Logfile of random's system information tool 1.10 (written by random/random) Run by dv7 2250 at 2016-01-29 20:15:47 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 320 GB (69%) free of 463 GB Total RAM: 4063 MB (43% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:15:54, on 29-1-2016 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Conceptronic Multimedia\CTVDIGUSB2 Device Utilities\RTLRCtl.exe C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Users\dv7 2250\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe C:\Program Files (x86)\fst_nl_39\fst_nl_39.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\dv7 2250.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file) O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file) O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file) O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKLM\..\Run: [Philips Device Listener] "C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe" O4 - HKLM\..\Run: [fst_nl_39] "C:\Program Files (x86)\fst_nl_39\fst_nl_39.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" O4 - HKCU\..\Run: [SoMud] "C:\Program Files (x86)\SoMud\somud.exe" /bg O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Google Update] "C:\Users\dv7 2250\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\dv7 2250\AppData\Local\Akamai\netsession_win.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: CD-MENU.LNK = E:\AutoMenu.exe O4 - Startup: DesktopWeatherAlerts.lnk = dv7 2250\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe O4 - Startup: Weather Alerts.lnk = dv7 2250\AppData\Local\WeatherAlerts\WeatherAlerts.exe O4 - Global Startup: Desktop Manager.lnk = C:\Program Files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe O4 - Global Startup: Remote Control.lnk = C:\Program Files (x86)\Conceptronic Multimedia\CTVDIGUSB2 Device Utilities\RTLRCtl.exe O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\dv7 2250\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\dv7 2250\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} (RIM AxLoader) - http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O20 - AppInit_DLLs: c:\progra~3\fastan~1\fastan~1.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Search Protect Service (CltMngSvc) - Unknown owner - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe (file missing) O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NewPlayer Updater Service (NewPlayerUpdaterService) - Unknown owner - C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 19833 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService atieclxx C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 3730576 \??\C:\Windows\system32\conhost.exe "-2105817604151267230-1063253128-144921122619719307963407553019020990461688179090 "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs "C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe" "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe" C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\SysWOW64\PnkBstrB.exe "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 3036 C:\Windows\system32\SearchIndexer.exe /Embedding "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\IDT\WDM\sttray64.exe" "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background "C:\Program Files\Java\jre6\bin\jusched.exe" "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun "C:\Program Files (x86)\Conceptronic Multimedia\CTVDIGUSB2 Device Utilities\RTLRCtl.exe" "C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe" "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" /background ArcCon.ac 65964 0 "C:\Users\dv7 2250\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Users\dv7 2250\AppData\Local\WeatherAlerts\WeatherAlerts.exe" /restart "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Users\dv7 2250\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler64.