Logfile of random's system information tool 1.10 (written by random/random) Run by Eigenaar at 2014-10-13 16:06:10 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 46 GB (38%) free of 122 GB Total RAM: 4000 MB (60% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:06:11, on 13-10-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17280) Boot mode: Normal Running processes: C:\Program Files (x86)\HEMA Fotoservice\dd.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\SupTab\HpUI.exe C:\Program Files (x86)\SupTab\Loader32.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Eigenaar.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1413014485&from=tugs&uid=ST9320325AS_6VDDB5DYXXXX6VDDB5DY R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://astromenda.com/?f=1&a=ast_cmi_14_41_ch&cd=2XzuyEtN2Y1L1QzuzyyEtAzy0EyDyC0A0AtBtAyB0E0B0D0DtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0AtA0F0B0DzyzytG0B0B0AtAtGtA0FtA0FtGyEtC0C0BtGyE0BtAtAtAtCyEyBzy0E0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0CtC0F0CtBzytGtAyBtCtAtGyEtBtA0BtGzytBtC0CtG0B0EyCtB0AtB0ByBzy0E0CyC2Q&cr=215944079&ir= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1413014485&from=tugs&uid=ST9320325AS_6VDDB5DYXXXX6VDDB5DY R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1413014485&from=tugs&uid=ST9320325AS_6VDDB5DYXXXX6VDDB5DY&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1413014485&from=tugs&uid=ST9320325AS_6VDDB5DYXXXX6VDDB5DY&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1413014485&from=tugs&uid=ST9320325AS_6VDDB5DYXXXX6VDDB5DY R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: 62c9ccffad834deab5e0fd5cd3afeb390064969 - {11111111-1111-1111-1111-110611491169} - C:\Program Files (x86)\videos_MediaPlayers_v1.1\videos_MediaPlayers_v1.1-bho.dll O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ConvertAd] C:\Users\Eigenaar\AppData\Local\ConvertAd\ConvertAd.exe O4 - HKLM\..\RunOnce: [VOPackage] C:\Users\Eigenaar\AppData\Roaming\VOPackage\VOPackage.exe /runonce O4 - HKCU\..\Run: [Device Detection] C:\Program Files (x86)\HEMA Fotoservice\dd.exe O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN344160S50602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\Eigenaar\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=0eff570c148247d18320854de0f6c032-d71f132ff842d71721a1d1dbabafc020b3ee1894 /CMPID=1213b O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [BRS] C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe O4 - HKCU\..\RunOnce: [PennyBee] wscript /E:vbscript /B "C:\Users\Eigenaar\AppData\Roaming\PennyBee\UpdateProc\bkup.dat" O4 - HKCU\..\RunOnce: [WSE_Astromenda] wscript /E:vbscript /B "C:\Users\Eigenaar\AppData\Roaming\WSE_Astromenda\UpdateProc\bkup.dat" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: StormWatch.lnk = C:\Users\Eigenaar\AppData\Local\StormWatch\StormWatch.exe O4 - Startup: StormWatchApp.lnk = C:\Users\Eigenaar\AppData\Local\StormWatch\StormWatchApp.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FastPlayer Updater Service (FastPlayerUpdaterService) - Unknown owner - C:\Program Files (x86)\FastPlayer\FastPlayerUpdaterService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PennyBee service (PennyBee) - Unknown owner - C:\Program Files (x86)\PennyBee\PennyBee.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: scores - Unknown owner - C:\Windows\score.exe O23 - Service: VO Service component (servervo) - Unknown owner - C:\Users\Eigenaar\AppData\Roaming\VOPackage\VOsrv.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17650 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService "C:\Windows\system32\FBAgent.exe" C:\Windows\system32\WLANExt.exe 3759280 \??\C:\Windows\system32\conhost.exe "-35837471120171203271951006962-1824979397972420251-483422473-864424401-1140311404 "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "taskhost.exe" "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\HEMA Fotoservice\dd.exe" "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN344160S50602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1 C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" taskeng.exe {7ABBE837-2C23-469B-9C8D-6B2A409F66CA} taskeng.exe {1FE24866-A581-403D-BB8A-14539E105F6F} "C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" "C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "C:\Program Files\P4G\BatteryLife.exe" "C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" WLIDSvcM.exe 2784 "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" \??\C:\Windows\system32\conhost.exe "2091675320459186576-8955756548986592207862135871855864267-1936118297-62766421 "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup "C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" "taskhost.