-03-13 22:41:45 ----A---- C:\Windows\system32\drivers\avchv.sys 2015-03-13 22:41:44 ----A---- C:\Windows\system32\drivers\avckf.sys 2015-03-13 22:38:04 ----A---- C:\Windows\system32\drivers\bdvedisk.sys 2015-03-13 22:38:04 ----A---- C:\Windows\system32\drivers\bdsandbox.sys 2015-03-13 22:38:04 ----A---- C:\Windows\system32\drivers\BdfNdisf6.sys 2015-03-13 22:38:01 ----A---- C:\Windows\system32\drivers\avc3.sys 2015-03-13 22:37:59 ----D---- D:\Gebruikers\Daan\AppData\Roaming\Bitdefender 2015-03-13 22:35:59 ----D---- C:\ProgramData\Bitdefender 2015-03-13 22:35:59 ----A---- C:\Windows\system32\drivers\gzflt.sys 2015-03-13 22:35:58 ----A---- C:\Windows\system32\drivers\trufos.sys 2015-03-11 10:33:05 ----A---- C:\Windows\SYSWOW64\lpk.dll 2015-03-11 10:33:05 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2015-03-11 10:33:05 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2015-03-11 10:33:05 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2015-03-11 10:33:05 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2015-03-11 10:33:05 ----A---- C:\Windows\system32\lpk.dll 2015-03-11 10:33:05 ----A---- C:\Windows\system32\fontsub.dll 2015-03-11 10:33:05 ----A---- C:\Windows\system32\dciman32.dll 2015-03-11 10:33:05 ----A---- C:\Windows\system32\atmlib.dll 2015-03-11 10:33:05 ----A---- C:\Windows\system32\atmfd.dll 2015-03-11 10:33:00 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll 2015-03-11 10:33:00 ----A---- C:\Windows\SYSWOW64\blackbox.dll 2015-03-11 10:33:00 ----A---- C:\Windows\system32\drmv2clt.dll 2015-03-11 10:33:00 ----A---- C:\Windows\system32\blackbox.dll 2015-03-11 10:32:59 ----A---- C:\Windows\system32\wmp.dll 2015-03-11 10:32:57 ----A---- C:\Windows\system32\wmdrmsdk.dll 2015-03-11 10:32:56 ----A---- C:\Windows\SYSWOW64\wmp.dll 2015-03-11 10:32:56 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll 2015-03-11 10:32:56 ----A---- C:\Windows\SYSWOW64\mf.dll 2015-03-11 10:32:56 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-03-11 10:32:55 ----A---- C:\Windows\system32\drmmgrtn.dll 2015-03-11 10:32:54 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll 2015-03-11 10:32:54 ----A---- C:\Windows\system32\drivers\PEAuth.sys 2015-03-11 10:32:54 ----A---- C:\Windows\system32\crypt32.dll 2015-03-11 10:32:53 ----A---- C:\Windows\SYSWOW64\quartz.dll 2015-03-11 10:32:53 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-03-11 10:32:53 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-03-11 10:32:53 ----A---- C:\Windows\SYSWOW64\mfplat.dll 2015-03-11 10:32:53 ----A---- C:\Windows\SYSWOW64\evr.dll 2015-03-11 10:32:53 ----A---- C:\Windows\SYSWOW64\cryptui.dll 2015-03-11 10:32:53 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2015-03-11 10:32:53 ----A---- C:\Windows\system32\winresume.exe 2015-03-11 10:32:53 ----A---- C:\Windows\system32\quartz.dll 2015-03-11 10:32:53 ----A---- C:\Windows\system32\pcasvc.dll 2015-03-11 10:32:53 ----A---- C:\Windows\system32\mfplat.dll 2015-03-11 10:32:53 ----A---- C:\Windows\system32\evr.dll 2015-03-11 10:32:53 ----A---- C:\Windows\system32\drivers\mountmgr.sys 2015-03-11 10:32:53 ----A---- C:\Windows\system32\cryptui.dll 2015-03-11 10:32:52 ----A---- C:\Windows\SYSWOW64\cryptsp.dll 2015-03-11 10:32:52 ----A---- C:\Windows\system32\winload.exe 2015-03-11 10:32:52 ----A---- C:\Windows\system32\msscp.dll 2015-03-11 10:32:52 ----A---- C:\Windows\system32\mf.dll 2015-03-11 10:32:52 ----A---- C:\Windows\system32\cryptsp.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\msscp.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\msnetobj.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\mfps.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\mfpmp.exe 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2015-03-11 10:32:51 ----A---- C:\Windows\SYSWOW64\appidapi.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\wintrust.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\srcore.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\srclient.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\smss.exe 2015-03-11 10:32:51 ----A---- C:\Windows\system32\setbcdlocale.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\rstrui.exe 2015-03-11 10:32:51 ----A---- C:\Windows\system32\rrinstaller.exe 2015-03-11 10:32:51 ----A---- C:\Windows\system32\qdvd.