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Windows Media Player\wmpnetwk.exe" taskeng.exe {FE49B6AA-29BE-448D-A06F-53AB37D1C2AD} "C:\Program Files\iPod\bin\iPodService.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe" "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding "C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "27262HP Wireless AssistantWLAN: AanC:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.icoC:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeSHOWSTATUS" "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui "C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe" "C:\Program Files (x86)\fst_nl_39\fst_nl_39.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=108 --on-initialized-event-handle=552 --parent-handle=556 "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4684.0.353431759\762848585" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,24,52 --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.0.0 --ignored=" --type=renderer " /prefetch:822062411 "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4684.2.882844488\553702102" --font-cache-shared-handle=2564 /prefetch:673131151 "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4684.3.792177696\740252193" --font-cache-shared-handle=2608 /prefetch:673131151 "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4684.4.1465166317\1111510809" --font-cache-shared-handle=2428 /prefetch:673131151 "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4684.5.992565549\927248860" --font-cache-shared-handle=2720 /prefetch:673131151 "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4684.6.873369305\1315856674" --font-cache-shared-handle=2028 /prefetch:673131151 "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4684.7.1540718353\164627513" --font-cache-shared-handle=3036 /prefetch:673131151 "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4684.9.851216523\1800872555" --ppapi-flash-args --lang=nl --device-scale-factor=1 --font-cache-shared-handle=2416 --ignored=" --type=renderer " /prefetch:-632637702 "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4684.10.1302123730\206191220" --font-cache-shared-handle=2372 /prefetch:673131151 "C:\Users\dv7 2250\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4684.12.855893767\84701203" --font-cache-shared-handle=2032 /prefetch:673131151 C:\Windows\system32\sppsvc.exe "C:\Users\dv7 2250\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\6c0e75e6-f53f-4d19-b513-977d38468083-3.job - C:\Program Files (x86)\MediaPlayerplus\6c0e75e6-f53f-4d19-b513-977d38468083-3.exe /ZIANeo=kzSxkLEONFZ3vmY0spfWJsnlYdF/XaGOsKtwSU1oN6MF/f59lkxu0t1YdL7SUu9ocbh5AOpSgBf8DBe7sYMOafyGLVJcWTFaPD0vpPcrZJabLI7rpg5WzJdaKHEC9zYsBTVrPhEfB8MO4sMuoPtfogTutUquzhZY3t3yFb9y0Y+NTUgulYOYuxU+2px7N/pgQ7XWSrQswcF95POrID1BxHnnYTCLH+qsEp/O+wR8g7gDtGabIeV4ySEQhLdKWWooJoea0vJQOm6kG4XNya9kA8denF47PvwbLhF7bTfx3NI6NOXNQE10WBbE3qqi+jIDegHNRJTfjHpao4DRHxcpVLTVURq4sjamWUCPsPbRLJ4DX+5uLShMr3NpFmBDEiJ9X13MLiRBOwEkBloG4D564DhnMa2vCnsCSajV4scS1ewzuHiXcsfKXSw+DkMcgfzV5qmsF3Yurc8j7OePFAxh+vfOX5ihTrQX1689pEcf02Pc72UMTG5/xddaPECrXbPyTis0nLB7lHik8y9X91EVHBvnaM/MGknjpvRd4SAZ4n1Y7y/edzxAxP08w8UWvj2zHQZT6hVQBBXS1VqkdSqBaiZrBBPoZPMZLfye4ogxPCrbCqeShMLm+/H7kgHitcx0xv24Nc8ptRP5a736v/xJZpcUn4epnVV4/I7S7jX99zF8UqAgdbBm0BmGDAk+fp+QeWYzFTL2La0CZjjjNolmJQTB2QtXTPd6tFix3naTyOa3rj9LlRNwk9ejvM319Qny8IjBmx4AomCXjdvi+akiauA+Z2hsrQppHl03zKD5fbPzY99ZCgogNqzwPaQ521tp1zI4WYL3EGLibffHSufgfQkh/NkbEH2SVqRbNuiJO4GA+VXgYHy35s4/8Uz/cdf/Zr9Jtw5lQEHYzmfUpL9nbzUABL9fThCxKRKyyNsHlYOhn4JjC7VTY74zD68zBv13adPI7yUIvARe0Ud4TWkx6LNWa6aQD90RBUXgukHSAaVDc7S4oPqsMM6ATje+YOILXBBk5kjzi6p9uo0XeWUbhrlI6W+g+wvqKcpGn3SkBrJw/0UhdBPQ8RZqPRgO8zzhTklraIDBVtl25iJOmCBZa0QEKjwK3Ua9tgeUK8rJs9AdfgOlEOPqhmUgue++R9zjSSkZ+p4LG8x9QGcGfm+wJXjiLL61SKyWVb7SX7x556wydvc9jSAhGpBMuzNjHQElztI1lsE5CEIW1we/+9eWN5/roTtAvWvNuxd/qaI5zvquSlXKUE3PzyzTSApmTtDgRb1+qAg/iL8NpdcfBc/iCUqwRTNXxCgks4ADcP5MBLeyE+sPVU1Q+/vaTb52JWZhAr7xiqLNH4q36eAgttNljA== C:\Windows\tasks\6c0e75e6-f53f-4d19-b513-977d38468083-4.job - C:\Program Files (x86)\MediaPlayerplus\6c0e75e6-f53f-4d19-b513-977d38468083-4.exe /RrOIqo /NsFtdhi='MediaPlayerplus' /ByWFbYU='C:\Program Files (x86)\MediaPlayerplus\54246.xpi' /dnkdhTGt=54246 /bOggv='001359' /zXLJKw='verticals-ads,pops,shopping' /wMdfKSx='0' /pOOFOj=E038A1DCBA5D4A74B8BA1B378D9EBF51IE /AERMmBHm=9213cc70caa7f9dd3ebea16835622b82 /ZfJuQroE=1_34_04_10 /hPBpF=1.34.4.10 /CyjhlsUyW=1399168076 /qbsnUv=http://stats.clientdemostack.com /scaXKM=http://errors.clientdemostack.com /OpCRcX=300 /qsmHhF=a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com /sqJpzoXwo=0.94 /UwmvIq=aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246 /hAeUSA=https://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54246.rdf /lGQdviMIM='MediaPlayerplus' /sswjmah='MediaPlayerEnhance Extension' /pMalOJf='Freeven' /kxEHS=ch /TkWBtvU /RGdSrk /mhIgRed /zsqXG='http://update.clientdemostack.com/ff_agent_updates/{CAMP_ID}/update.json' /oqeYp='task' /byvMmn='' C:\Windows\tasks\8687928c-fd49-43da-a206-b124ce6b3aa1-3.job - C:\Program Files (x86)\Freeven pro\8687928c-fd49-43da-a206-b124ce6b3aa1-3.exe /ZIANeo=S6kTzrJNpA73Zz+axjDafDfcQqdwiQtANsibjC90U4Ksdw/+oIKPPM6XNVzRkFXbL3vT+EWUETrNgA8VNqPV/ekYwmWw4UOcv4jmhL836ZHAjrx48HJEIrXieMTxtywOu2MxrsoiUoH0s+2jlao+PpbUaE3ie9quqjj5WIodF7xbHEFIB/J2HssXmJy83w6xzkcfH6Ldno/+Ca9gn/2iLkqkLFg5V0BJjEWMjIj41sjU5gDKjZFZvYZTbuVPCjQMS7UFWDr5qbYiXJ/GSIO0/333SsWglf5Efa2j1lrMDT4MHZZeEcDoWCC8ovu+p221oixIMqS/hZ+1uRIglwaYEUyLXggpmEsqGeXkyQkhpjSNm4N7mRpOSRSTz2ElM5CHJeqY+G1uMagqgWZDxDI365bRLrKuyYGYRqMVvHzt0XRGJxFxjWOYINvWAvWajpv5RTPqiqvY0zNbT9sM3JYfF5NJcNhXecKsa2xfxuBTRR+dbQ9Z4kCwyqMjjWUvmWucSNINfLCTzTEk8+2KqyEUZ8FD0UzPuExDEKt9fvU4fdkz3x00gHZRAvCHH6WZNgQF3Kba6RowumggVyILJVPz80NOBWgPMJ7JDuWqeDHtElHFKfqMN5yGaZU94mCaG6uZekfkfptS0yz4G9yqJJRb08ElgOYVa7/c/abJBIXkryMmECyRuzM6OKHGBJgdI6lZ07lqETEbxZsmBfVRU4vccpbodoMZCbN9ZoBhBKH+UJZEHZYZ75AP2+/9KCoYuNtqI4mo+Hrh8UgGzsjuhgeincKvRmR84JxG2+egZ9NWjc5latk4Xgcx7vKam638veu2UdWf5wcNTTV/91zkSrVWazn2RyhU8XuCxY2rFmdyKDmrU7U3eiqz5swMZCecbBWNn0gbD3pDvruXGn96HdkTR1rL8ucgDmUMfBQsMlK6w8RrvmCmKExAFIOOjxjPYt2VVQu7c60qmiv7ZPw49Vi/92yDS7Uvigsbj3terZpVri8E5PcPSAp3e14RQuh3MVR2jeTQPUW2MFQwyiU8QbDzYCRl8Q++9IwzLSeaWb0TOGfF3fgJA+8RDACm+sBDvkDi3dmO2omKb8z/TI6P8BcECVpgtME8Uz6ApicSTuWMgUjO8eonLOdKq0KsSeyPAL77rxgrngZAE/6X+JF/JJbPePh/UB7trY387aeOV3vaeMKtGmv02QCloH4mjz6JfEBZT9RLHtaDvaotgLw7M2h7Mee0s2z0/S6lTocNjDtbCAjy2eJaRHrfX1WRJjEpqxXQ564iZs0R1jcYY6XOvK6AJXaGzkQsL79UYTRKFzrVbNsjyYiQeFs5XlmkonPZj1cnY9vRgi5k8bSediEhskdXRg== C:\Windows\tasks\8687928c-fd49-43da-a206-b124ce6b3aa1-4.job - C:\Program Files (x86)\Freeven pro\8687928c-fd49-43da-a206-b124ce6b3aa1-4.exe /RrOIqo /NsFtdhi='Freeven pro' /ByWFbYU='C:\Program Files (x86)\Freeven pro\54248.xpi' /dnkdhTGt=54248 /bOggv='001360' /zXLJKw='0' /wMdfKSx='0' /pOOFOj=9C65F89F71A54F95AB3A3009B760A63BIE /AERMmBHm=9411141ea3c68611fc4936feee60a373 /ZfJuQroE=1_34_04_10 /hPBpF=1.34.4.10 /CyjhlsUyW=1399168009 /qbsnUv=http://stats.clientdemostack.com /scaXKM=http://errors.clientdemostack.com /OpCRcX=300 /qsmHhF=a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com /sqJpzoXwo=0.94 /UwmvIq=aa0046b9bfdb9497fa4b12a108ad6007a5cdf80b704204bb7b3c0e188e6f4fb8acom54248 /hAeUSA=https://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54248.rdf /lGQdviMIM='Freeven pro' /sswjmah='Feven Shopping Companion' /pMalOJf='Freeven' /kxEHS=ch /TkWBtvU /RGdSrk /mhIgRed /zsqXG='http://update.clientdemostack.com/ff_agent_updates/{CAMP_ID}/update.json' /oqeYp='task' /byvMmn='' C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-924893983-733953751-686250530-1000Core.job - C:\Users\dv7 2250\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-924893983-733953751-686250530-1000UA.job - C:\Users\dv7 2250\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2016-01-29 885152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-03 