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\PennyBee\PennyBee.exe" "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" C:\Windows\score.exe "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll",ENT "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll",ENT taskeng.exe {046CA573-A38D-461D-9D5C-F59208389C3A} C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service C:\ProgramData\IePluginServices\PluginService.exe -service "C:\Program Files (x86)\videos_MediaPlayers_v1.1\df42e615-93d4-4aae-b66b-b8dcf690b9e3.exe" /agentregpath='videos_MediaPlayers_v1.1' /appid=64969 /srcid='002082' /subid='verticals-Ads,Intext,Shopping' /zdata='0' /bic=456916052A2B4C8C822F4EE0586BC11EIE /verifier=d87e4d494351b89824be826d526c4971 /installerversion=1_35_09_29 /installationtime=1413014536 /statsdomain=http://stats.newdemoonlinecloud.com /errorsdomain=http://errors.newdemoonlinecloud.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,184-0 /monetizationdomain=http://logs.newdemoonlinecloud.com "C:\Program Files (x86)\PennyBee\PennyBeeW.exe" service "C:\Program Files (x86)\PennyBee\PennyBee.exe" "C:\Program Files (x86)\SupTab\HpUI.exe" -run "C:\Program Files (x86)\SupTab\Loader64.exe" "C:\Program Files (x86)\SupTab\Loader32.exe" C:\Windows\SysWOW64\ACEngSvr.exe -Embedding C:\Windows\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://www.pc-helpforum.be/f201/startpagina-verandert-steeds-omega-plus-71473/" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5748.0.153523480\1702969631" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2430 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="5748.1.76431629\237246861" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5748.4.977746716\1680508947" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt "C:\Program Files (x86)\videos_MediaPlayers_v1.1\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-6.exe" /rawdata=SktiLcoIYcz+JAoClZMnr6gK5QS+zmzvBkR1U/l6SQcfo6Tx9jzjvgzJbc0msZL5yvghqzBsdLK82jXTYwK+ALTMxJWXRvoU3AEtVnYFSl4UqvCF5aPfAmxWjO4LbmbIUWF6oIQTI9m1G0cryrj9DawF/KPF50MTq1UhJ1lRd0N6ITcxcBmk1wFf5ZcRI42kk8oG9JltLaWtahaIPD5A/OxW11xl3w8gIkWyDKgn5QxthPmZty2jTp64CUF8nR+S998pONyESzzJkUQ0fgXgOshxrLEGTbYABq334aRENVdPw+/RMI38vNmSFjVgSiv8B3zM495uTxVbaeS5j7f9R5h3LGHitOvP7lSmlzDC2wsMgnF8APjWPzA65JXHG2Fm7GvPSlO/Y4itnj/MyQpSD2uBnsQnI/Eu500SlRRybtaRzmgr65PoUlOxden0+7npqHyKXFVrilfoVmuIPFwPEjPf+1WhBTidBmeLEO+zvNYDN7THEjyLrTryQUcGEhxkk6Evv/fOEmFsQEe+pTWVNdnXXfWjd+eTOVRYP4CKPB7HV+fuGpsiw//3dnhkBk5j+2TQ5D9k/4gofCcAoKvrgQCBStSeE2H+BvP6lafM/54eR7APPaKfS0I3z+1UYpk4GUftI3xyyquCR1IxCQ4HBL7JGln82tLe2bdg9jPkJjKjO4O49jE/+5gvd+oLmFcuSIPxv6CSXAZDtHxNwSd0GibSV9LJtIwaOzFtj9Zze6XgxUQYCSR6fBQTA25mZI733jVGqSYoSjF07IJTCGhVdmV2hjDKJ8SkwhmVLXDhLut1UIyoLw3zVtAigRQR7gHD7QbdUfqK/UGeB4bH4hg6/CBFcJHxby2RrORKbQODimRO3gxbrQIDiXdOgAG2kXSDS585mRBun2Bmr4lm3+94/7kZ/kQ/3R1zT0Vpk2oMmC0wRpLyniPWH84m2tITtcvhaZ+gsr0618H6eqmpF49oVaqWO2jNlxnU2DIu2Qu4fUWBH5FiN6wUCIPa2cEM4ClsRH4LVhfV6rzjVCLTF67BshgeNz1YH8MguNs5i4YWpp2rVNOc1muUq9Bjy+TAyIVDXh0/vEvrIG3kYo6njCyaI0V1IQUYJshBaNddS2FpcQkWqwiLLcxmeZKK4nKn6ZKCPfSPUnOD2M07PMLoUFa62RRm8XHQNiDZkSSij0T8td0/NBsjDCN+lgOtQQdF3zFVAxJnfi4xkaNFL8HAEJ1OjOC7O0jNRjDjeSC9BacGnHZSI+jlGwWM8F70u679n7dXBwvwaQr7YZyipMVh6VnGddhR6nzJFIo3gHh6W2Da938Cj+huEdsO56nGQ5CusVR86PhDNpXtYB5C4D1gPrZ21oI4Q35N6s/gANKHxrksjArHzE3TD4NBOhm5yKQTmSkOgdf4+oVgJYDqbUr6JPmk4MlCyabi1xheXyeQ4kS+tCFlmeTpHkb3pYRTVlilgbmnvozPl0EcGaaLsVAKRwJZy6RHiudBBk3u91cLnLM8e0/YQXw2oG19Py4EPGW3XmVZBcfzfbnwChhtumj6ZUtPjI21ljr3VGWU44LGaliOrtNAWJ6yw37Icd/pl1pMFqtb8PdjdgxRNNlDwxhbYFt8vWWYf2/WzYVH9ExwJ3b1u/BUt0iVar1sLZ/W2I5aVjwhwmHObqIlsdaDzj+iS9opjkRPJl3OhHMYiljuvCPi10zBgdVXAeCV5Ls5Td8WwcTsUtN46ZoPUJk147V5e2LaLSnjnORIDgMucDK/fQTMZ20GKTAbmCJIUJggYsFRTAs4YqjDLz85gHTc6gnFjFFdqqJB95dkXXwjukNxQKlu4hftQ4gSy7Yx/m9jqQ7+P7Z1b/PPxdKr/vQMYL8vBkVyCg== "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe97_ Global\UsGthrCtrlFltPipeMssGthrPipe97 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} "C:\Users\Eigenaar\Downloads\RSITx64 (4).exe" ======Scheduled tasks folder====== C:\Windows\tasks\5fe040fd-831c-4a07-8462-85e30c7a4eee.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\5fe040fd-831c-4a07-8462-85e30c7a4eee.exe 002082 456916052A2B4C8C822F4EE0586BC11EIE 64969 1413014536 93-0,102-0,104-0,184-0 videos_MediaPlayers_v1.1 C:\Windows\tasks\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-1.