Logfile of random's system information tool 1.10 (written by random/random) Run by François at 2016-08-24 18:03:34 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 162 GB (72%) free of 225 GB Total RAM: 1790 MB (18% free) HijackThis download failed ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService atieclxx C:\Windows\system32\WLANExt.exe 3406816 \??\C:\Windows\system32\conhost.exe "-4954557661331384738-700847422-42463831415862414941804985044383118349-2055091745 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Avira\Antivirus\sched.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe" "C:\Program Files (x86)\Avira\Antivirus\avguard.exe" C:\Windows\System32\svchost.exe -k utcsvc "C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe" "C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE" "C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE" "C:\Program Files (x86)\Acer\Registration\GREGsvc.exe" "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2308 "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000664 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "C:\Windows\PLFSetI.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "C:\Windows\System32\StikyNot.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min ArcCon.ac 131100 0 "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe" "C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost "C:\Users\François\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =========Mozilla firefox========= ProfilePath - C:\Users\François\AppData\Roaming\Mozilla\Firefox\Profiles\aoc6d3ex.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://www.diygokarts.com/engine/car-starter-motor-conversion.html" prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23" prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=" "{C1A2A613-35F1-4FCF-B27F-2840527B6556}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.2.15\coFFAddon\ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 22.0.0.209 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 22.0.0.209 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Program Files (x86)\Mozilla Firefox\components\ Scriptff.dll C:\Program Files (x86)\Mozilla Firefox\plugins\ npdeployJava1.dll C:\Users\François\AppData\Roaming\Mozilla\Firefox\Profiles\aoc6d3ex.default\extensions\ abs@avira.com C:\Users\François\AppData\Roaming\Mozilla\Firefox\Profiles\aoc6d3ex.default\searchplugins\ bing.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton Security\Engine64\22.7.0.76\coIEPlg.dll [2016-05-31 894640] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\coIEPlg.dll [2016-05-31 654512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-23 323584] "mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [] "PLFSetI"=C:\Windows\PLFSetI.exe [2010-06-10 206208] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472] "Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-04-23 861216] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608] "EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512] "beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup [] "EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "ArcSoft MediaImpression Monitor"=C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe [2010-12-15 80448] "ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424] "avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-29 831064] "Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-08-04 67864] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "HideSCAHealth"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2016-08-24 18:03:35 ----D---- C:\Program Files\trend micro 2016-08-24 18:03:34 ----D---- C:\rsit 2016-08-17 17:39:28 ----D---- C:\ProgramData\YTD