43520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-12 325408] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2016-01-29 664184] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-12 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-15 1815848] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2009-07-22 450048] "SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-07-21 610872] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-03 171520] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-03-25 21720] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080] "EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent [] "ISUSPM"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2008-10-24 206112] "VeohPlugin"=C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2010-07-06 2634048] "SoMud"=C:\Program Files (x86)\SoMud\somud.exe /bg [] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912] "Google Update"=C:\Users\dv7 2250\AppData\Local\Google\Update\GoogleUpdate.exe [2015-06-06 144200] "Akamai NetSession Interface"=C:\Users\dv7 2250\AppData\Local\Akamai\netsession_win.exe [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304] "HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408] "QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640] "NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-05-12 581480] "UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [] "ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424] "BlackBerryAutoUpdate"=C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [2010-03-10 648536] "RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2009-07-08 236016] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712] "PlusService"=C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [2012-02-27 801792] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-03-27 421736] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208] ""= [] "AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2016-01-29 7021880] "Philips Device Listener"=C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2014-05-04 380416] "fst_nl_39"=C:\Program Files (x86)\fst_nl_39\fst_nl_39.exe [2014-03-24 3982800] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Desktop Manager.lnk - C:\Program Files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe GamersFirst LIVE!.lnk - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe Remote Control.lnk - C:\Program Files (x86)\Conceptronic Multimedia\CTVDIGUSB2 Device Utilities\RTLRCtl.exe TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe C:\Users\dv7 2250\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup CD-MENU.LNK - E:\AutoMenu.exe DesktopWeatherAlerts.lnk - C:\Users\dv7 2250\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe Weather Alerts.lnk - C:\Users\dv7 2250\AppData\Local\WeatherAlerts\WeatherAlerts.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "WallpaperStyle"=2 "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 "SoftwareSASGeneration"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %* .vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2016-01-29 20:15:47 ----D---- C:\rsit 2016-01-29 20:15:47 ----D---- C:\Program Files\trend micro 2016-01-29 13:49:18 ----A---- C:\Windows\system32\aswBoot.exe 2016-01-29 13:49:00 ----A---- C:\Windows\avastSS.scr 2016-01-29 12:27:27 ----D---- C:\Program Files\Common Files\AV 2016-01-29 12:17:26 ----D---- C:\Windows\Minidump ======List of files/folders modified in the last 1 month====== 2016-01-29 20:15:51 ----D---- C:\Windows\Temp 2016-01-29 20:15:47 ----RD---- C:\Program Files 2016-01-29 19:43:38 ----D---- C:\Windows\system32\config 2016-01-29 19:40:18 ----D---- C:\Windows\System32 2016-01-29 19:40:18 ----D---- C:\Windows\inf 2016-01-29 19:40:18 ----A---- C:\Windows\system32\PerfStringBackup.INI 2016-01-29 19:35:03 ----HD---- C:\ProgramData 2016-01-29 