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\videos_MediaPlayers_v1.1-codedownloader.exe /rawdata=VZ/ZMCPg+2eQCrDvcd06TNCnpEkDqYsacYTe767wJInbETntDSmC7eIjOlaek3EuIF8+LGULACARgXgY9Nj/Te+IovRH1FObiNkCrxo5VXdBcf2tqqv6wyZirBSmTFp+xTu4ZDAglstmQ8Xeb1H3t05jPYjYq9qZyfPuM36DU0xKhJ5Xoz4kpvzQxMAbgYOekkPx5NlsStElb1V8fVYDDr0L7YtVDETFpd6ayeTp981yyzXcnLbZYRYF9UUva/rGKrjnUSVGR8iB99hw01HyEvZONtKq4KQfRE/Ilo3NVF5/wEMlf4y6xJOWGiWRjE7z2baVVPm2wC5LYyB0Aw+mZxMARoZhecBLMTOIfujzuBkTxv3f2vbjT7kPhFGSYDC7hC+CZff65+AqAIsxaE85lfSHJ4IK1pN2j06qMD2oY2hoVqXHBO8tSL+8iN7ZJ07uiL6ICVU3Nec7igSkYsNozCY/9DZi47vCMoZkLjjNUDKFs9Ya52KsKd5K3ba18WnmhRdsVHxlo32iGXPP17FVDmuVjtYnwJbBsjYZ7mZEaGu195ThflU3CHylhlYogBySEA9GAYKt8NR/RqSIGsK8KWcf+5QDhaNKWZDOI+peF0+9qJ0v2e9YrU2l9sq9xOS5vJ5tmcVeDup5ii0fB+ot/wyfHMzRTBtbfFOvd2kzpah36BSkmEdw8ecsImnRo8d0InfJ6MQ6ZBW402dYMDXTDXbYDXlvDq5JrIykaTzTtZMh/lmAb/n5CrNK3pz51Z2lAevOb8XqoCP17emY+7veatsSxlroSDDDE6YlSNPNJ0VTD9CBRLomSP7G+SlefiwLvu7gwbbFFsB+95pcSeECBnll1jKx8kaz8bow43ADoGl5w7Zl1yF+H4ycDAqGtP5+UzW5CCep4BTd9SJqwfbtQfrpW9ju8OVyNAaBp6PuMYpBOj+TuzjmgSe8W8Vp3V+1p10kOEG4VSkEZftw/DXCYoSN9VbiZ/j89JGwyBFiOT/oRWIK/q5+VJWlUGUpucAQRSfG/6alZA5/+UX8Qcv23YgQldbUQMrGXudbrrY/skVBZFMDtZFw72lk60XN3N+xUEwui7JzO0uUcEf/LUsZ/hjsTDJ0I5/wpSVojbzdUi2+mMQ0fQRkX7RfiqGrSTbqrBMRlCztFOR5I4OnDb4Y84G415OO8v2fCDCvHbiM38RfqbJ3Weleunfn5aHg/5+v1PQ3OFEpLzbfCnNJfzPWCf0R5hAe2wLJ4UtwbYBIfd3hq3vXOn+JWjs/XICNI9nhgNKf4bd6p8IaAqruAc89IABFLpMbB4BKtvwyqxhOowEUJwP13DQ/jb/+Ws9rs33czn3Taa92UzmxzI1EQ5anZm7DRYv1f0Knlsst96l351zvelGypofCZwbd0DVrAGWLOEdNA28gKaDkrOkI/SSiQsA05UREYZkBP4696b1JAnOEo5iyjlJ578WagkgWajhfOv32peNoe0Czn3X6HzA8mfFc6WQGvuR1S9F8fzKJMCEMZ8ibmFAjLShW5URXHFWH C:\Windows\tasks\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-11.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-11.exe /rawdata=g1k5wRZl/0vqw6QSz3LylNRSVPQXlDWYUO92b09ltXhKlG12JnmQRD8OsZWmyQJWATr273pmWP6ySx8fYB9pN52kAdJu9Df/Uxr2E7pgtbjHWjNf0JHrnqFP7moeisJ42V2cMW4EFsJ2ri3lM7svMWnfXyKWBMsETsXe89g7uwqtrW7XVfXMiJOLKGgkmyLe0mJa5LGOXy6U8h8Yzzzk6kn1C/8ExBwHyf2pEIaCIxMI3awsXph5CJF527EjVHia8tLlqe2TaWxEpMz6JnKtae/0fVhdl5ftEUYOQlo8/VCu0kQL5E54voTcbAdmSA38VUY1id2jMVH7qlakjZ4E+RdbqSaN799Fip/Cvxb0uzf/w3gd68hwXE2PdJiHudCtW+0LWeHthyijh2Uv0fZGH0ujmIX5S71dNEW8OWiFpkBQAVgaBJHvuHvipdoOQXJxVVsDYskuN7DOMS0YifqIeW/1IE2l5+J0sXjBg+OzvyBl6+Ld/jpI5tutFjZlYfT6dkaAymG2oK+KCv1Hc1PAG2Awu/obxAx8Xg/nNYHqDVC7ACwQFjCzAgl0SMuX83nF6t1v3aWVijVRd35iHxVCstcNssDU7oJQJepQyPeBPKbELi7EmPk/dInYp2kJ/iUaonWJBDfU5tfHkMSfjRS4pOIlGZrLL4JcTUAoLm2qGPCsyLWA+1BkZEtMFzX0bY3GOgqpTJAMA6ZMsyU+WQAuYtccAzVwD9LsgAvv0Y2WUMJ356wcKSUtANeyq4tqMJ+gkYDJxJlHbfrgEike2E3gTVe2c8ffqIQrc8pOaaO86G5irAYuzhicXAVkGLCJNm439onVeDdLcDEHYFS4tiTn7TfFq37Pmblp41PjzuzK8Kg1JFhkWqip8EMUt2oavSK6OokF0Z172ChdxcqYydmYszntRC5eP1FU2xMBHL5iM5I7ZBN42iWrjFx8iCwoqu+LQ1NvqXVUqD+GNkCyd/kdmUlmjML3tGESXwoHIeVLTDChPBKlXWFPYp8xNVFLECurTVWBgAitDRLnkRaqhuWgkyfuwlag0cijuYXfqwAPBmduRrQK+N0D0mIFVaRV60w/dDy6PKTamtl9xcvSLB+sPWa1wfjO8rnvyw7ij5CletRsYs1CvvsRphBBb63pmxIs/xkQbttjwiOGiX2kOiLF3lrNv2kkLSqzh5ONVKNpD4fCIIpdP0us2OqRmQdqBrsyvrYjKTYDqGQR93U6hAOAH752iX2tbMp0Avad1AmaehmZ7pFSfbtb57lynXbJyYZk6QAsxvPcSEVIMTY9bCwmKjppH9bmDr+xTH2H7OGK2l7Hwa2+fb07Q2DQPdw4AG7ekB794whiz1SWnChvTRb+G1f2c76M0IPGCO7p6luk9PgE1O2Bdw2cctS/DrfLUnDGmsCGoPqsSCcyLCemk5XKgzxAl4Frl4G7lhBOWDAhCf+q1osm2lEB1iWdC1fF1x7ApjWF7o9v6Zgs2D9If2B/wUvYh+PGT2yMWyjA1ZpnNUArH4dsnXUmeGI0h4G0gakxYNVpUpNEZAL9R/RTIMkWjn25MkGnE8v1vwqm9zQHaRGszv/W0umpP3QBe/nTTzTy9uglNazAXknwz4IRu3WKXbT0RPA1ih6XUdqFzE7aSyZg8AFAth1tLsoZuBUeNq9QCMm3FSLwxi38I81RXpBlOZOE+N3ijOsb8YZE326Ob4Kd+vIDxVxneznkyiAPgccJyNOsR1vb3xN9xUyghRDU7dNCqPi/wTtImbuTgxe1XeKs31C7dMhduI3mXP6LxBU7HpLNqAan1JJRrSmoOS2hqCiaRvJCm630FouSXpJ4QIksexk1CrjubsL9RCpgAGnRcPnXE54XNRV++WTHfSirrZKlyHhaS8il+6TFpYJLFqnUrxyC44POJN5AkzF/srpcKBJdaso4/+/bKlxE6Q+ENW+EZ4hfdi2ojgDFIYmBoWKiaM/X2rQBhtRWmdUNi0RsOvUHcchAJPGkaol+8BTypxpZiVegiHDyopD0/5Eotg34oQ8oCfbNPC12rKzEx+zGGMbfM9dGFcz1OBJyhkb7GumJJxi+FBKV9bQvMzJWYrGvjW6dUFK5itylOswq8f9B+jWk7+OOPA6K/pq7EDNBtWRVW47PRGqBgThkgxp4KaLcWuws88jVNMID7toQgOnrrDGA2ZGpvT/Qz+pcWNg/c9vdBk4oKQxti/qMGOdh08yoBDLVFJKCG5stSPIMyYZF9vY28ZPBCfkpmofcyZKlMrzMd6TB+Wj2cNFPXL4vN1FddLeuQGd4I8UNe9VH59/GamkHZYhL55Be1HodBG1p/TBNBx3bzCNK6a52HexlCJsyVEkeHoRbvGA1h61P0K5aUcfTJYkunZfVfqMDxTJIpA== C:\Windows\tasks\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-2.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-2.exe /rawdata=hMWr3Brwt/pCH/8oFMqxDf14ZUxMUTTnzsSj4fHi1NNqpuBdBkbByBlx0s2GFs5WiGfkjOP9ZhJ5D6oHJPJMr8HBVuHLkZtIQWOBM6yZ1afzNw+8bAVSoIA8obWmIjBNZcb7iEaGymQB78UnBIBbbGsnvO8T/8Olf7FjaeTeawZLAAvntwR5qmFIdR3oUlvxi+qLnKAEXbJ4OpLNpj+0wR4P/wHIIbvz55DGNX2XGkfbxo97mHX36sPyQufG4VpPtTyoTwFDGdYHj0VO3W+U2o+rckf7uHa0HV+Wp1CnRWQDkS15FHNbadAP+OHV4YZhRlHxYMadQWZTy5VBQaLdZDljE9csqaKUfG9P9pcWwtZ2N1T7sbZTAnE/Fd0ElT/OXo4RZHFk9A6JqdUZkw848ftGZlWm5ujewX3hK0E85kpMGR3/7lCywtdWyqB4OAF9XQPuwMTVXvrVu/qr9Zmvkjty029pCHIXzz4ZqykTbr2IEyA3wrOCBLR07H5FeMfRL+5SK0tv2lJpiPaQdQhCFds/I8mYQ3WNqBflrsBVlKUAzHzxM9ELIGzto710boNMe7gS0g4MJKmCLlGqyaLiJjq4g6aOPM5xf9o+BqBHQg90lg5+ui2nkqJsb/EUa4wI9zviw/9yYovGNvSROT9FCftEM8ytL73+0neGjQfii/YdS+xD9zqmmV3sMzDDNuKR0VCuD2xJjC6Gpj5uCFB6xIi1sZumX6b1FaRgQEi5FeyfyMJjE0hnTr/Sp88jMAJzo7Toqguiui3gPbfWa1/T5mWlIrI+iFc11c5E3vgS0PWE88Q+sgMrf1OcXCFmTweJ34yShnM/jUrLPKa59v86IA== C:\Windows\tasks\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-3.