Video Downloader 2016-08-17 15:53:02 ----A---- C:\Windows\system32\tzres.dll 2016-08-17 15:53:01 ----A---- C:\Windows\SYSWOW64\tzres.dll 2016-08-15 14:57:39 ----D---- C:\Program Files (x86)\Total Uninstaller 2016-08-11 15:47:45 ----A---- C:\Windows\SYSWOW64\schannel.dll 2016-08-11 15:47:45 ----A---- C:\Windows\system32\schannel.dll 2016-08-11 15:47:45 ----A---- C:\Windows\system32\lsasrv.dll 2016-08-11 15:47:44 ----A---- C:\Windows\SYSWOW64\certcli.dll 2016-08-11 15:47:44 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2016-08-11 15:47:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2016-08-11 15:47:44 ----A---- C:\Windows\system32\certcli.dll 2016-08-11 15:47:43 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2016-08-11 15:47:43 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2016-08-11 15:47:43 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2016-08-11 15:47:43 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2016-08-11 15:47:43 ----A---- C:\Windows\system32\wdigest.dll 2016-08-11 15:47:43 ----A---- C:\Windows\system32\TSpkg.dll 2016-08-11 15:47:43 ----A---- C:\Windows\system32\sspicli.dll 2016-08-11 15:47:43 ----A---- C:\Windows\system32\rpcrt4.dll 2016-08-11 15:47:43 ----A---- C:\Windows\system32\rpchttp.dll 2016-08-11 15:47:43 ----A---- C:\Windows\system32\ncrypt.dll 2016-08-11 15:47:43 ----A---- C:\Windows\system32\msv1_0.dll 2016-08-11 15:47:43 ----A---- C:\Windows\system32\kerberos.dll 2016-08-11 15:47:43 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2016-08-11 15:47:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2016-08-11 15:47:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2016-08-11 15:47:42 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2016-08-11 15:47:42 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2016-08-11 15:47:42 ----A---- C:\Windows\SYSWOW64\secur32.dll 2016-08-11 15:47:42 ----A---- C:\Windows\SYSWOW64\rpchttp.dll 2016-08-11 15:47:42 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2016-08-11 15:47:42 ----A---- C:\Windows\SYSWOW64\cryptbase.dll 2016-08-11 15:47:42 ----A---- C:\Windows\SYSWOW64\credssp.dll 2016-08-11 15:47:42 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2016-08-11 15:47:42 ----A---- C:\Windows\system32\sspisrv.dll 2016-08-11 15:47:42 ----A---- C:\Windows\system32\secur32.dll 2016-08-11 15:47:42 ----A---- C:\Windows\system32\lsass.exe 2016-08-11 15:47:42 ----A---- C:\Windows\system32\cryptbase.dll 2016-08-11 15:47:42 ----A---- C:\Windows\system32\credssp.dll 2016-08-11 15:47:42 ----A---- C:\Windows\system32\auditpol.exe 2016-08-11 15:47:41 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2016-08-11 15:47:41 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2016-08-11 15:47:41 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2016-08-11 15:47:41 ----A---- C:\Windows\system32\msobjs.dll 2016-08-11 15:47:41 ----A---- C:\Windows\system32\msaudite.dll 2016-08-11 15:47:41 ----A---- C:\Windows\system32\adtschema.dll 2016-08-11 15:46:59 ----A---- C:\Windows\SYSWOW64\inseng.dll 2016-08-11 15:46:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2016-08-11 15:46:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2016-08-11 15:46:59 ----A---- C:\Windows\system32\iernonce.dll 2016-08-11 15:46:59 ----A---- C:\Windows\system32\ieetwcollector.exe 2016-08-11 15:46:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2016-08-11 15:46:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2016-08-11 15:46:58 ----A---- C:\Windows\system32\ieetwproxystub.dll 2016-08-11 15:46:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2016-08-11 15:46:57 ----A---- C:\Windows\SYSWOW64\occache.dll 2016-08-11 15:46:57 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2016-08-11 15:46:57 ----A---- C:\Windows\system32\inseng.dll 2016-08-11 15:46:57 ----A---- C:\Windows\system32\ie4uinit.exe 2016-08-11 15:46:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2016-08-11 15:46:56 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2016-08-11 15:46:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2016-08-11 15:46:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2016-08-11 15:46:55 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2016-08-11 15:46:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-08-11 15:46:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2016-08-11 15:46:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2016-08-11 15:46:52 ----A---- C:\Windows\system32\occache.dll 2016-08-11 15:46:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2016-08-11 15:46:51 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2016-08-11 15:46:51 ----A---- C:\Windows\SYSWOW64\jscript.dll 2016-08-11 15:46:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2016-08-11 15:46:51 ----A---- C:\Windows\system32\urlmon.dll 2016-08-11 15:46:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2016-08-11 15:46:51 ----A---- C:\Windows\system32\iedkcs32.dll 2016-08-11 15:46:50 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2016-08-11 15:46:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2016-08-11 15:46:50 ----A---- C:\Windows\system32\dxtrans.dll 2016-08-11 15:46:49 ----A---- C:\Windows\SYSWOW64\ieui.dll 2016-08-11 15:46:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2016-08-11 15:46:49 ----A---- C:\Windows\system32\msfeeds.dll 2016-08-11 15:46:48 ----A---- C:\Windows\system32\iesetup.dll 2016-08-11 15:46:48 ----A---- C:\Windows\system32\ieapfltr.dll 2016-08-11 15:46:47 ----A---- C:\Windows\system32\iertutil.dll 2016-08-11 15:46:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll 2016-08-11 15:46:46 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2016-08-11 15:46:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2016-08-11 15:46:46 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2016-08-11 15:46:46 ----A---- C:\Windows\system32\vbscript.dll 2016-08-11 15:46:45 ----A---- C:\Windows\SYSWOW64\wininet.dll 2016-08-11 15:46:45 ----A---- C:\Windows\SYSWOW64\msrating.dll 2016-08-11 15:46:45 ----A---- C:\Windows\system32\jsproxy.dll 2016-08-11 15:46:42 ----A---- C:\Windows\system32\dxtmsft.dll 2016-08-11 15:46:41 ----A---- C:\Windows\system32\ieui.dll 2016-08-11 15:46:41 ----A---- C:\Windows\system32\ieframe.dll 2016-08-11 15:46:40 ----A---- C:\Windows\system32\mshtmlmedia.dll 2016-08-11 15:46:40 ----A---- C:\Windows\system32\mshtmled.dll 2016-08-11 15:46:40 ----A---- C:\Windows\system32\ieUnatt.exe 2016-08-11 15:46:39 ----A---- C:\Windows\system32\webcheck.dll 2016-08-11 15:46:39 ----A---- C:\Windows\system32\jscript9diag.dll 2016-08-11 15:46:39 ----A---- C:\Windows\system32\jscript.dll 2016-08-11 15:46:38 ----A---- C:\Windows\system32\wininet.dll 2016-08-11 15:46:38 ----A---- C:\Windows\system32\jscript9.dll 2016-08-11 15:46:37 ----A---- C:\Windows\system32\MshtmlDac.dll 2016-08-11 15:46:36 ----A---- C:\Windows\system32\msrating.dll 2016-08-11 15:46:36 ----A---- C:\Windows\system32\mshtml.dll 2016-08-11 15:45:56 ----A---- C:\Windows\system32\win32k.sys 2016-08-08 21:52:50 ----A---- C:\Windows\SYSWOW64\shortcut_ex.dat 2016-08-04 21:52:27 ----A---- C:\Windows\SYSWOW64\shoA0E6.tmp 2016-08-02 21:35:11 ----A---- C:\Windows\SYSWOW64\sho5422.tmp 2016-07-21 23:21:38 ----D---- C:\Windows\EOONotify 2016-07-15 13:29:07 ----SHD---- C:\Config.Msi 2016-07-14 22:11:46 ----A---- C:\Windows\system32\win32spl.dll 2016-07-14 22:11:46 ----A---- C:\Windows\system32\localspl.dll 2016-07-14 22:11:45 ----A---- C:\Windows\SYSWOW64\win32spl.dll 2016-07-14 