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\pcawrk.exe 2015-03-11 10:32:51 ----A---- C:\Windows\system32\pcalua.exe 2015-03-11 10:32:51 ----A---- C:\Windows\system32\pcadm.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\msnetobj.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\msmmsp.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\mfps.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\mfpmp.exe 2015-03-11 10:32:51 ----A---- C:\Windows\system32\EncDump.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\drivers\appid.sys 2015-03-11 10:32:51 ----A---- C:\Windows\system32\csrsrv.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\cryptsvc.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\cryptnet.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\ci.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\audiosrv.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\AudioSes.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\AUDIOKSE.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\AudioEng.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\audiodg.exe 2015-03-11 10:32:51 ----A---- C:\Windows\system32\appidsvc.dll 2015-03-11 10:32:51 ----A---- C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 10:32:51 ----A---- C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 10:32:51 ----A---- C:\Windows\system32\appidapi.dll 2015-03-11 10:32:50 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2015-03-11 10:32:50 ----A---- C:\Windows\SYSWOW64\spwmp.dll 2015-03-11 10:32:50 ----A---- C:\Windows\SYSWOW64\mferror.dll 2015-03-11 10:32:50 ----A---- C:\Windows\SYSWOW64\dxmasf.dll 2015-03-11 10:32:50 ----A---- C:\Windows\SYSWOW64\apisetschema.dll 2015-03-11 10:32:50 ----A---- C:\Windows\system32\wmploc.DLL 2015-03-11 10:32:50 ----A---- C:\Windows\system32\spwmp.dll 2015-03-11 10:32:50 ----A---- C:\Windows\system32\pcaevts.dll 2015-03-11 10:32:50 ----A---- C:\Windows\system32\mferror.dll 2015-03-11 10:32:50 ----A---- C:\Windows\system32\dxmasf.dll 2015-03-11 10:32:50 ----A---- C:\Windows\system32\apisetschema.dll 2015-03-11 10:32:33 ----A---- C:\Windows\system32\rdpudd.dll 2015-03-11 10:32:33 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-11 10:32:33 ----A---- C:\Windows\system32\rdpcorets.dll 2015-03-11 10:32:25 ----A---- C:\Windows\SYSWOW64\ubpm.dll 2015-03-11 10:32:25 ----A---- C:\Windows\system32\ubpm.dll 2015-03-11 10:32:25 ----A---- C:\Windows\system32\shell32.dll 2015-03-11 10:32:24 ----A---- C:\Windows\SYSWOW64\shell32.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\secur32.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\schannel.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\credssp.dll 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2015-03-11 10:32:21 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\wdigest.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\TSpkg.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\sspisrv.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\sspicli.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\secur32.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\schannel.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\ncrypt.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\msv1_0.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\msobjs.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\msaudite.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\lsass.exe 2015-03-11 10:32:21 ----A---- C:\Windows\system32\lsasrv.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\kerberos.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2015-03-11 10:32:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2015-03-11 10:32:21 ----A---- C:\Windows\system32\drivers\cng.sys 2015-03-11 10:32:21 ----A---- C:\Windows\system32\credssp.dll 2015-03-11 10:32:21 ----A---- C:\Windows\system32\auditpol.exe 2015-03-11 10:32:21 ----A---- C:\Windows\system32\adtschema.dll 2015-03-11 10:32:18 ----A---- C:\Windows\SYSWOW64\msctf.dll 2015-03-11 10:32:18 ----A---- C:\Windows\system32\msctf.dll 2015-03-11 10:32:17 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2015-03-11 10:32:17 ----A---- C:\Windows\system32\WindowsCodecs.dll 2015-03-11 10:32:16 ----A---- C:\Windows\system32\win32k.sys 2015-03-11 10:32:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-03-11 10:32:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2015-03-11 