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-3.exe /rawdata=Ote16nLl3+PE25dD8KUc2VF4DuX03fGn5PLc6JjLxkzHgkQImKvsrpnR9t9NZanuYZRejL9UqLmqe7jNgishZ65+U4r7/0N1ZBQOVCywt/Sp+CasHVZkZjECHwbNH+ipiiK/Fe6nQWUEvb7WJZ7PBD9lPE2tSpKn4kEBfQVhlpUW/2+MvkcBUkfd+Kw6UZ9leg2ArLC3QrPspq6WDD/E95RVecGdN5S1zysLl4PmVqNfdBtmjpiWAr/wW2lSzjNE9OEQbZ0xABof+STC8mxlV+EOs+GhvEMikRTydg5ZBYyDWxEMzGOjX6C/iRfbOHDgfFFJtaZaQLUpV4R38QdRwF2LFh62PL1i9ntElGOMI0yMfX6yu9146zod5MGLDhHZIm7vpjjTT9q7I46iZWd3RVcFX303NvQfmmq5cA4pHq5HlgM1zFQ9CWo6DtWFoAZFI6V8Lf1W5z2ZOixOSdNE3tpo1nwn/YVwJ962d87hygbCVcWTwBizaTeruS5a/Oe4IyMIbyHeDOvfa5gmPAi+VCswwvSDHNWBaMC8sEZ4dQN56iYQEqLrJJ+kyxjXHdqbLEEfCJADlWrkWs0FS5qM6SdBTEWIiNch9RVKVKzu6xyorjgcTq+owEeW5hBpi2EYlAgpb3Ub9ETszN5vaqzqRDbm9N0DI4XlvmS6b9V1Ja6PKMzKsuF8MVf63XTuw/RAHeimf+d0sZQPLse9897CV+laZJ5cFFeYI7F9RrhnhQUTukvyDPPqSjGKPl6lxoFB2dVHIU0yr/ueea8cIyCUzPJFtrtVoOgPnkcopx18/f9yHV5arIkplJtsMxPulXnqDh0Td5kq40/knGc471EGw3ll1jKx8kaz8bow43ADoGl5w7Zl1yF+H4ycDAqGtP5+UzW5CCep4BTd9SJqwfbtQfrpW9ju8OVyNAaBp6PuMYpBOj+TuzjmgSe8W8Vp3V+1p10kOEG4VSkEZftw/DXCYoSN9VbiZ/j89JGwyBFiOT/oRWIK/q5+VJWlUGUpucAQRSfG/6alZA5/+UX8Qcv23YgQldbUQMrGXudbrrY/skVBZFMDtZFw72lk60XN3N+xUEwui7JzO0uUcEf/LUsZ/hjsTDJ0I5/wpSVojbzdUi2+mMQ0fQRkX7RfiqGrSTbqrBMRlCztFOR5I4OnDb4Y84G415OO8v2fCDCvHbiM38S0IrsGfTGf6m53IEYv5W0TzCsgiUB4wkUhHEDOJztfRykgcSxvrPJXGcEYTT5BGBYXL6Kuh8Tbg32ya5IObMCDWdWKtA9XObQ7mduU+l/ig8SwzmLbPSUNhbQSo1Rqs/4+t2Vy7+HP9lr3w/QMahnCq6RnlDUgFVDVfbZiKo66jVxR5ewWlXcGGUn/3qHAdE56Xxgh62V/8eMw5j/VM2X4Y57nZPODTJj/eyHVLAepGeOkovqWYXFlPl9rwWXA0Lrk1t55g5+ewGRTu4grl8Be1qqdIi54UoZtnudOXg3uhgjU1Ma1qSovij862nDcE97bGB7ngmiSn1Jq5G1uK62hbMIyRmFik3x1vGJscadbKPATt6Qemqtk/c9kiDqS6jOH3/nN25ZR0rfqas2VDRMDfUDdM06z1rfGi9Wpp6cNMxe9zh0Ls3fXLwPYR4vr46KkK3Q6jrmcHWh86s/GA5xBJ27i/Le0nvRDpIkt7Hz7+kS1av1i15KAX1gprlBXL64= C:\Windows\tasks\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-4.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-4.exe /rawdata=Vnaoa9vmoWYt0K4H1EG9pk9w2CSQ70lpUsTAXxsAjChMPcvdVC3TRSnzt5xd5JQ45yJEpd2jYou59fnwfps4lv8eR/ONLh+YEgfDzFVk/LjImIL0Tpv9RXWyqNSbcaSegbBhxia3+ebZZ6KxrLF7kzM6IEZHg67pot7aYy57HzUAm2CBhfReuSHNcPbaHLKNnB1yJftuVzyylYd0vHIaL1ynK2FTCKnD5A1H8vQn75NV7g1pjBPKLA/785kEoI3dHHYEM3Bp9JGMMqU2FUupvW8Q77Dg6LtclI+ppJUyAKavDz7wxzN8QfpIricPOKFdAy6Qc40ElLGqqXRDQkc5JmK/OdCgg1Nyx5t7KydiI3p6lHojcJpYaZ0bfDAsbds8t7N/fRc1yEMyIt2vwxKSbb3IfcuKhDCg4yK7VgwaUJPZx8Y0b5XpkJmcAj1Jg2DeruMC6PA1x961WdMQTpqdUdkNgTWX/pGmUxTcNHVN+hoNGmhTWy1TrtVFd62zXq7oi0fVLBEXJdwigwrBzj/CMagSOygBm/OvojhNtObFsUfm3TxP3AbEjzfLFRmcheDNgx08mmCVQiCOHgMA2P+1TK75vpKIN2pvB9WBulWv81sjuMepMOSHd1rSm4rfTjlm3VSRLas5uvHKqfjTxkzjhJCxI4m/waVX4a0CC6wjPviUOcu3diCW6iLPUV2Y4tbIjW42mdA2zRhSWFWp1KJQUiTJAoBQ6izvZJGDLsDSu4acL7xJE2W0QKDj3YlQ0HLkbdgxf0PO/AJgEUSsGZ3C8kv0lUQ3UMtRQdCQkW2oD17MVmIETZ0/9e+qPYv7lVXPesgWRd7Hzqf8VTi72DcVlm9kVx0hAd8KKrDiz8HWzC3C3tE34Q1JlbWAhk/6+FbfrmumCSjBGbwh+zi46un1Z9zU4ND+A0rCJiBfsKy8vcxFXaPTjByqOIZm7e2/rkFYlqOfPpNC/92teX81tNeGHk9B5mXAxGFe4QEzP3sYMJg3xs4JqspKwagOD6phVEyPi1BG93ofofVpQ+6CjctpS1/DN3zbdvzqzACd5qfOc4+fpIEmvQ/AUO7VoqziiAZ8aiW/CoewQ33wiNboH32DJDYvUJe3Wmar1OCdFN8VwJPt37W2j8lbNGEa+qJJMCzWOV0ySldVEN8+8XgQPmm7Xsnmb03k714xiV9Bg4a+opum8NTrdKNk00P7IvE3kP8oGRUX6+OCNaBmSJOQz9uoNATwYn1TZjzN2qrm0FoaaK7YJKSOqy9A9AT6n0FmHPs0kfX6WhJOFKg8k/nuCVVIXdhMfOjg59b5jwjnV2NsM/dsneDtjLvptfEykSffXU+z1sV3NRJOPMd0z3Y2aH1I7gbuOGeATX6VtorGEntyTmDeidmQSkza7OOL53rI1DMgjMu7+sjiGb11NxMZOkLrTZPfe3+t6dZX9lKGm5Qsn4MaGoMeu3IbH1NHPbpb+JoZb2VFi9bVhuGXLcxakn1tZv8VLKEDhvt5WeRA4ivSfj/PTyw6JTg95yu0bIVOx6+6KNp7HwnL15IdOHJizPbpkeWF/i/psasbUIwoD7n3aztWZqSOMt0KnRV619pDAvuWC/pfCFrhO27WrEifPCdzdi358zvsqF9lfCiPdxA2HnEvPkzT97kUAEz1rhW2eenu0BCI9LZckIcsLPMZSd3TYHf/a99txiGjCBg8MGEpDw0nUhfbyXmr51gAU5HQ9JlQwA6HiqSW/btBaxuZVaxqu+6HH/yxpr8tIuBxDKSL3epHzQ11dPfTdRPlljh8+J88n0sqTIi/ZM8cBGIetgsN1PU7QT3gUDxcwyqwZc0+ID6Yg7q/jc8iUZ9KlpCyGSX6ZrMwWjDNnMMQ2mYGA1N3hpW7FCCofXaIsxyxw2Q7HXbggiLPJju1+ZkTXdnOYaMEP2btekJV4BxQ74O8mgWlkcUcPIJIYEXNHpNu2vJI21agrgXOl0nMCalqGRMnamxlo+6Ja2TztD54FvOJa2prih7/rqMgoOv4H8oVnvJoVJ9Fx/X7zfW+KP/ur2ry40AG C:\Windows\tasks\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-5.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-5.exe /rawdata=Q0RTCT7WGvmAkiGiStKIEwi5FT8jY0vv2tTqQh9D3UC9cI/tkuJE3ePpkkJlGpXlBN5q6DeimuAqzWEhs+mc0bRXOrxAjhthJ597ar/Cm/NXXC0HKz0JB7nWa05nQ8TP97v37LFN00myPzGhYit/44e23R2eidfr0y2uIxBWHzJB2gC3X+ettz2p7ZAENc1TSkQo89tT8dCSAuOgfRbN7O901zGwl3BVhxIRNTR1gl3qtz7/rg6qbf8nK+RgjgmZE+JLmHJPwQ9yVHFr88d4qKHmU7gcoO5GIql8vboC9MsUo5USKXTt4DZ5Oj2QDl0VVHn+jdVS7WlJgrFs3el70qej3X8D+8zjJsbuInMfJZVPaBBdixakpO/74UB4Pe4yZ9UFs7xxxOCRKb5kjKbktDXbmfpb+FNgxSY0vBl7vOdB+Qv37/d6y7fnb6dGJjw+2kWV2ABfsOwiXydk3RXnPM+n/9fqYhaqwoHw5piCOjT/BiWD8v6kjtLW/Zvtz6xAdUCzgptOFl4uTOscznfLnHlnyGAxvJeuDWMBoZ7OUNjtC/4eBFAuH3QOh6P60C6K+nHZ3Kp0AEBLf/lxDAmGRLw2aI/a8EvaaQnjlEvlOMdnkdWyAefWZTt9g/GnDwT0GSiHX8oFMWGviLHMaZ3XjgmONvQj1brXE6qlLQe2oTUCL+zqCYlVybe/IDURf25HgPgx7FrVwOZNlPdAYy1ouNAnwVfHigVdPOc1BHYT8A64UNLwpdcfcSTPOKmAlgdeW/aL4stdBz4aeSkxiLe+54iruqVF6XE3opCfijH9kONhSnli5atIOFzLIOkgsikMouFhYZuseAnjo7PpQt8iJagxk/5o11ivV6EdpU687mTQxz90P9B2T5mghkgCA/wm39KRByKes9f0GIbWxDguTrM45gey+5AnAxDLFTt6wqLhijRLftgrQv1rr3JPJpS3WF6OpMzyfYqxBDf/CGoEdPQWMtjocOBRzVt+2C+Xon4YeJw7UiHW70iDLtX3vfdQ C:\Windows\tasks\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-5_user.