22:11:45 ----A---- C:\Windows\system32\ntprint.dll 2016-07-14 22:11:45 ----A---- C:\Windows\system32\inetpp.dll 2016-07-14 22:11:44 ----A---- C:\Windows\SYSWOW64\ntprint.exe 2016-07-14 22:11:44 ----A---- C:\Windows\SYSWOW64\ntprint.dll 2016-07-14 22:11:44 ----A---- C:\Windows\system32\wpnpinst.exe 2016-07-14 22:11:44 ----A---- C:\Windows\system32\ntprint.exe 2016-07-14 22:11:44 ----A---- C:\Windows\system32\inetppui.dll 2016-07-14 22:09:35 ----A---- C:\Windows\system32\invagent.dll 2016-07-14 22:09:35 ----A---- C:\Windows\system32\generaltel.dll 2016-07-14 22:09:35 ----A---- C:\Windows\system32\devinv.dll 2016-07-14 22:09:35 ----A---- C:\Windows\system32\centel.dll 2016-07-14 22:09:35 ----A---- C:\Windows\system32\appraiser.dll 2016-07-14 22:09:35 ----A---- C:\Windows\system32\aepic.dll 2016-07-14 22:09:35 ----A---- C:\Windows\system32\aeinv.dll 2016-07-14 22:09:34 ----A---- C:\Windows\system32\CompatTelRunner.exe 2016-07-14 22:09:34 ----A---- C:\Windows\system32\acmigration.dll 2016-06-19 12:41:10 ----A---- C:\Windows\SYSWOW64\webio.dll 2016-06-19 12:41:10 ----A---- C:\Windows\system32\webio.dll 2016-06-19 11:17:05 ----A---- C:\Windows\system32\shell32.dll 2016-06-19 11:16:58 ----A---- C:\Windows\explorer.exe 2016-06-19 11:16:57 ----A---- C:\Windows\SYSWOW64\shell32.dll 2016-06-19 11:16:56 ----A---- C:\Windows\SYSWOW64\explorer.exe 2016-06-19 11:16:55 ----A---- C:\Windows\system32\ExplorerFrame.dll 2016-06-19 11:16:53 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll 2016-06-19 11:13:32 ----A---- C:\Windows\system32\atmfd.dll 2016-06-19 11:13:31 ----A---- C:\Windows\SYSWOW64\lpk.dll 2016-06-19 11:13:31 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2016-06-19 11:13:31 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2016-06-19 11:13:31 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2016-06-19 11:13:31 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2016-06-19 11:13:31 ----A---- C:\Windows\system32\lpk.dll 2016-06-19 11:13:31 ----A---- C:\Windows\system32\fontsub.dll 2016-06-19 11:13:31 ----A---- C:\Windows\system32\dciman32.dll 2016-06-19 11:13:31 ----A---- C:\Windows\system32\atmlib.dll 2016-06-19 11:13:09 ----A---- C:\Windows\system32\drivers\srv2.sys 2016-06-19 11:13:09 ----A---- C:\Windows\system32\drivers\srv.sys 2016-06-19 11:13:08 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll 2016-06-19 11:13:08 ----A---- C:\Windows\system32\drivers\srvnet.sys 2016-06-19 11:13:08 ----A---- C:\Windows\system32\drivers\cng.sys 2016-06-19 11:13:08 ----A---- C:\Windows\system32\bcryptprimitives.dll 2016-06-19 11:11:22 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll 2016-06-19 11:11:22 ----A---- C:\Windows\system32\StructuredQuery.dll 2016-06-19 11:11:13 ----A---- C:\Windows\SYSWOW64\winhttp.dll 2016-06-19 11:11:13 ----A---- C:\Windows\system32\ws2_32.dll 2016-06-19 11:11:13 ----A---- C:\Windows\system32\winhttp.dll 2016-06-19 11:11:13 ----A---- C:\Windows\system32\mswsock.dll 2016-06-19 11:11:13 ----A---- C:\Windows\system32\drivers\netbt.sys 2016-06-19 11:11:12 ----A---- C:\Windows\SYSWOW64\mswsock.dll 2016-06-19 11:11:11 ----A---- C:\Windows\SYSWOW64\ws2_32.dll 2016-06-19 11:11:11 ----A---- C:\Windows\SYSWOW64\netbtugc.exe 2016-06-19 11:11:11 ----A---- C:\Windows\system32\netbtugc.exe 2016-06-19 11:10:58 ----A---- C:\Windows\system32\gpsvc.dll 2016-06-19 11:10:57 ----A---- C:\Windows\SYSWOW64\polstore.dll 2016-06-19 11:10:57 ----A---- C:\Windows\SYSWOW64\gpapi.dll 2016-06-19 11:10:57 ----A---- C:\Windows\system32\polstore.dll 2016-06-19 11:10:57 ----A---- C:\Windows\system32\IPSECSVC.DLL 2016-06-19 11:10:57 ----A---- C:\Windows\system32\gpapi.dll 2016-06-19 11:10:56 ----A---- C:\Windows\SYSWOW64\winipsec.dll 2016-06-19 11:10:56 