10:32:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2015-03-11 10:32:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2015-03-11 10:32:15 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2015-03-11 10:32:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2015-03-11 10:32:15 ----A---- C:\Windows\system32\iernonce.dll 2015-03-11 10:32:15 ----A---- C:\Windows\system32\ieetwproxystub.dll 2015-03-11 10:32:15 ----A---- C:\Windows\system32\ieetwcollector.exe 2015-03-11 10:32:15 ----A---- C:\Windows\system32\ie4uinit.exe 2015-03-11 10:32:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-03-11 10:32:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-03-11 10:32:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2015-03-11 10:32:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2015-03-11 10:32:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 10:32:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2015-03-11 10:32:13 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-03-11 10:32:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-03-11 10:32:13 ----A---- C:\Windows\system32\urlmon.dll 2015-03-11 10:32:13 ----A---- C:\Windows\system32\iedkcs32.dll 2015-03-11 10:32:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2015-03-11 10:32:12 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2015-03-11 10:32:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2015-03-11 10:32:12 ----A---- C:\Windows\SYSWOW64\ieui.dll 2015-03-11 10:32:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-03-11 10:32:12 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2015-03-11 10:32:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 10:32:12 ----A---- C:\Windows\system32\msfeeds.dll 2015-03-11 10:32:12 ----A---- C:\Windows\system32\iesetup.dll 2015-03-11 10:32:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 10:32:12 ----A---- C:\Windows\system32\ieapfltr.dll 2015-03-11 10:32:12 ----A---- C:\Windows\system32\dxtrans.dll 2015-03-11 10:32:11 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2015-03-11 10:32:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-03-11 10:32:11 ----A---- C:\Windows\system32\iertutil.dll 2015-03-11 10:32:10 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-03-11 10:32:10 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-03-11 10:32:10 ----A---- C:\Windows\SYSWOW64\msrating.dll 2015-03-11 10:32:10 ----A---- C:\Windows\system32\jsproxy.dll 2015-03-11 10:32:10 ----A---- C:\Windows\system32\ieUnatt.exe 2015-03-11 10:32:10 ----A---- C:\Windows\system32\ieui.dll 2015-03-11 10:32:10 ----A---- C:\Windows\system32\ieframe.dll 2015-03-11 10:32:10 ----A---- C:\Windows\system32\dxtmsft.dll 2015-03-11 10:32:09 ----A---- C:\Windows\system32\wininet.dll 2015-03-11 10:32:09 ----A---- C:\Windows\system32\vbscript.dll 2015-03-11 10:32:09 ----A---- C:\Windows\system32\mshtmlmedia.dll 2015-03-11 10:32:09 ----A---- C:\Windows\system32\mshtmled.dll 2015-03-11 10:32:09 ----A---- C:\Windows\system32\jscript9diag.dll 2015-03-11 10:32:09 ----A---- C:\Windows\system32\jscript9.dll 2015-03-11 10:32:08 ----A---- C:\Windows\system32\msrating.dll 2015-03-11 10:32:08 ----A---- C:\Windows\system32\MshtmlDac.dll 2015-03-11 10:32:08 ----A---- C:\Windows\system32\mshtml.dll 2015-03-11 10:32:01 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll 2015-03-11 10:32:01 ----A---- C:\Windows\system32\WMPhoto.dll 2015-03-03 21:43:34 ----A---- C:\Windows\SYSWOW64\wdi.dll 2015-03-03 21:43:34 ----A---- C:\Windows\system32\wdi.dll 2015-03-03 21:43:34 ----A---- C:\Windows\system32\powertracker.dll 2015-03-03 21:43:34 ----A---- C:\Windows\system32\perftrack.dll ======List of files/folders modified in the last 1 month====== 2015-03-31 21:15:44 ----D---- C:\Windows\Prefetch 2015-03-31 21:15:36 ----RD---- C:\Program Files 2015-03-31 21:15:21 ----D---- C:\Windows\Temp 2015-03-31 20:52:32 ----D---- C:\Windows\system32\Tasks 2015-03-31 20:52:32 ----D---- C:\Program Files (x86)\TeamViewer 2015-03-31 20:50:40 ----D---- C:\Windows\system32\drivers\etc 2015-03-31 20:31:58 ----D---- D:\Gebruikers\Daan\AppData\Roaming\AgileBits 2015-03-31 15:37:02 ----D---- C:\Windows\system32\config 2015-03-31 15:26:27 ----D---- C:\Windows\System32 2015-03-31 15:26:27 ----D---- C:\Windows\inf 2015-03-31 15:26:27 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-03-31 