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-5.exe /rawdata=Q0RTCT7WGvmAkiGiStKIEwi5FT8jY0vv2tTqQh9D3UC9cI/tkuJE3ePpkkJlGpXlBN5q6DeimuAqzWEhs+mc0bRXOrxAjhthJ597ar/Cm/NXXC0HKz0JB7nWa05nQ8TP97v37LFN00myPzGhYit/44e23R2eidfr0y2uIxBWHzJB2gC3X+ettz2p7ZAENc1TSkQo89tT8dCSAuOgfRbN7O901zGwl3BVhxIRNTR1gl3qtz7/rg6qbf8nK+RgjgmZE+JLmHJPwQ9yVHFr88d4qKHmU7gcoO5GIql8vboC9MsUo5USKXTt4DZ5Oj2QDl0VVHn+jdVS7WlJgrFs3el70qej3X8D+8zjJsbuInMfJZVPaBBdixakpO/74UB4Pe4yZ9UFs7xxxOCRKb5kjKbktDXbmfpb+FNgxSY0vBl7vOdB+Qv37/d6y7fnb6dGJjw+2kWV2ABfsOwiXydk3RXnPM+n/9fqYhaqwoHw5piCOjT/BiWD8v6kjtLW/Zvtz6xAdUCzgptOFl4uTOscznfLnHlnyGAxvJeuDWMBoZ7OUNjtC/4eBFAuH3QOh6P60C6K+nHZ3Kp0AEBLf/lxDAmGRLw2aI/a8EvaaQnjlEvlOMdnkdWyAefWZTt9g/GnDwT0GSiHX8oFMWGviLHMaZ3XjgmONvQj1brXE6qlLQe2oTUCL+zqCYlVybe/IDURf25HgPgx7FrVwOZNlPdAYy1ouNAnwVfHigVdPOc1BHYT8A64UNLwpdcfcSTPOKmAlgdeW/aL4stdBz4aeSkxiLe+54iruqVF6XE3opCfijH9kONhSnli5atIOFzLIOkgsikMouFhYZuseAnjo7PpQt8iJRAB3kGBstjqkRaPnduA1hcSmI5AdHDkmXvKJmegB++4NXCvCQ5fvR5ofoHxR44VGg/d3zUuTlWIJzvIo7vKbJROa4AfZ7lU65vsnJHNijT064u2eKG8o1rEhFB+nBZCQT02swYwRCjJ2kL8//NyeYZE6UAD2iM5xAF00B7cutKRQPm/8V2jcgYrCsCjN1+KYe1xsHEf+yZC4wyHsdnOsd7MsjpDEtSGx4QSguaYGTQMhZrGxC+3+UMtXXXIrGy7yRj8z38vDJ96tV8MKZ+kpSvNGArGwbDjBmvSPxUrcjkmk4HXiQi1JYGMukblNqoN0iWeREUtCmHPVOHxzZmM+sI= C:\Windows\tasks\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-6.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-6.exe /rawdata=SktiLcoIYcz+JAoClZMnr6gK5QS+zmzvBkR1U/l6SQcfo6Tx9jzjvgzJbc0msZL5yvghqzBsdLK82jXTYwK+ALTMxJWXRvoU3AEtVnYFSl4UqvCF5aPfAmxWjO4LbmbIUWF6oIQTI9m1G0cryrj9DawF/KPF50MTq1UhJ1lRd0N6ITcxcBmk1wFf5ZcRI42kk8oG9JltLaWtahaIPD5A/OxW11xl3w8gIkWyDKgn5QxthPmZty2jTp64CUF8nR+S998pONyESzzJkUQ0fgXgOshxrLEGTbYABq334aRENVdPw+/RMI38vNmSFjVgSiv8B3zM495uTxVbaeS5j7f9R5h3LGHitOvP7lSmlzDC2wsMgnF8APjWPzA65JXHG2Fm7GvPSlO/Y4itnj/MyQpSD2uBnsQnI/Eu500SlRRybtaRzmgr65PoUlOxden0+7npqHyKXFVrilfoVmuIPFwPEjPf+1WhBTidBmeLEO+zvNYDN7THEjyLrTryQUcGEhxkk6Evv/fOEmFsQEe+pTWVNdnXXfWjd+eTOVRYP4CKPB7HV+fuGpsiw//3dnhkBk5j+2TQ5D9k/4gofCcAoKvrgQCBStSeE2H+BvP6lafM/54eR7APPaKfS0I3z+1UYpk4GUftI3xyyquCR1IxCQ4HBL7JGln82tLe2bdg9jPkJjKjO4O49jE/+5gvd+oLmFcuSIPxv6CSXAZDtHxNwSd0GibSV9LJtIwaOzFtj9Zze6XgxUQYCSR6fBQTA25mZI733jVGqSYoSjF07IJTCGhVdmV2hjDKJ8SkwhmVLXDhLut1UIyoLw3zVtAigRQR7gHD7QbdUfqK/UGeB4bH4hg6/CBFcJHxby2RrORKbQODimRO3gxbrQIDiXdOgAG2kXSDS585mRBun2Bmr4lm3+94/7kZ/kQ/3R1zT0Vpk2oMmC0wRpLyniPWH84m2tITtcvhaZ+gsr0618H6eqmpF49oVaqWO2jNlxnU2DIu2Qu4fUWBH5FiN6wUCIPa2cEM4ClsRH4LVhfV6rzjVCLTF67BshgeNz1YH8MguNs5i4YWpp2rVNOc1muUq9Bjy+TAyIVDXh0/vEvrIG3kYo6njCyaI0V1IQUYJshBaNddS2FpcQkWqwiLLcxmeZKK4nKn6ZKCPfSPUnOD2M07PMLoUFa62RRm8XHQNiDZkSSij0T8td0/NBsjDCN+lgOtQQdF3zFVAxJnfi4xkaNFL8HAEJ1OjOC7O0jNRjDjeSC9BacGnHZSI+jlGwWM8F70u679n7dXBwvwaQr7YZyipMVh6VnGddhR6nzJFIo3gHh6W2Da938Cj+huEdsO56nGQ5CusVR86PhDNpXtYB5C4D1gPrZ21oI4Q35N6s/gANKHxrksjArHzE3TD4NBOhm5yKQTmSkOgdf4+oVgJYDqbUr6JPmk4MlCyabi1xheXyeQ4kS+tCFlmeTpHkb3pYRTVlilgbmnvozPl0EcGaaLsVAKRwJZy6RHiudBBk3u91cLnLM8e0/YQXw2oG19Py4EPGW3XmVZBcfzfbnwChhtumj6ZUtPjI21ljr3VGWU44LGaliOrtNAWJ6yw37Icd/pl1pMFqtb8PdjdgxRNNlDwxhbYFt8vWWYf2/WzYVH9ExwJ3b1u/BUt0iVar1sLZ/W2I5aVjwhwmHObqIlsdaDzj+iS9opjkRPJl3OhHMYiljuvCPi10zBgdVXAeCV5Ls5Td8WwcTsUtN46ZoPUJk147V5e2LaLSnjnORIDgMucDK/fQTMZ20GKTAbmCJIUJggYsFRTAs4YqjDLz85gHTc6gnFjFFdqqJB95dkXXwjukNxQKlu4hftQ4gSy7Yx/m9jqQ7+P7Z1b/PPxdKr/vQMYL8vBkVyCg== C:\Windows\tasks\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-7.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\61e1dd7e-cee3-4fd2-9483-5d6995bd748c-7.exe /rawdata=uu9XrZ6Trpx4+QItXmJti2lE0dlhRZQKk6eJ30qvGFvWShNM65HZbaHUWbK3w6d+IeWsz6RABXaZOCvJw4O9oOSW+MaO7cItHEBBQtGe7spilL8xFhOorgo00LYEqCL5SnnpCX5eK57kYBxosqt6IunzV+wcLxSbtTdUVEkRMQ1jSG5CvAca7JoDsSk6hjR4JRt2cvyapooewWT68UxSFyjpGDZlbHj91xj0LQC6M2LJS7jKxHuInSHUjhlInAHS43YVr6pp0vLv3jeLuHDmKD5h84WBVeGbsCDYaN8EG5WA/3AYybaS8cylBNYddFFaal/rAiw9lO99wQkUa+47x4N/e8TGDZviq5XzJu2Og6OJfio6WBrTl3YcVouAW/k05lafIZja3bceGHSr8qK2t/mPn1q9d5pC4D+f5sAhJSOX/OvLtfJ7xvtu9qn/HVJALZyEmkTXmqOjAUWMqSzRX81ueiqIzPajpAh+Y09ezSqi3L8uG11DPpxWM8WnW9OvVr6os+Y+81Xd6SvvWJQ0xunBgMs0B8Tgt50tcIKqMyk0+Amia+KU+oOQ65fFlfGoIFds2rjAs3rnc/OEp9ec0YnzR/yC50v4ANqHEtlGG48guzlaD2CiUxIEZQSR2aYkcjygiHcA1X1tE6ifkx+Aaya1TPvCxs86F7OE7+Fwd9K5EjNjGCmbBIzLUvvURKtF8yw3VtuE5M1op0RbrvOCQ0/N/Cr6AxBAtXiEM6lyIgHQL0TSSOcizJ6BgUK7YUXR9AjIzGZQFre0Opct0sTYT0qOHBVBMiTv/jq2qLt7JJ+ZuDj2nLw/yfYoBorfbP9Ayl09/BVbSzWZG+v89adwuSjgS/Rt6gzTAMx64n2CyuEEwWju8zu6u+xG96YpuNbwlSIFfD1rpjWfZAYRl0zwIZ//FzeAHCUocEW2s4PsT3K4m2nKvOsOO7uJD20sYRrb1LO9cIqhtjj16nZwl2d8uRrY64ctLMb1Pkqoau5cFVjPfSZFku7+B7+90ZhW6bFMW1c7HbQL3LKAs0Y3FAtVjQWOYFfzBIMKG5RLjDrlZnOa9T5QKlHXqlyuJQowzCC6zztCtjXRJryysHy/eNTQNc+kQ3DuQrNRVmsfCrsMc2MzKCmDy23OqPp+ow0HajAvd25VS0aKBAlNGfIyNUTKEqBUuHPsbBhQgymrzg4f+ASvv4SmXNeDNrbpqg17wX4yytv9mx8OqGZuoI+Kxh1+DnpYMizC1G+5K7oJo0t65e4edAbJU64YsH+5KjXXIyPxP/G9QaEZbq3W3+eL4z4LMkdl/GGG8VvBD1zrkjhzkaRLFJEn5BHqahOcM/KugOiMYsgZoNmujTResw6CnAB+2nPm0ducBFmdQIO58vXUzN7FEbAu/M443dQvp2qpZrLPLJ46JUkB8GF4QRei4l4ikQbc19srj43kP2jS89cZvs12Jnzmqc6rREGJCrctMCG0QrVa7QagyS60GklYwdEtKjuKAxA9HnzSO9W5e7GzvJjcwXxfBq4gqnDM4Fhg65VPKYMpmnxP+ADkaKYO4GF/yJpyIsOWJ/IhVpFyt3ymTbmGguxBmIjEKu76Y2K/UDUvMihznqqozpJk/Uf2/JiWYB1kJwBIbxApAispflRClgOn8W7A+j1isoKcl54d6SFq8sNzV4piBFg2cPY9h7WXE/KEJv7XVI8cgZu5oBHIlCFNdfuQOGKgcHiyfPKTQkSj3rtJf+JapX4Od3WgY+fQcHTmeWw5iCud1/HCBs6sKqpDT1yfYq89UlNvsU8l3z07PYY46F+Vaw9vvFoGi+LIi/oX6vUKmZ0MQFz9WhVmcxKfUx7M/Wq470XfDJCTO4LGMES6Ru98PqRqHdnlEDwmoA== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\APSnotifierPP1.