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll 2016-06-19 11:10:56 ----A---- C:\Windows\system32\winipsec.dll 2016-06-19 11:10:56 ----A---- C:\Windows\system32\FwRemoteSvr.dll 2016-06-19 11:10:05 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2016-06-19 11:10:05 ----A---- C:\Windows\system32\gdi32.dll 2016-06-19 10:44:56 ----A---- C:\Windows\system32\msi.dll 2016-06-19 10:44:56 ----A---- C:\Windows\system32\authui.dll 2016-06-19 10:44:55 ----A---- C:\Windows\SYSWOW64\msi.dll 2016-06-19 10:44:55 ----A---- C:\Windows\system32\consent.exe 2016-06-19 10:44:54 ----A---- C:\Windows\SYSWOW64\authui.dll 2016-06-19 10:44:53 ----A---- C:\Windows\system32\appinfo.dll 2016-06-19 10:44:52 ----A---- C:\Windows\SYSWOW64\msiexec.exe 2016-06-19 10:44:52 ----A---- C:\Windows\system32\msihnd.dll 2016-06-19 10:44:52 ----A---- C:\Windows\system32\msiexec.exe 2016-06-19 10:44:48 ----A---- C:\Windows\SYSWOW64\msihnd.dll 2016-06-19 10:44:47 ----A---- C:\Windows\SYSWOW64\msimsg.dll 2016-06-19 10:44:47 ----A---- C:\Windows\system32\msimsg.dll 2016-06-17 22:29:32 ----A---- C:\Windows\SYSWOW64\shoA581.tmp 2016-06-11 22:55:33 ----D---- C:\Program Files\Microsoft Silverlight 2016-06-11 22:55:33 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2016-06-03 21:17:30 ----A---- C:\Windows\SYSWOW64\shoB14A.tmp ======List of files/folders modified in the last 3 months====== 2016-08-24 18:03:35 ----D---- C:\Program Files 2016-08-24 18:03:18 ----D---- C:\Windows\Temp 2016-08-24 14:14:55 ----D---- C:\Windows\system32\config 2016-08-24 13:54:04 ----D---- C:\ProgramData\Package Cache 2016-08-24 13:54:02 ----SHD---- C:\Windows\Installer 2016-08-21 22:50:07 ----D---- C:\Program Files (x86)\Mozilla Firefox 2016-08-20 13:05:13 ----RD---- C:\Program Files (x86) 2016-08-18 13:46:59 ----SHD---- C:\System Volume Information 2016-08-18 13:38:42 ----D---- C:\Windows\winsxs 2016-08-18 13:38:06 ----D---- C:\Windows\SYSWOW64\nl-NL 2016-08-18 13:38:02 ----D---- C:\Windows\SysWOW64 2016-08-18 13:38:02 ----D---- C:\Windows\system32\nl-NL 2016-08-18 13:37:55 ----D---- C:\Windows\System32 2016-08-17 17:48:10 ----D---- C:\Windows\system32\Tasks 2016-08-17 17:48:08 ----D---- C:\Windows\Tasks 2016-08-17 17:39:28 ----HD---- C:\ProgramData 2016-08-14 18:42:10 ----D---- C:\ProgramData\EgisTec IPS 2016-08-14 17:52:10 ----D---- C:\ProgramData\Skype 2016-08-14 17:52:04 ----D---- C:\Program Files (x86)\Common Files 2016-08-14 17:47:31 ----HD---- C:\Program Files (x86)\Temp 2016-08-14 17:47:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2016-08-14 17:47:24 ----D---- C:\Windows 2016-08-14 17:47:20 ----D---- C:\Windows\system32\drivers 2016-08-14 17:47:20 ----D---- C:\Windows\inf 2016-08-14 17:47:13 ----D---- C:\Windows\system32\DriverStore 2016-08-14 17:47:09 ----D---- C:\Windows\system32\catroot 2016-08-12 20:09:26 ----D---- C:\Windows\rescache 2016-08-12 08:36:19 ----D---- C:\Windows\system32\drivers\NSx64 2016-08-12 08:31:39 ----D---- C:\Program Files\Internet Explorer 2016-08-12 08:31:37 ----D---- C:\Windows\SYSWOW64\en-US 2016-08-12 08:31:26 ----D---- C:\Windows\system32\en-US 2016-08-12 08:31:13 ----D---- C:\Program Files (x86)\Internet Explorer 2016-08-12 01:08:31 ----D---- C:\Windows\system32\MRT 2016-08-12 01:01:55 ----AC---- C:\Windows\system32\MRT.exe 2016-08-12 00:58:10 ----D---- C:\Windows\system32\catroot2 2016-07-21 23:21:37 ----SD---- C:\Windows\SYSWOW64\GWX 2016-07-21 23:21:37 ----SD---- C:\Windows\system32\GWX 2016-07-15 19:35:45 ----D---- C:\Windows\Microsoft.NET 2016-07-15 19:34:56 ----RSD---- C:\Windows\assembly 2016-07-15 18:54:03 ----D---- C:\Program Files\Windows Journal 2016-07-15 18:54:01 ----D---- C:\Windows\system32\appraiser 2016-07-15 18:54:00 ----D---- C:\Windows\AppPatch 2016-07-14 