19:35:03 ----A---- C:\ProgramData\HPWALog.txt 2016-01-29 15:21:58 ----D---- C:\Windows 2016-01-29 14:21:14 ----D---- C:\Windows\system32\drivers 2016-01-29 14:21:10 ----D---- C:\Windows\system32\drivers\UMDF 2016-01-29 13:50:35 ----D---- C:\Windows\system32\DriverStore 2016-01-29 13:50:35 ----D---- C:\Windows\system32\catroot 2016-01-29 13:49:34 ----D---- C:\Windows\system32\Tasks 2016-01-29 13:21:22 ----D---- C:\Windows\SysWOW64 2016-01-29 13:21:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2016-01-29 12:32:21 ----D---- C:\ProgramData\IePluginService 2016-01-29 12:27:27 ----D---- C:\Program Files\Common Files 2016-01-29 12:27:27 ----D---- C:\Program Files (x86)\Common Files 2016-01-29 12:15:30 ----D---- C:\Program Files (x86)\SupTab ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-01-29 65224] R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-01-29 273784] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2007-05-01 52856] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-09-18 526392] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-01-29 93528] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-29 1065208] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-29 464256] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-22 270912] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-01-29 28656] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-01-29 97648] R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-01-29 155304] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-29 116752] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-08-25 2769400] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712] R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2009-01-09 31744] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2009-07-22 487936] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-15 273456] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2; C:\Windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-04-28 61288] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys [] S3 MotioninJoyUSBFilter;MotioninJoy USB Filter Driver; C:\Windows\system32\DRIVERS\MijUfilt.sys [2009-08-03 15872] S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [] S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2009-10-26 117152] S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2009-10-26 38944] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-26 55144] R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2016-01-29 226440] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 30520] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728] R2 NewPlayerUpdaterService;NewPlayer Updater Service; C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe [2014-04-16 11776] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-06-04 76888] R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2012-06-04 189248] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [2009-07-22 240128] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-27 934760] S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-03-14 36392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 CltMngSvc;Search Protect Service; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-06 144200] S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992] S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2009-07-08 313840] S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2009-07-08 170480] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-29 269504] S3 fsssvc;De service Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-06 144200] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-17 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560] S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2009-07-08 1108464] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-16 1255736] -----------------EOF-----------------