15:22:29 ----D---- D:\Gebruikers\Daan\AppData\Roaming\Dropbox 2015-03-30 23:28:53 ----A---- C:\bdlog.txt 2015-03-30 14:37:53 ----D---- C:\Program Files\Common Files\Autodesk Shared 2015-03-30 14:37:53 ----D---- C:\Program Files (x86)\Poedit 2015-03-27 20:11:38 ----SHD---- C:\Windows\Installer 2015-03-27 20:11:38 ----SHD---- C:\Config.Msi 2015-03-27 20:11:37 ----D---- C:\Program Files (x86)\Google 2015-03-27 19:57:37 ----D---- C:\Program Files (x86)\1Password 4 2015-03-25 02:32:26 ----D---- C:\Windows\winsxs 2015-03-25 02:31:34 ----SD---- C:\Windows\system32\CompatTel 2015-03-25 02:31:34 ----D---- C:\Windows\system32\wbem 2015-03-25 02:31:34 ----D---- C:\Windows\system32\appraiser 2015-03-25 02:31:34 ----D---- C:\Windows\AppPatch 2015-03-25 00:18:57 ----SHD---- C:\System Volume Information 2015-03-20 01:39:38 ----RD---- C:\Program Files (x86) 2015-03-20 01:39:38 ----D---- C:\Windows 2015-03-19 21:19:37 ----D---- D:\Gebruikers\Daan\AppData\Roaming\TeamViewer 2015-03-18 18:32:55 ----RSD---- C:\Windows\Fonts 2015-03-17 21:11:00 ----D---- D:\Gebruikers\Daan\AppData\Roaming\uTorrent 2015-03-17 20:11:26 ----D---- C:\Windows\system32\drivers 2015-03-15 14:00:29 ----D---- D:\Gebruikers\Daan\AppData\Roaming\Skype 2015-03-15 09:00:31 ----RD---- C:\Program Files (x86)\Skype 2015-03-15 09:00:26 ----D---- C:\ProgramData\Skype 2015-03-14 15:34:56 ----D---- C:\Windows\system32\DriverStore 2015-03-13 22:51:42 ----HD---- C:\ProgramData 2015-03-13 22:41:42 ----A---- C:\Windows\system32\bdsandboxuh.dll 2015-03-13 22:41:22 ----A---- C:\Windows\system32\bdsandboxuiskin32.dll 2015-03-13 22:41:21 ----A---- C:\Windows\system32\bdsandboxuiskin.dll 2015-03-13 22:37:51 ----D---- C:\Program Files\Bitdefender 2015-03-13 22:35:59 ----D---- C:\Program Files\Common Files\Bitdefender 2015-03-12 11:36:35 ----D---- C:\Windows\rescache 2015-03-12 10:12:12 ----SHD---- C:\Boot 2015-03-12 10:08:52 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-03-12 10:08:52 ----D---- C:\Windows\SYSWOW64\en-US 2015-03-12 10:08:52 ----D---- C:\Windows\SYSWOW64\Dism 2015-03-12 10:08:52 ----D---- C:\Program Files\Windows Media Player 2015-03-12 10:08:52 ----D---- C:\Program Files (x86)\Windows Media Player 2015-03-12 10:08:51 ----D---- C:\Windows\system32\nl-NL 2015-03-12 10:08:51 ----D---- C:\Windows\system32\en-US 2015-03-12 10:08:51 ----D---- C:\Windows\system32\Dism 2015-03-12 10:08:49 ----D---- C:\Windows\system32\CodeIntegrity 2015-03-12 10:08:49 ----D---- C:\Windows\system32\Boot 2015-03-12 10:08:44 ----D---- C:\Program Files\Internet Explorer 2015-03-12 10:08:42 ----D---- C:\Program Files (x86)\Internet Explorer 2015-03-12 00:41:48 ----D---- C:\Windows\system32\MRT 2015-03-12 00:34:20 ----A---- C:\Windows\system32\MRT.exe 2015-03-11 10:31:36 ----D---- C:\Windows\system32\catroot2 2015-03-05 15:34:43 ----D---- D:\Gebruikers\Daan\AppData\Roaming\vlc 2015-03-04 14:08:55 ----D---- D:\Gebruikers\Daan\AppData\Roaming\dvdcss 2015-03-04 09:10:07 ----D---- C:\Windows\tracing ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 avc3;avc3; C:\Windows\system32\DRIVERS\avc3.sys [2015-03-13 1306464] R0 gzflt;gzflt; C:\Windows\system32\DRIVERS\gzflt.sys [2015-03-17 160544] R0 MDFSYSNT;MacDrive file system driver; C:\Windows\system32\drivers\MDFSYSNT.sys [2010-02-04 304232] R0 MDPMGRNT;MacDrive Partition Driver; C:\Windows\system32\DRIVERS\MDPMGRNT.SYS [2009-09-23 32352] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 trufos;trufos; C:\Windows\system32\DRIVERS\trufos.sys [2014-10-15 452040] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; \??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2015-03-13 93600] R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2012-10-29 107080] R1 BDVEDISK;BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [2012-04-17 76944] R1 CBDisk;CBDisk; \??