17:13:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2016-07-14 17:10:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe 2016-07-12 21:38:41 ----D---- C:\Windows\system32\Macromed 2016-07-12 21:38:21 ----D---- C:\Windows\SYSWOW64\Macromed 2016-07-09 20:03:24 ----D---- C:\Users\François\AppData\Roaming\Skype 2016-06-23 12:31:10 ----D---- C:\Windows\system32\NDF 2016-06-19 11:34:17 ----D---- C:\Windows\system32\wbem 2016-06-19 11:34:11 ----D---- C:\Windows\nl-NL 2016-06-14 09:34:57 ----D---- C:\Windows\Prefetch 2016-05-28 21:31:14 ----D---- C:\Users\François\AppData\Roaming\SoftGrid Client ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 SymEFASI;Symantec Extended File Attributes (SI); C:\Windows\system32\drivers\NSx64\1607000.04C\SYMEFASI64.SYS [2016-06-02 1627352] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-07-29 145984] R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-12-04 28600] R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\BASHDefs\20160213.002\BHDrvx64.sys [2016-02-13 1767664] R1 ccSet_NS;NS Settings Manager; C:\Windows\system32\drivers\NSx64\1607000.04C\ccSetx64.sys [2016-06-02 174328] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2016-01-21 498512] R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\IPSDefs\20160219.001\IDSvia64.sys [2016-01-20 767224] R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NSx64\1607000.04C\SRTSPX64.SYS [2016-06-02 48888] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NSx64\1607000.04C\Ironx64.SYS [2016-06-02 291056] R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NSx64\1607000.04C\SYMNETS.SYS [2016-06-02 567536] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-07-29 171752] R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-06-03 79696] R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-27 6659072] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-27 195584] R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-04-02 3060800] R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2016-08-10 101112] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys [2011-01-18 44672] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-12-02 40448] S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944] S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2016-01-21 157520] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272] S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\VirusDefs\20160219.020\ENG64.SYS [] S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\VirusDefs\20160219.020\EX64.SYS [] S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NSx64\1607000.04C\SRTSP64.SYS [2016-07-20 773368] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-27 202752] R2 AntiVirSchedulerService;Avira Planner; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2016-07-29 472112] R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2016-07-29 472112] R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-08-04 320672] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496] R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400] R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104] S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2016-07-29 989696] S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2016-07-29 1453696] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112] S2 NS;Norton Security; C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\NS.exe [2016-06-17 289080] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14 270016] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-05-08 182768] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-08-02 114688] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-14 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------