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier2 B C:\Windows\tasks\APSnotifierPP2.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier 4 C:\Windows\tasks\APSnotifierPP3.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier 6 C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{5C2418A2-35C7-4DDD-BAD9-ED6BA5AB3D3C}.exe --uninstall=1 C:\Windows\tasks\df42e615-93d4-4aae-b66b-b8dcf690b9e3.job - C:\Program Files (x86)\videos_MediaPlayers_v1.1\df42e615-93d4-4aae-b66b-b8dcf690b9e3.exe /agentregpath='videos_MediaPlayers_v1.1' /appid=64969 /srcid='002082' /subid='verticals-Ads,Intext,Shopping' /zdata='0' /bic=456916052A2B4C8C822F4EE0586BC11EIE /verifier=d87e4d494351b89824be826d526c4971 /installerversion=1_35_09_29 /installationtime=1413014536 /statsdomain=http://stats.newdemoonlinecloud.com /errorsdomain=http://errors.newdemoonlinecloud.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,184-0 /monetizationdomain=http://logs.newdemoonlinecloud.com /runfrom='task' /externallog='' C:\Windows\tasks\DK.job - C:\Users\Eigenaar\AppData\Roaming\DK.exe /infocmdline=JJpROOnOSfa5V0Cpn6E00qBd4inJoqcnfZjhcsyPqCKn0eGQLzeaUbi28CPiYAiDheCieXVMavsH3Bn2JHa38vhq3+h0JDwOExwlrWf/8FFF1VTxATWsGkkbDUnePh54rjdaK3jrNAZRqZpvNOYl/Th2kaiJiIiebYDGc9vOtQ0+z3dzkUMx3IrmftlkPLzyW+4ZCjs5dc41NbZzDsX+ZE/elG1OpswLSBZA/JugAUuCwuj1rlcAPlztjidiWrV/y6+9HwZIEXyui/TEolCV4/4F9IGwFp/+5wukx6pHWZ6cG/m/fKoLH3uIYQH0ojsoz3Gz51wc7dmdPjPycXoEF6WctW1DfMz5+TXpEvxaeQpaWQ8hYmhrAIcYm12LTfcCxSPH8RvEOYMc8QLf/g25cbEd3SXh6rJ3UXBjYodkon9+WIwqpXFD19J0kCgQmJ3cSp1+Hc8eY9Pk64whrguVSMTbH0IfUjQTLPgdCbgTkcDRWbAf+V+F8i4o8x1mRqNy C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\PennyBee.job - C:\Users\Eigenaar\AppData\Roaming\PennyBee\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\tasks\RegClean Pro_DEFAULT.job - C:\Program Files (x86)\RCP\RegCleanPro.exe -default C:\Windows\tasks\RegClean Pro_UPDATES.job - C:\Program Files (x86)\RCP\RegCleanPro.exe -updatecheck C:\Windows\tasks\SpeedChecker Update.job - C:\Program Files (x86)\ver5SpeedChecker\i1SpeedCheckeru59.exe /update C:\Windows\tasks\WHQVJQ.job - C:\Users\Eigenaar\AppData\Roaming\WHQVJQ.exe /infocmdline=SzZ64bXFXpnh3ybboWNafsJnHvG99wIc6a+VVobqEdu6UKfSKVaG3hVUp5UFrT4TRz9JOZOt9zkl99+1monGKy2V3OP1MYXPFL0nBHCwLn2ZMuM9Ui2Va/BW6HFZBTEGzV+eag4S9+2123zW7yxc1XtunSaDY7CFfJDDF6uxB/41wur3zrbOyznVuWHSVwoEv6YCI0MrW1fdJOKmd/aGCTss+rFhU7YiJZsDjJVmMcwZ5nMR73qFg3nFNJVIvkazD4gL6p2mK3D+ykpmrAmzBh/LTm/hN2suhziZl88bB+6+Aj/HIuZLi89Ezxc42QjviM0VgplEBSUQZbnYeke7/Lsvih1BUr7YbQ6JZMb+kJEOPtrjPbz28JjLntnuM+vJa5UQuUXyLh1y6HStPtr6lSuAHqpUt7RrRM3pPDTZCHibJPZjPKzz32cwReCWqCCE7v4JRCQskz3ZvCLpYdl5XtWZpNKNh9qzw3UtkA/jIsWJfo2mOXJ1Wrr3++pLzbN6 C:\Windows\tasks\WSE_Astromenda.job - C:\Users\Eigenaar\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE /Check ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{015162B1-93F0-3782-BE36-06C2A9512C4C}] SpeedChecker - C:\Program Files (x86)\ver5SpeedChecker\180_x64.dll [2014-10-11 308736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611491169}] videos_MediaPlayers_v1.1 - C:\Program Files (x86)\videos_MediaPlayers_v1.1\videos_MediaPlayers_v1.1-bho64.dll [2014-10-11 826768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611491169}] videos_MediaPlayers_v1.1 - C:\Program Files (x86)\videos_MediaPlayers_v1.1\videos_MediaPlayers_v1.1-bho.dll [2014-10-11 610192] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-10-11 515464] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll [2014-03-18 3461144] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll [2014-03-18 3461144] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-12-31 2587944] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Device Detection"=C:\Program Files (x86)\HEMA Fotoservice\dd.exe [2014-05-21 861264] "HP Photosmart 5520 series (NET)"=C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-07-13 6564120] "AVG-Secure-Search-Update_1213b"=C:\Users\Eigenaar\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=0eff570c148247d18320854de0f6c032-d71f132ff842d71721a1d1dbabafc020b3ee1894 /CMPID=1213b [] "iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2014-08-08 