\C:\Windows\system32\drivers\CBDisk.sys [2010-01-13 70344] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560] R1 ctxusbm;Citrix USB Monitor Driver; C:\Windows\system32\DRIVERS\ctxusbm.sys [2012-05-17 93272] R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-12-19 237992] R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-12-19 120232] R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504] R3 avchv;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys [2015-03-13 262544] R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] R3 LVUVC64;Logitech HD Webcam C310(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2011-04-01 4184672] R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552] R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392] R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-12-19 146856] R3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2010-11-02 13312] R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2010-10-25 12848] R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2010-10-25 16168] R3 WFMC_VAD;WFMCVAD (WDM); C:\Windows\system32\DRIVERS\wfmcvad.sys [2010-02-08 24064] S3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2015-03-13 677104] S3 bdfwfpf_pc;bdfwfpf_pc; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2013-07-02 121928] S3 BDSandBox;BDSandBox; \??\C:\Windows\system32\drivers\bdsandbox.sys [2015-03-13 82824] S3 BrSerIb;Brother Serial Interface Driver(WDM); C:\Windows\system32\DRIVERS\BrSerIb.sys [2012-12-03 95344] S3 BrUsbSIb;Brother Serial USB Driver(WDM); C:\Windows\system32\DRIVERS\BrUsbSIb.sys [2012-12-03 21872] S3 NLNdisMP;NLNdisMP; C:\Windows\system32\DRIVERS\nlndis.sys [] S3 NLNdisPT;NetLimiter Ndis Protocol Service; C:\Windows\system32\DRIVERS\nlndis.sys [] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-12-19 132008] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2013-12-22 576904] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264] R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-20 77128] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-13 128512] R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208] R2 M4LIC;Mediafour M4LIC service; C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE [2009-07-29 205312] R2 MacDrive8Service;MacDrive 8 service; C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [2010-01-07 218112] R2 MamutSyncService;Mamut Synchronization Service; C:\Program Files (x86)\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe [2013-11-14 11776] R2 MSSQL$MAMUT;SQL Server (MAMUT); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe [2010-04-03 42884448] R2 MSSQL$PAPEXPRESS;SQL Server (PAPEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712] R2 MySQL;MySQL; C:\MySQL\bin\mysqld --defaults-file=C:\MySQL\my.ini MySQL [] R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272] R2 TabletServiceWacom;TabletServiceWacom; C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [2010-11-15 5716848] R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176] R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640] R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [2014-10-27 67320] R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736] R2 VSSERV;Bitdefender Virus Shield; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [2015-03-17 1547936] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2015-02-13 643880] R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912] S2 PostgreSQL_For_OpenERP;PostgreSQL_For_OpenERP - PostgreSQL Server 9.2; C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/bin/pg_ctl.exe runservice -N PostgreSQL_For_OpenERP -D C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/data -w [] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 267440] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864] S3 BdDesktopParental;Bitdefender Desktop Parental Control; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [2014-12-09 78144] S3 chromoting;@C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_core.dll,-101; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe [2015-03-08 56648] S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-01-12 1357104] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688] S3 MailbirdUpdater.exe;Mailbird Updater; C:\Program Files (x86)\Mailbird\MailbirdUpdater.exe [2014-03-07 326496] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-30 114288] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 150648] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-30 1255736] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 SafeBox;SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2013-07-08 94624] S4 SQLAgent$MAMUT;SQL Server Agent (MAMUT); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456] S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 81920] -----------------EOF-----------------