43816] "ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-08-14 43816] "BRS"=C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [2014-10-11 1043968] "Optimizer Pro"=C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2014-10-08 148048] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "PennyBee"=wscript /E:vbscript /B C:\Users\Eigenaar\AppData\Roaming\PennyBee\UpdateProc\bkup.dat [] "WSE_Astromenda"=wscript /E:vbscript /B C:\Users\Eigenaar\AppData\Roaming\WSE_Astromenda\UpdateProc\bkup.dat [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe [2011-09-29 3058304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\Windows\system32\hkcmd.exe [2011-07-01 392472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] C:\Windows\system32\igfxtray.exe [2011-07-01 167704] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] C:\Windows\system32\igfxpers.exe [2011-07-01 416024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-16 12673128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper] c:\programdata\SetWallpaper.cmd [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk] C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE [2010-12-31 548528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk] C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2011-09-29 12862] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-13 2018032] "SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-10 984400] "ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992] "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624] "HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016] "Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-08-25 5188112] "vProt"=C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2014-09-08 2640408] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056] ""= [] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-09-01 152392] "mbot_nl_41"= [] "ConvertAd"=C:\Users\Eigenaar\AppData\Local\ConvertAd\ConvertAd.exe [2014-10-11 2127872] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "VOPackage"=C:\Users\Eigenaar\AppData\Roaming\VOPackage\VOPackage.exe [2014-10-11 284812] C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe StormWatch.lnk - C:\Users\Eigenaar\AppData\Local\StormWatch\StormWatch.exe StormWatchApp.lnk - C:\Users\Eigenaar\AppData\Local\StormWatch\StormWatchApp.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-06-26 389632] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-10-13 12:12:37 ----D---- C:\Program Files (x86)\predm 2014-10-13 11:09:20 ----D---- C:\Program Files\trend micro 2014-10-13 11:09:19 ----D---- C:\rsit 2014-10-11 10:17:00 ----D---- C:\Users\Eigenaar\AppData\Roaming\ap_logs 2014-10-11 10:17:00 ----D---- C:\Users\Eigenaar\AppData\Roaming\AnyProtectEx 2014-10-11 10:16:52 ----D---- C:\Users\Eigenaar\AppData\Roaming\ap_movie 2014-10-11 10:16:45 ----D---- C:\Program Files (x86)\AnyProtectEx 2014-10-11 10:03:17 ----A---- C:\Users\Eigenaar\AppData\Roaming\DK.exe 2014-10-11 10:02:42 ----D---- C:\ProgramData\IePluginServices 2014-10-11 10:02:35 ----A---- C:\Users\Eigenaar\AppData\Roaming\WHQVJQ.exe 2014-10-11 10:02:34 ----D---- C:\ProgramData\WindowsMangerProtect 2014-10-11 10:02:33 ----D---- C:\Program Files (x86)\SupTab 2014-10-11 10:02:29 ----D---- C:\Program Files (x86)\globalUpdate 2014-10-11 10:02:27 ----D---- C:\Program Files (x86)\videos_MediaPlayers_v1.1 2014-10-11 10:02:11 ----D---- C:\Users\Eigenaar\AppData\Roaming\omiga-plus 2014-10-11 10:02:07 ----D---- C:\Users\Eigenaar\AppData\Roaming\Optimizer Pro 2014-10-11 10:01:52 ----D---- C:\Program Files (x86)\ver5SpeedChecker 2014-10-11 10:01:52 ----A---- C:\Windows\system32\drivers\webinstrNew.sys 2014-10-11 10:01:46 ----D---- C:\Users\Eigenaar\AppData\Roaming\VOPackage 2014-10-11 10:01:39 ----D---- C:\Program Files (x86)\Optimizer Pro 2014-10-11 10:01:36 ----D---- C:\Program Files (x86)\FastPlayer 2014-10-11 10:01:17 ----A---- C:\Windows\score.exe 2014-10-10 18:38:55 ----D---- C:\Users\Eigenaar\AppData\Roaming\Astromenda 2014-10-09 17:17:25 ----D---- C:\Program Files (x86)\EPUB File Reader 2014-10-09 17:15:32 ----D---- C:\ProgramData\Systweak 2014-10-09 17:15:31 ----D---- C:\Users\Eigenaar\AppData\Roaming\sparta111 2014-10-09 17:15:31 ----D---- C:\Program Files (x86)\ASP 2014-10-09 17:15:29 ----A---- C:\Windows\system32\sasnative64.exe 2014-10-09 17:15:28 ----D---- C:\Users\Eigenaar\AppData\Roaming\PennyBee 2014-10-09 17:15:18 ----D---- C:\Program Files (x86)\PennyBee 2014-10-09 17:15:15 ----D---- C:\Users\Eigenaar\AppData\Roaming\StormFall 2014-10-09 17:15:14 ----D---- C:\Users\Eigenaar\AppData\Roaming\WSE_Astromenda 2014-10-09 17:15:14 ----D---- C:\Program Files (x86)\WSE_Astromenda 2014-10-09 17:15:12 ----D---- C:\Users\Eigenaar\AppData\Roaming\Systweak 2014-10-09 17:15:09 ----D---- C:\Users\Eigenaar\AppData\Roaming\1H1Q 2014-10-09 17:15:09 ----D---- C:\Program Files (x86)\RCP 2014-10-09 17:15:03 ----D---- C:\Program Files (x86)\Tweaks 2014-10-01 09:48:23 ----A---- C:\Windows\system32\qdvd.dll 2014-10-01 09:48:22 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2014-09-30 21:05:05 ----D---- C:\Program Files\iPod 2014-09-30 21:05:04 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-30 21:05:04 ----D---- C:\Program Files\iTunes 2014-09-30 21:05:04 ----D---- C:\Program Files (x86)\iTunes 2014-09-29 13:26:02 ----A---- C:\Windows\SYSWOW64\tzres.dll 2014-09-29 13:26:02 ----A---- C:\Windows\system32\tzres.dll ======List of files/folders modified in the last 1 month====== 2014-10-13 15:01:05 ----D---- C:\Windows\system32\Tasks 2014-10-13 13:07:49 ----SHD---- C:\System Volume Information 2014-10-13 12:32:33 ----D---- C:\Windows\Temp 2014-10-13 12:12:52 ----RD---- C:\Program Files (x86) 2014-10-13 11:19:26 ----D---- C:\Windows\system32\config 2014-10-13 11:09:20 ----RD---- C:\Program Files 2014-10-13 10:59:13 ----D---- C:\Windows\Tasks 2014-10-11 10:02:55 ----SHD---- C:\Windows\Installer 2014-10-11 10:02:42 ----HD---- C:\ProgramData 2014-10-11 10:01:54 ----D---- C:\Windows\system32\drivers 2014-10-11 10:01:17 ----D---- C:\Windows 2014-10-09 17:15:29 ----D---- C:\Windows\System32 2014-10-09 17:15:12 ----D---- C:\Windows\Prefetch 2014-10-09 17:09:38 ----D---- C:\Windows\inf 2014-10-09 17:09:38 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-10-07 11:56:38 ----D---- C:\ProgramData\MFAData 2014-10-07 11:53:14 ----A---- C:\Windows\SYSWOW64\log.txt 2014-10-07 11:52:26 ----D---- C:\Users\Eigenaar\AppData\Roaming\Dropbox 2014-10-04 15:05:29 ----D---- C:\Windows\SysWOW64 2014-10-02 09:24:32 ----D---- C:\Users\Eigenaar\AppData\Roaming\Belastingdienst 2014-10-02 09:08:41 ----D---- C:\Windows\winsxs 2014-10-01 09:45:20 ----D---- C:\Windows\system32\catroot2 2014-10-01 09:45:20 ----D---- C:\Windows\system32\catroot 2014-10-01 09:39:30 ----A---- C:\Windows\system32\AutoRunFilter.ini 2014-09-30 23:09:03 ----D---- C:\Users\Eigenaar\AppData\Roaming\Apple Computer 2014-09-30 21:42:04 ----A---- C:\Windows\SYSWOW64\acovcnt.exe 2014-09-30 21:00:58 ----D---- C:\Windows\system32\DriverStore 2014-09-30 03:00:53 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-09-30 03:00:53 ----D---- C:\Windows\system32\nl-NL 2014-09-29 14:20:28 ----D---- C:\Windows\rescache 2014-09-29 14:02:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-09-15 11:03:22 ----D---- C:\Users\Eigenaar\AppData\Roaming\HpUpdate ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512] R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-07-29 14456] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-06-17 269080] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-12 50976] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] R2 webinstrNew;webinstrNew; \??\C:\Windows\system32\Drivers\webinstrNew.sys [2014-10-11 56504] R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488] R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-05-24 2750464] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-31 138024] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-06-26 12231584] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360] R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912] R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-23 143120] R2 70e6ca8c;Optimizer Pro Crash Monitor; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-08-28 43336] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-07-08 88704] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-10-11 715656] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656] R2 PennyBee;PennyBee service; C:\Program Files (x86)\PennyBee\PennyBee.exe [2014-09-17 54272] R2 scores;scores; C:\Windows\score.exe [2014-10-10 4834816] R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280] R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-12 1820184] R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-10-11 528896] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-09-01 640840] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-08-25 1417160] S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 FastPlayerUpdaterService;FastPlayer Updater Service; C:\Program Files (x86)\FastPlayer\FastPlayerUpdaterService.exe [2014-09-30 11776] S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-11 68608] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664] S2 servervo;VO Service component; C:\Users\Eigenaar\AppData\Roaming\VOPackage\VOsrv.exe [2014-10-11 70656] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-29 267440] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-11 68608] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-19 111616] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-10 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------